DNS in a Nutshell

  DNS

In this article, you will learn:

DNS Infrastructure

DNS stands for Domain Name System. These are sets of data that allow resolving various domain requests, such as which IP address corresponds to that domain’s website, or where to find the mail server.

DNS uses a tree structure: each domain name resolution request starts at the root, and the servers of various services forward it further up the branches until it is resolved. First, the TLD is resolved by the registry servers. Next up is the resolution of the FQDN by the DNS servers set for that domain and run typically by the registrar or hosting provider.

In each branch, the request resolves any relevant DNS records it finds. Those typically direct to a specific server, including other DNS servers.

DNS Servers

DNS servers are powerful computers whose sole purpose is to store and provide DNS records. Every domain needs a DNS server to function properly, but the minimum is usually 2 or more synchronized DNS servers.

WEDOS uses 4 DNS servers placed in different geographical locations:

ns.wedos.net
ns.wedos.cz
ns.wedos.eu
ns.wedos.com

A DNS provider’s system verifies data synchronization using serial numbers.

Avoid using DNS servers that are not synchronized with each other (typically servers of different providers).

When you register a new domain, the registrar will usually provide you with their DNS servers. If you transfer the domain instead (from one registrar to another), the DNS servers remain set to the original provider, who can delete the records and cause the domain to stop functioning.

To set our or other DNS servers for a domain registered with WEDOS, follow the instructions Domains – DNS Servers (NSSET).

If you want to set WEDOS DNS servers with another registrar, set the DNS servers above according to the instructions of this provider, or the WEDOS NSSET for CZ domains.

DNS server change propagates gradually, the update time of DNS server information is significantly longer than that of DNS records. A large part of the changes will usually propagate within a few hours. However, some services can still retrieve data from the original DNS servers up to 48 hours after confirming the change.

If you are changing DNS servers, set the correct DNS records on both the original and new DNS servers. This will prevent outages and other unexpected behavior

NSSET

Because it is easy to make mistakes when listing specific DNS servers, some registries support resolution using NSSET, i.e. a set of DNS servers. Each NSSET has a unique name within the registry, which you enter instead of listing individual DNS server addresses.

Our NSSET name with the CZ.NIC registry is WEDOS.

Primary, secondary and authoritative DNS servers

The primary DNS server contains a zone file that lists the domain’s DNS records. Secondary DNS servers download this information from the primary server and thereby help distribute the load (sometimes with the support of caching DNS servers). Data transfer takes place via the AXFR protocol.

Authoritative DNS servers form a set of one primary and usually at least one additional secondary DNS server. They contain authoritative data for the domain, which means that they do not download DNS records from other servers.

You can set WEDOS DNS servers as secondary, i.e. enable them to download DNS records from other authoritative servers via AXFR. You can find more information in the article DNS – Secondary servers.

DNSSEC

DNSSEC is a technology that prevents DNS injection attacks. More information and setup instructions for domains registered with WEDOS can be found in the article Domains – DNSSEC.

DNS Records

DNS records contain specific data for routing services using domains. They may also contain various settings or verification codes.

You can have DNS records stored on different providers’ DNS servers, but only those on authoritative DNS servers, i.e. those set up for the domain, work.

WEDOS automatically creates DNS records for domains that the customer registers with us, or for which they create services with the corresponding domain name. You can also create a DNS entry manually according to the instructions DNS – Add Domain.

Whenever you edit DNS records, make sure you are working with the correct DNS server provider. You can have a domain with WEDOS, but another provider’s DNS servers. Make changes to DNS records where you have DNS servers, they have no effect otherwise.

You usually edit DNS records manually. If your domain uses WEDOS DNS servers, follow the instructions in DNS – Domain Records. In some cases, however, you can have the DNS set automatically, for example while ordering a hosting service for that domain, renaming a service or setting a Webhosting alias, or directing the domain to an existing WEDOS service.

Changes to WEDOS DNS records usually propagate within 1 hour.

The system stores all changes made to DNS records in a log accessible according to the article DNS – Record History.

Naming DNS Records

The behavior of DNS record names may vary from provider to provider. The information below applies to WEDOS DNS.

If a DNS record should refer to the main domain (e.g. domain.tld), you leave the field empty.

For subdomains (e.g. eshop.domain.tld) you only specify the name of the subdomain (e.g. eshop; if you specify the name eshop.domain.tld, it will apply to the subdomain eshop.domain.tld.domain.tld).

The name * indicates all subdomains that have no entry of their own. If you assign any record to a subdomain, records with the name *, including those of a different type, will no longer apply to that subdomain.

DNS Record Types

There are a large number of types of DNS records, based on which the system recognizes how to deal with a given record. WEDOS supports the following record types:

  • A: Directs to an IPv4 address.
  • AAAA: Directs to an IPv6 address.
  • CAA: Allows SSL certificates.
  • CNAME: Directs subdomain to an existing domain. Incompatible with other records on the same subdomain.
  • MX: Directs emails.
  • NS: Delegates subdomain DNS.
  • SRV and NAPTR: Specify information about services.
  • SSHFP and TLSA: Expand domain security possibilities.
  • TXT: Allows to add a text string for various settings (such as the SPF record for email security), and verification.

WEDOS DNS doesn’t support the SOA record and replaces it with separate DNS server (NSSET) management.

Glossary

  • Authoritative DNS servers: DNS servers carrying binding information about a domain, which all devices on the Internet must follow.
  • AXFR: A protocol for transferring DNS information.
  • Caching DNS server: An auxiliary DNS server facilitating DNS record availability and relieving the main DNS server’s load.
  • Data (DNS record): The DNS record value.
  • DNS record: Domain or subdomain routing information or other data.
  • DNS server: A server specialized in storing and providing DNS records.
  • DNSSEC: Technology preventing domain misuse through DNS injection.
  • FQDN: Fully Qualified Domain Name (e.g. wedos.com).
  • Glue record: A special record for dealing with cases where the DNS server contains a domain in its name for which it is authoritative.
  • IPv4: A numerical address of a device on the Internet, e.g. 46.28.105.2. It is stored in a type A records.
  • IPv6: A newer numerical address of a device on the Internet, e.g. 2a02:2b88:1:4::16. It is sored in type AAAA records.
  • Name (DNS record): The name of the subdomain to which the record applies.
  • NSSET: A single unique name for an entire set of DNS servers.
  • Primary DNS server: The main server storing a domain’s DNS records.
  • Reverse record: A special record allowing the derivation of a domain name from an IP address. You normally set it for VPS servers and the Cloud.
  • Root DNS server: One of the 13 core DNS servers managed by ICANN.
  • Secondary DNS server: A DNS server downloading DNS records from elsewhere via AXFR.
  • TTL (DNS record): Time To Live. The DNS record update period in seconds.
  • Type (DNS record): Determines the DNS record purpose and evaluation procedure.
Děkujeme za zpětnou vazbu!