qstockmedia - Fotolia

Manage Learn to apply best practices and optimize your operations.

Common DNS record types: What they mean

The domain name resolution process has many steps. Our expert walks you through some of the most common.

Editor's note: This is the concluding part of Glen Kemp's series explaining the domain name system.

In my previous article, I described how the domain name system (DNS) works. In this section, I'm going to deal with common DNS record types and server responses.

Address records: The simplest response is an address (A) record. When the client creates a query for www.foo.com, the authoritative DNS server for that domain responds with one or more IP addresses.
To anthropomorphize slightly, the client asks a question and the server responds:
Client question: Who is www in domain foo.com?
Server answer: www is served by, and

There is no real order of preference here; the addresses are usually ordered randomly. The next client to make a request may get the results in a different order. Our client will just pick a single IP. If only a single IP address is returned, then it's a very short selection process.

Canonical name records: Rather than respond with a specific IP, the server may also return a canonical name record (CNAME). CNAMEs are a shortcut to direct multiple fully qualified domain names (FQDN) to a single host. For example:

Client question: Who is www in domain foo.com?
Server answer: www has the same IP as www.foo.org

In the above example, this resolving DNS would force the server to hunt through the DNS domain tree, starting again at the .org top-level domain to work out the IP for www.foo.org.

When the server gets there, it might find another CNAME record, as well as another. I've seen this in complex Web environments and adware or tracking platforms; everyone delegates to everyone else and finding the real IP address for or a connection you don't want to make is very difficult.
Name server records: If I'm going to have an argument with a first- or second-line support staffer about DNS, it's going to about the correct and legal use of name server (NS) records. NS records are designed to delegate an entire child domain (such as partner.foo.com) to an alternate provider. They can also, however, be used to delegate a single host; there is no real distinction in the usage. For example, you may wish to transfer control of www.foo.com to a fancy content delivery network that directs the users to a nearby replica of your server. By using an NS record, you can make the corporate front page somebody else's problem, but still retain control of other services that use the DNS.

Back to my corny example:

Client question: Who is www in domain foo.com?
Server answer: The name servers for www are at, and; go ask them.

Mail exchanger records: Mail exchanger (MX) records define the servers at the domain level responsible for inbound mail. The domains foo.com and partners.foo.com could be configured with different records. The child will not inherit the parent's settings. For availability, two or more A records are specified, each with a preference metric. 

MX records are slightly special in that they are only really used by mail-forwarding services such as sendmail, Microsoft Exchange, Lotus Notes (yes, people still use Notes), and, alas, spammers. Spammers love MX records. When I was a lad, the MX records pointed directly to your Internet mail server, or Simple Mail Transfer Protocol relay if you were really fancy. Today, however, most email feeds are routed to a cloud-filtering service.

The actual conversation looks something like this:

Client question: Who can handle email for an address in domain foo.com?
Server answer: The mail servers for domain foo.com are mail1.acmefiltering.com (try this one first) and mail2.acmefiltering.com.

When something breaks, the usual procedure is to start Googling error messages. When DNS itself fails, however, this strategy falls apart. DNS is a fundamental service that every administrator should have more than a cursory understanding. And it's a service you should be able to troubleshoot when the Internet breaks.

Next Steps

DNS: What you need to know

DNS as a tool for address management

This was last published in November 2014

Dig Deeper on Network Infrastructure