Back

DNS overview

Domain name system

A DNS (Domain Naming System) is a distributed system that resolves a host domain to an IP address. To put it simply, a DNS is a database that matches domain names against IP addresses. This requires a huge amount of servers interacting via a specific protocol.

When you open "example.com" page in your browser, this is what happens:

  • Your browser queries a DNS server to get an IP address of "example.com"
  • A DNS server provides your browser with an IP address in the format X.X.X.X (where X is a number)
  • Your browser sends an HTTP request to that IP address
  • A server X.X.X.X sends an HTTP response to your browser

With a DNS hosting service, you can delegate management of domain resource records to the authoritative servers.com name servers.

DNS records

The key entity to operate with the entire DNS system is a DNS record. A DNS record is domain related mapping information stored on DNS servers.

A record An address record that links a domain name and IPv4 address
AAAA record An address record that links a domain name to an IPv6 address
ALIAS record Unlike A record, it points a domain to a hostname but not an IP address
CAA record A record that specifies which certificate authorities (CAs) are allowed to issue SSL/TLS certificates for your domain
CNAME record Canonical name record server for redirection to another domain name
MX record This record points to mail exchange servers for the domain
NS record A name server record that defines DNS servers for the domain
PTR record A reverse DNS record links an IP address to a canonical name. It's used in mailing to reduce spam
SOA record A Start of Authority record points to administrative data about your domain zone
SRV record A server selection record is intended to point servers for such services as Jabber or Active Directory
TXT record A free text associated with the domain

CAA record

A CAA (Certification Authority Authorization) record is a DNS record that allows a domain owner to specify which certificate authority (CA) is authorized to issue SSL/TLS certificates for their domain.

This record enhances domain security by preventing unauthorized certificate issuance, reducing the risk of fraud and phishing attacks.

A CAA record consists of three key parameters:

Flag An integer that defines how the CAA record should be processed. Currently, only two flag values are supported: 0 and 128:
  • 0 (Non-critical): allows the certificate to be issued without strict enforcement of the record
  • 128 (Critical): rejects the certificate request if the DNS server or certificate authority (CA) does not recognize or support the CAA record
Tag A string that specifies how the CA should handle certificate issuance requests:
  • issue - allows a specified CA to issue standard certificates
  • issuewild - allows the issuance of wildcard certificates (e.g. "example.com")
  • iodef - specifies a contact email for receiving violation notifications related to CAA policies
Value A string containing at most one CA identifier that is permitted to issue certificates for the domain

Price

servers.com's DNS service and its features are completely free.

Suggested Articles