You surely know what’s 172.253.123.100. You use it every day when browsing the Internet. Or, perhaps you know it under a different, and easier-to-remember name: Google.com!
The name of your favorite website is pretty much a translation of a complex string of numbers, namely an IP address. In 1983, computer scientist Paul Mockapetris figured out that it would be much easier for us to use names for websites instead of lists of IPs.
After all, it is the job of machines to communicate through bits and numbers, while we humans are much better with human language. Mockapetris came up with a method of allowing humans to ”exchange information” with machines, and thus DNS came to fruition.
DNS is short for Domain Name System. Its purpose is to map a domain to an IP address. And you will shortly see that there’s more to this than meets the eye because DNS and PTR (Pointer Record) are responsible for a better understanding of networks and of the Internet overall.
What is a domain name?
Before we get to your topic, it’s important to give some context first. A domain name is an easy-to-remember address used to access websites. Popular examples include names like ”google.com” for Google or ”facebook.com” for Facebook.
A domain name is pretty much a translation of a unique IP address associated with a specific website. So, the domain name is what you type in the search field of a browser to reach your desired website.
Domain name and URL – What’s the difference?
A URL (uniform resource locator) is basically the web address of a particular website. An URL includes not only the domain name, but also other important elements, such as protocol and the path for a certain page of that website.
A basic breakdown of a URL looks something like this:
- ipway.com is the domain name;
- https is the protocol (Hyper-Text Transfer Protocol);
- /blog/ is the path to a specific page of the web, in this case, our blog.
Who manages domain names?
There are hundreds of millions of domains registered worldwide. But how are they registered and managed? This is the responsibility of ICANN (Internet Corporation for Assigned Names and Numbers ).
ICCAN allocates domains to registries, which then allow registrars to reserve domain names. The process itself is more complex and requires multiple parties to work together securely and efficiently.
What is DNS?
DNS is short for Domain Name System. It’s basically the Internet’s phonebook. We use domain names to access information in the online world. We do that by typing these names into our browsers. In turn, browsers interact through IP addresses. But in order for browsers to load the Internet resources, they need to communicate in a language all machines can understand, so an IP address.
DNS steps in here to translate the domain name of a website in a computer-friendly language, so into an IPv4 or IPv6 address. Surely, it is much easier for us to remember sites by names rather by IPv4 strings or, God forbid, alphanumeric IPv6 characters.
How does DNS work?
Connecting domain names with machine-readable IP addresses is done through something called DNS lookup. This process involves several steps, in which four DNS servers are employed.
Step 1 – Remembering
When you type a site’s name in the search bar, the lookup will try to find out if you’ve visited that site before. This investigation uses a DNS cache, which is a list of all DNS records your computer visited. If it turns out you visited the site before, you will be taken directly to the website.
Step 2- DNS recursor (recursive resolver, or nameserver)
This acts like a librarian who needs to find a book in a library and log when and where he found it. When you visit a website for the first time, the DNS lookup will send a query to your local DNS server.
Step 3 – DNS Nameserver
If the request can’t find the DNS records on the precursor, it will go to the Root nameserver to begin searching for the necessary information. This is actually the first step in translating domain names into IP addresses. This works pretty much like an index you can follow to narrow down your searches.
Step 4 – TLD server
This narrows down your searches even more. It’s the next step in the search for a specific IP address. TLD stands for Top-Level Domain and comes right after typing the domain name of a website. Popular TLD examples include ‘.com’, ‘.net’, and ‘.org’, so, for instance, in google.com, .com is the TLD.
Step 5 – Authoritative nameserver
This is the last stop in this process. You can think of this as a dictionary that points out to the definition of the term you are looking for. The domain name is the term, while the definition is the corresponding IP address. If this last server has access to the requested DNS record, it will return the specific IP address back to the DNS recursor, the first server.
What is a DNS record?
DNS lookup works in close conjunction with DNS records. These records contain important information about the IP addresses of domains. DNS records are responsible for dealing with the requests we discuss above. In short, these records serve as instructions for the above DNS servers.
