DNS Records

Last update: 22/07/2021

When setting up a new website or managing exist one should we add www, or http records? how to redirect all subdomains to the main domain? how to redirect all wildcard subdomains to root domain? What is DNS? what is TLD?

What is DNS?

DNS stands for Domain Name System.
DNS ia a zone. for example site-name.com where the com is TLD.
DNS controls the translation between the IP address and the domain name.

What is TLD?

TLD stands for Top Level Domains.
TLD is the string that comes after the dot. for example: dev-howto.com is Domain.TLD.
TLD is the root zone of the name space for all domains names under this root.
For example my site: colors-code.com convert-from-to.com dev-howto.com and ancient-history-timeline.com are all under the COM root.

What is Subdomains?

Subdomains is the string or a list of string separeded with dots that comes ofter before the domain. For example: staging.dev-howto.com is subDomain.Domain.TLD.

What is HTTP?

HTTP stand for Hypertext Transfer Protocol.
HTTPS is same but secure.
HTTP is the protocol we use to transfer data over the net.
for other option to transfer data check transport layer on the internet.

Is it good to add www DNS record?

WWW is a string followed by the domain name so it can be considered as subdomain or another domain zone.
When we have both www and A records, than the same data is accessible from www.domain.tld and domain.tld
This is how Google search engine map them:

example colors code domain zone setting

Google knows to exclude this pages under the title "Alternate page with proper canonical tag".
Nevertheless some SEO managers say Google penalizes sites with duplicated content and recommend their clients to restrict access to either www.example.com or example.com.
I can understand their reason. After all it save Google from crawling the same content twice and when google spend less money on a site it may affect it's ranking.
Logically there is no reason to hold both URLs active to lead to the same website.
So I have decided to not hold both domain and www dns records for my sites.

How to redirect to a valid page?

To do so we need to edit .htaccess file and create a rewrite rule.
This will force our application server to change the request URL to desired one.
Again, I am using colors-code.com as an example.

Sudo vi .htaccess

RewriteEngine On
RewriteCond %{HTTP_HOST} ^(.+)\.colors-code\.com$ [NC]
RewriteRule (.*) https://colors-code.com/$1 [L,R=301,QSA]

A + dynamic

A + dynamic is a good DNS type to start with altho newbie usualy do not provide system to resolve the dynamic ip and they probebly using static ip.
I may address this issue again in future.
Yaani TBC or stay tuned.

Record Types

List of DNS record types sorted by AB

Type	Description	Usage
@	Zone	The zone symbol.
A	32-bit Address - IPv4	Mapping domain name to IP address
AAAA	128-bit address - IPv6	Mapping domain name to IP address
AFSDB	AFS database	Connecting between AFS parts.
APL	Address Prefix List	Lists of address ranges
CAA	Certification Authority Authorization	CA for a domain or host
CDNSKEY	Child copy of DNSKEY	Transfer to parent
CDS	Child DS	Transfer to parent
CERT	Certificate	Hold the certificate public key
CNAME	Canonical Name	Alias for the exact name
CSYNC	Child Synchronization	Synchronization between a child and a parent DNS zone
DHCID	DHCP identifier	dynamic host configuration protocol id
DLV	DNSSEC Lookaside Validation	For publishing DNSSEC trust anchors outside of the DNS delegation chain
DNAME	Delegation name	Alias for a name and subnames.
DNSKEY	DNS Key	The key record used in DNSSEC.
DS	Delegation signer	The record used to identify the DNSSEC signing key of a delegated zone
EUI48	MAC address 48-bit	MAC address Identifier
EUI64	MAC address 64-bit	MAC address Identifier.
HINFO	Host Information	Provide info about the host
HIP	Host Identity Protocol	security method of matching between IP to DNS by host id.
IPSECKEY	IPsec Key	Optional key for IPsec
KEY	Key record	Use as a key for some records.
KX	Key Exchanger record	Cryptographic systems to identify a key management agent for the associated domain-name.
LOC	Location record	Specifies a geographical location associated with a domain name
MX	Mail exchange record	Maps a domain name to a list of message transfer agents for that domain
NAPTR	Naming Authority Pointer	Allows regular-expression-based rewriting of domain names which can then be used as URIs, further domain names to lookups, etc.
NS	Name server record	Delegates a DNS zone to use the given authoritative name servers
NSEC	Next Secure record	Part of DNSSEC—used to prove a name does not exist. Uses the same format as the (obsolete) NXT record.
NSEC3	Next Secure record version 3	An extension to DNSSEC that allows proof of nonexistence for a name without permitting zonewalking
NSEC3PARAM	NSEC3 parameters	Parameter record for use with NSEC3
OPENPGPKEY	OpenPGP public key record	A DNS-based Authentication of Named Entities (DANE) method for publishing and locating OpenPGP public keys in DNS for a specific email address using an OPENPGPKEY DNS resource record.
PTR	PTR Resource Record de	Pointer to a canonical name. Unlike a CNAME, DNS processing stops and just the name is returned. The most common use is for implementing reverse DNS lookups, but other uses include such things as DNS-SD.
RRSIG	DNSSEC signature	Signature for a DNSSEC-secured record set. Uses the same format as the SIG record.
RP	Responsible Person	Information about the responsible person(s) for the domain. Usually an email address with the @ replaced by a .
SIG	Signature	Signature record used in SIG(0) (RFC 2931) and TKEY (RFC 2930).RFC 3755 designated RRSIG as the replacement for SIG for use within DNSSEC.
SMIMEA	S/MIME cert association	Associates an S/MIME certificate with a domain name for sender authentication.
SOA	Start of [a zone of] authority record	Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone.
SRV	Service locator	Generalized service location record, used for newer protocols instead of creating protocol-specific records such as MX.
SSHFP	SSH Public Key Fingerprint	Resource record for publishing SSH public host key fingerprints in the DNS System, in order to aid in verifying the authenticity of the host. RFC 6594 defines ECC SSH keys and SHA-256 hashes. See the IANA SSHFP RR parameters registry for details.
TA	DNSSEC Trust Authorities	Part of a deployment proposal for DNSSEC without a signed DNS root. See the IANA database and Weiler Spec for details. Uses the same format as the DS record.
TKEY	Transaction Key record	A method of providing keying material to be used with TSIG that is encrypted under the public key in an accompanying KEY RR.
TLSA	TLSA certificate association	A record for DANE. RFC 6698 defines "The TLSA DNS resource record is used to associate a TLS server certificate or public key with the domain name where the record is found, thus forming a 'TLSA certificate association'".
TSIG	Transaction Signature	Can be used to authenticate dynamic updates as coming from an approved client, or to authenticate responses as coming from an approved recursive name server similar to DNSSEC.
TXT	Text record	Originally for arbitrary human-readable text in a DNS record. Since the early 1990s, however, this record more often carries machine-readable data, such as specified by RFC 1464, opportunistic encryption, Sender Policy Framework, DKIM, DMARC, DNS-SD, etc.
URI	Uniform Resource Identifier	Can be used for publishing mappings from hostnames to URIs.
ZONEMD	Message Digests for DNS Zones	Provides a cryptographic message digest over DNS zone data at rest.
SVCB	Service Binding	More info in this IETF Draft by DNSOP Working group and Akamai technologies.
HTTPS	HTTPS Binding	Secured http connection.