DNS Terminology Glossary

Complete DNS terminology glossary with definitions for A record, CNAME, MX, TTL, nameserver, DNSSEC, and all common DNS terms.

ReviewMyDNS is a free DNS propagation checker that queries 50+ global DNS servers to verify your DNS records. Check A, AAAA, MX, CNAME, TXT, NS, and SOA records instantly.

Core DNS Record Types

  • A record: Maps a domain or subdomain to an IPv4 address. The most fundamental DNS record — querying example.com for its A record returns the IP address where the website is hosted.
  • AAAA record: Maps a domain or subdomain to an IPv6 address. As IPv6 adoption increases, AAAA records are increasingly important alongside A records.
  • CNAME (Canonical Name): Creates an alias that points one hostname to another hostname rather than an IP address. Cannot be used at the zone apex (the root domain itself) — only on subdomains.
  • MX (Mail Exchange): Specifies the mail servers authorised to receive email for a domain, along with a priority value controlling delivery order. See the MX record lookup tool.
  • TXT record: Stores arbitrary text data. Used for SPF, DKIM, DMARC, and domain verification tokens.
  • NS (Nameserver): Identifies the authoritative DNS servers for a domain. NS records at the registrar level delegate DNS control to a specific DNS provider.
  • SOA (Start of Authority): Contains administrative metadata for a DNS zone: the primary nameserver, contact email, serial number, and refresh/retry/expire intervals.
  • PTR (Pointer): The reverse of an A record — maps an IP address back to a hostname. Used for reverse DNS lookups, critical for mail server reputation.
  • SRV (Service): Specifies the location of servers for specific services (e.g., SIP, XMPP). Includes service name, protocol, priority, weight, port, and hostname.
  • CAA (Certification Authority Authorisation): Specifies which certificate authorities are permitted to issue TLS certificates for a domain, reducing the risk of misissued certificates.

Email Authentication Terms

  • SPF (Sender Policy Framework): A TXT record listing IP addresses and mail servers authorised to send email on behalf of a domain.
  • DKIM (DomainKeys Identified Mail): A cryptographic signing system where outbound emails are signed with a private key, and the corresponding public key is stored in DNS.
  • DMARC (Domain-based Message Authentication, Reporting and Conformance): A policy record that specifies how receiving servers should handle mail failing SPF or DKIM checks, and where to send authentication reports.

DNS Infrastructure Terms

  • TTL (Time to Live): The duration in seconds that DNS resolvers may cache a record before re-querying. Lower TTLs mean faster propagation of changes; higher TTLs reduce query load on nameservers.
  • Propagation: The time required for a DNS change to spread from the authoritative nameserver to all recursive resolvers worldwide, bounded by the record's TTL value.
  • Authoritative nameserver: The DNS server that holds the official records for a domain and provides definitive answers to queries for that zone.
  • Recursive resolver: A DNS server that queries authoritative nameservers on behalf of clients, caches results, and returns answers. Your ISP's DNS server and public resolvers like Google (8.8.8.8) and Cloudflare (1.1.1.1) are recursive resolvers.
  • Anycast: A network routing technique where multiple servers share the same IP address. Queries are routed to the nearest server automatically. Used by all major DNS providers for performance and redundancy.
  • DNSSEC (DNS Security Extensions): Adds cryptographic signatures to DNS records to prevent cache poisoning and ensure responses come from the legitimate authoritative server.
  • Zone: The set of DNS records managed by a single authoritative nameserver for a domain and its subdomains.
  • Delegation: The process by which a parent zone (e.g., .com) points to the nameservers responsible for a child zone (e.g., example.com) via NS records.