DNS records physical text files written in DNS-specific language. They are stored inside zone files. The latter term refers to the main location where all the DNS records for a specific domain can be found.
When it comes to records themselves, there are a lot of them. Not all of them are that important, so let’s have a look at the most common types:
- Time-to-Live (TTL): DNS recursors periodically erase their DNS information and gather new data from DNS servers. Time-To-Live tells the recursors how long to keep information before refreshing it and acquiring new data.
- Name Server (NS): It states a nameserver for the domain that allows DNS lookups to be done within zone files. This record must always have a primary and a secondary nameserver – NS1 & NS2.
- Mail Exchange (MX): It allows emails to be sent to the right mail servers associated with a particular domain.
- Address (A): A records revolve around IP addresses. They are used to map a domain name (hostname) to its specific IP address.
- Canonical Name (CNAME): It is used to define, or give a nickname/alias to the original domain name. But remember that CNAME points one domain to another domain name, and never to an IP address.
- Text (TXT) Record: This is used to enter human-friendly language inside DNS records, but it also supports machine-readable data alongside human language.
- Start of Authority (SOA): SOA records contain additional information about domains (like a domain serial number). It also instructs a DNS zone on how to interact with secondary nameservers.
- Sender Policy Framework (SPF): It is used to prove that a user is authorized to send emails to a certain mail server. SPF records act as evidence of a trustworthy email and can prevent spam and malicious content. This is why they are important for IP reputation in email deliverability as well.
And, among the most important…
What is a PTR record in DNS?
A DNS pointer record (PTR for short) is the exact opposite of an A record. So, instead of providing the IP address for a domain name, PTR does the other way around: it shows the domain name for an IP address.
PTS records are used in reverse DNS lookups (rDNS). Again, rDNS lookups are the exact opposite of normal DNS lookups. Therefore, rDNS lookup starts from an IP address and queries the domain name linked to that address.
Although rDNS is not mandatory, Internet Engineering Task Force (IETF) suggests that every domain should support it. rDNS is mostly used by mail servers and logging software as extra security.
PTR records store IP addresses in reverse order, followed by the “.in-addr.arpa” segment. For example, a PTR record for an IPv4 like 198.69.23.0 would be stored like this: 0.23.69.198.in-addr.arpa.
PTR records must contain “in-addr.arpa” because “.arpa” is a domain generally used for managing network infrastructure. Furthermore, it was the first top-level domain name defined for the Internet. Yes, “.arpa” is as old as the Internet itself.
Why are PTR records useful?
PTR records, and by default rDNS lookup, come in handy for a variety of reasons. Here are the most common use cases for a PTR record in DNS.
Anti-spam consolidation
Several anti-spam email filters use reverse DNS and PTR records to check the domain names of email addresses. In doing so, they verify if the IP addresses in question are used by trustworthy and legitimate email servers.
Troubleshooting email deliverability issues
Because these checks are done by anti-spam filters, a misconfigured or missing PTR record may cause deliverability issues.
If a domain has no PTR record, or if the record itself lacks the correct information, email services may block all future emails from that specific domain. This underlines the importance of having an adequately configured PTR record.
Making reading logs user-friendly
System logs generally store only IP addresses. Using reverse DNS lookups can help users read logs more easily, as the IP address is translated into its specific domain name.
This makes important processes like startup messages, system changes, unexpected shutdowns, errors, and warnings easier to read and interpret for proper troubleshooting.
Conclusion
In 1983, a computer scientist saved us a lot of time and trouble by inventing DNS. Instead of remembering lists of IP addresses, we can now interact with browsers and servers through human language.
DNS is able to map our favorite site names like Google, Facebook, or Instagram to their specific IPs and allow us to interact with those websites.
But this is just a small cog in the entire mechanism. DNS and rDNS work together to ensure everything runs smoothly. And if any error pops out, the records are there to help us understand what’s wrong and also instruct servers on what to do under different circumstances.