Copyright (c) 2026 MindMesh Academy. All rights reserved. This content is proprietary and may not be reproduced or distributed without permission.
4.4.2. DNS Architecture and Records
DNS (Domain Name System): Translates domain names to IP addresses (forward lookup) and IPs to names (reverse lookup).
DNS Record Types:
| Type | Purpose | Example |
|---|---|---|
| A | Name → IPv4 | www.example.com → 192.0.2.1 |
| AAAA | Name → IPv6 | www.example.com → 2001:db8::1 |
| CNAME | Alias → canonical name | www → webserver.example.com |
| MX | Mail server for domain | example.com → mail.example.com (priority 10) |
| TXT | Arbitrary text | SPF records, domain verification |
| NS | Name server for domain | example.com → ns1.example.com |
| PTR | IP → name (reverse) | 1.2.0.192.in-addr.arpa → www.example.com |
| SOA | Zone authority | Primary server, admin email, serial |
| SRV | Service location | _ldap._tcp.example.com → ldap.example.com:389 |
DNS Security:
- DNSSEC: Digitally signs DNS records to prevent tampering
- DoH (DNS over HTTPS): Encrypts DNS queries over HTTPS (port 443)
- DoT (DNS over TLS): Encrypts DNS queries over TLS (port 853)
DNS Server Types:
- Authoritative: Has definitive answers for a zone
- Recursive/Resolver: Queries other servers to find answers
- Primary (Master): Original copy of zone data
- Secondary (Slave): Read-only copy, receives zone transfers from primary
Hosts File: Local file mapping names to IPs, checked before DNS. Location: /etc/hosts (Linux/Mac) or C:\Windows\System32\drivers\etc\hosts (Windows).
Written byAlvin Varughese
Founder•15 professional certifications