What are DNS records? 
Explore IBM's DNS solution Subscribe for AI updates
Colleagues sitting around a shared desk, looking at computer monitors

Published: 22 January 2024
Contributors: Camilo Quiroz Vazquez, Michael Goodwin 

What are DNS records? 

A Domain Name System (DNS) record is a set of instructions used to connect domain names with internet protocol (IP) addresses within DNS servers. DNS makes it possible for users to browse the internet with customizable domain names and URLs rather than complex numerical IP addresses.

This function—translating human-readable domain names into machine-readable IP addresses—is the reason that DNS is often referred to as "the phonebook of the internet." DNS records are a vital part making this process fast and secure for internet users.

DNS records exist as text-based files known as “zone files” written in DNS syntax. They serve as a record and set of commands on how to handle DNS queries. When a user searches a domain name or URL or takes action related to a domain name in a web browser, this is the beginning of a DNS query. A series of DNS servers then communicate with each other to resolve this query. DNS servers rely on DNS records to connect that user with the corresponding IP address and resolve all other issues. DNS records are stored on authoritative DNS servers also known as authoritative nameservers. They contain information on how frequently a server will refresh the DNS record, known as time-to-live (TTL).

Commonly used DNS records include: A and AAAA records, CNAME, DNAME and ALIAS records, CAA records, CERT records, MX records, SOA records, NS records, PTR records, SPF records, SRV records and TXT records. Each of these records has a unique function and understanding each is an important part of a functioning DNS system. 

Improve performance with global server load balancing

See how DNS and real user monitoring (RUM) data provides greater functionality at a lower cost.

Related content

Register for the ebook on observability myths

Common types of DNS records

DNS management relies on the interconnectedness of DNS servers. Knowing how your DNS servers interact with each other through DNS records will make managing your DNS a less daunting task. 

The most common types of DNS records are: 

A records

Address records, or A records, are the most common DNS records used. They create a direct connection between an IPv4 address and a domain name. IPv4 addresses have the following format: 93.184.216.34.

AAAA records

Like A records, this type of record connects domain names to IPv6 addresses. IPv6 addresses have more numerals than IPv4 address and are becoming more common as options for IPv4 addresses are running out. 

CNAME records

Canonical name records, or CNAME records, direct an alias domain to a canonical domain. This means that this type of record is used to link subdomains to domain A or AAAA records.

For example, instead of creating two A records for www.example.com and product.example.com, you could link product.example.com to a CNAME record that is then linked to an A record for example.com. The value is that if the IP address changes for the root domain, only the A record will have to be updated and the CNAME will update accordingly. 

DNAME records

Delegation name records, or DNAME records, are used to redirect multiple subdomains with one record and point them to another domain.

For example, a DNAME record linking domain.com to example.com will link product.domain.com, trial.domain.com, and blog.domain.com to example.com. These records are helpful in managing largescale domains and in managing domain name changes by ensuring subdomains are properly linked.

CAA records

Certification authority authorization records, or CAA records, allow domain owners to specify which certificate authorities (CAs) can issue certificates for their domain. A CA is an organization that validates the identity of websites and connects them to cryptographic keys by issuing digital certificates.

CERT records

Certificate, or CERT records, store certificates that verify the authenticity of all parties involved. This type of record is particularly valuable when securing and encrypting sensitive information.

MX records

Mail exchange, or MX records, direct emails to your domain mail server. These records, along with an email server, allow for the creation of individual email accounts, such as user@example.com, that are linked to the domain (example.com).

NS records

Nameserver, or NS records, show which DNS server is acting as the authoritative nameserver for your domain. Authoritative nameservers contain the final information about a specific domain and its corresponding IP address. An NS record points to all of the different records your domain holds. Without NS records, users will not be able to access your website. 

SOA records

Start of authority, or SOA records, store important administrative information about a domain. This information can include the domain administrator’s email address, information on domain updates and when a server should refresh its information.

PTR records

Pointer records, or PTR records, work in the opposite direction of A records. They are used to connect an IP address with a domain name, instead of a domain name with an IP address. When a DNS lookup begins with an IP address, it then finds the corresponding hostname. These records are used to detect spam by checking if the IP addresses and associated email addresses are used by legitimate email servers. PTR records must be set up by the server host.

SPF records

Sender policy framework, or SPF records, are used to identify the mail servers that can send emails through your domain. This helps prevent your domain from being used by spammers or for malicious purposes by letting email receivers know that what they are receiving has been authorized.

SRV records

Service, or SRV records, identify a host and port for specific services, such as messaging, for a domain. Ports are virtual connection points that allow digital devices to separate different types of traffic.

ALIAS record

ALIAS records are used to direct your domain name to a host name and not an IP address. For instance, if your domain name is example.com, you can point it to product.differentexample.com using an ALIAS record.

NSEC records

Next secure records, or NSEC records, allow for proof of non-existence. This means that these records exist to confirm that other records do not exist. Being able to confirm the non-existance of a record saves time when searching for specific records.

URLFWD records

URL forwarding (or URL redirecting) is a technique used to make a single web page available via multiple URLs. NS1 Connect users can easily set up URL forwarding (HTTP redirects or masking) between zones. There are three types of URL redirects: Permanent (301), temporary (302), or masking.

TXT records

Text, or TXT records, store textual information related to domains and subdomains. Text records allow for the storage of SPF records and email verification records. DKIM and DMARC records, which are stored in TXT records, help email servers confirm that a message is coming from a reliable source.

Explore a guide to DNS record types
Why are DNS records important?

DNS records are a key component of web hosting and managing domain infrastructures; information about everything on the internet is held in DNS records. As organizations scale, managing domain names, migrations and mail servers becomes crucial for maintaining key business functions.

For an organization to effectively manage its DNS, administrators must take a thorough look at organizational necessity and understand the types of servers and managed DNS solutions that are most appropriate for the organization.

Related solutions
IBM® NS1 Connect

IBM NS1 Connect provides fast, secure connections to users anywhere in the world with premium DNS and advanced, customizable traffic steering.  Always-on, API-first architecture enables your IT teams to more efficiently monitor networks, deploy changes and conduct routine maintenance.

Explore IBM NS1 Connect 

IBM NS1 Connect Managed DNS

IBM NS1 Connect Managed DNS service delivers resilient, fast, authoritative DNS connections to prevent network outages and keep your business online, all the time.

Explore IBM NS1 Connect Managed DNS

DNS observability with IBM NS1 Connect

Quickly identify misconfigurations and security issues with customized, real-time reports based on DNS observability data. 

Explore DNS observability with IBM NS1 Connect
Resources What is the Domain Name System (DNS)? 

The DNS makes it possible for users to connect to websites using URLs rather than numerical internet protocol addresses.

What are cyberattacks?

Cyberattacks are attempts to steal, expose, alter, disable, or destroy another's assets through unauthorized access to computer systems.

What is networking?

Learn about how computer networks operate, the architecture used to design networks, and how to keep networks secure.

Take the next step

IBM NS1 Connect provides fast, secure connections to users anywhere in the world with premium DNS and advanced, customizable traffic steering. NS1 Connect’s always-on, API-first architecture enables your IT teams to more efficiently monitor networks, deploy changes and conduct routine maintenance.

Explore NS1 Connect Book a live demo