Many WordPress site admins only deal with DNS once every blue moon. Mainly when buying a new domain, setting up a new website, and migrating to a new web host.
However, since DNS is the core of the internet, and a small mistake in the DNS records can result in visitors not being able to access your website or sending you emails, it is important to have a basic understanding of how it works.
The good news is that DNS is very easy to understand and manage. This article explains all WordPress site owners and administrators need to know about DNS and DNS records.
What is DNS?
DNS stands for Domain Name System. It is a hierarchical naming system the internet uses. Its role is to translate easy to remember domain names such as www.wpwhitesecurity.com to IP (Internet Protocol) addresses that computers understand, such as 18.104.22.168.
Why Do We Need DNS?
Every computer, smartphone or device connected to the internet or a network has a unique IP address. For example the website www.wpwhitesecurity.com is hosted on a web server with the IP address 22.214.171.124.
Since we can easily remember a website’s name (www.wpwhitesecurity.com) but not an IP address (126.96.36.199), DNS is needed to convert human readable text (domain names) to information that computers understand, IP addresses. Otherwise you would have to remember IP addresses instead.
What are Domains and FQDNs?
Before diving into DNS let’s see what domains and FQDNs are. A FQDN (Fully Qualified Domain Name) is what we typically call a website URL, or a domain, such as www.wpwhitesecurity.com. A FQDN is made up of a number of parts:
Every part of the FQDN, such as the www subdomain can be up to 63 characters long. The whole FQDN cannot exceed 253 characters. Common subdomains used on the internet are: www, blog, site, admin etc. Most common TLDs on the internet are .com, .net, .org and country specific ones, such as .nl and .mt.
How DNS Works
To explain how DNS works let’s see what happens when you browse a website, such as www.wpwhitesecurity.com.
Note that this is a high level explanation with which you can understand the logic behind DNS. In real live there are more components involved that could affect how DNS works, such as DNS caching, root DNS servers etc.
Step 1: Request the Resolution of the Domain Name to IP Address
When you type www.wpwhitesecurity.com in your web browser’s navigation bar, your smartphone or computer needs to know the IP address of the web server where the website is hosted. Since it does not know the IP address it sends a request to a DNS server to resolve www.wpwhitesecurity.com.
The DNS server your device uses is most probably the one of your network router or ISP. This is typically automatically configured on your device’s network interface when connecting to the network.
Step 2: Recursive DNS Server Requests the Name Servers of the Domain
Network and ISP DNS servers are called recursive DNS servers because they do not store domain data. Instead they forward your query to other DNS servers and send you back the answer.
So the DNS server your device contacted contacts other DNS servers higher up in the hierarchy (such as root server etc) to get the IP address of the Name Servers (NS) for the domain wpwhitesecurity.com. Name Servers (NS) are DNS servers that hold the information about domains.
Every domain has a few Name Servers (NS) and whenever a recursive DNS server needs to resolve the IP address of a domain they are responsible for, they answer the query. You configure the Name Servers (NS) for a domain when you buy it.
In the screenshot below we can see the Name Servers (NS) configuration for the domain wpwhitesecurity.com.
Step 3: Recursive DNS Server Requests the Name Servers to Resolve the FQDN
At this stage the recursive DNS server your device contacted has the list of name servers for the domain you want to browse. So it sends a request to one of the servers to resolve the FQDN www.wpwhitesecurity.com to an IP address. The answer it gets is: 188.8.131.52.
Step 4: Recursive DNS Server Replies with an IP Address.
Now that the recursive DNS server your device contacted has the IP address of the FQDN www.wpwhitesecurity.com, it sends it back to your device.
Step 5: Your Device Connects to the Web Server
Your device connects to the web server on that IP address it received from the recursive DNS server and requests the page on www.wpwhitesecurity.com. The web server responds by sending the HTML data, which your browser start downloading and rendering.
Registering Domains and DNS
Now we know that every domain needs to have at least a Name Server. Ideally you should have two or more.
That is why when you buy a new domain you are asked for the IP addresses or FQDNs of the name servers. Unless you host your own DNS or use a third party solution, typically you would use the registrar’s own Name Servers.
DNS Record Types
DNS can be used to obtain other information about a domain, such as the IP addresses of a mail server. This information can be obtained via different types of DNS records. There are more than 50 different types of DNS records, however, as a WordPress site owner if you know about the few listed below you should be all good.
This is the most common DNS record type. It is used to map a hostname or FQDN to an IP address. This is the record that is typically used in the domain name resolution process mentioned above.
This is an alias record that is used when two different FQDNs have the same IP. For example wpwhitesecurity.com and www.wpwhitesecurity.com are on the same web server. So I created an A record for wpwhitesecurity.com and then a CNAME for www.wpwhitesecurity.com which points to wpwhitesecurity.com, as shown in the below table.
These are the Mail Exchange records. They are used to specify the IP address of the mail server of a domain. When you send an email to firstname.lastname@example.org, the DNS server of your mail server uses the information in these records to know the IP address of the email server it needs to connect and send the email to.
These are the Name Server records. They are used to specify the IP address of the authoritative name servers for a domain. These are the ones we mentioned above, which you have to specify when you buy a domain.
DNS can also be used to store public keys, a location associated to a domain, and also records associated to anti-spam frameworks. TXT record is the DNS record type typically used for these. Originally it was used for human-readable text but nowadays it mostly stores machine-readable data. For example it is used for anti spam systems like SPF, DKIM records etc.
DNS Caching and TTL
To minimize traffic and resources, recursive DNS servers cache DNS records for the time specified in the Time to Live (TTL) value. TTL is specified in seconds in every DNS record and it is like the expire date.
Caching is the reason why DNS record changes can take up a few hours and days to propagate everywhere. The duration of propagation is also affected by the TTL value you set for your records. If you set a very high TTL value it will take very long for a DNS record change to propogate.
No DNS, No Party!
If it wasn’t for DNS, the internet wouldn’t be as we know it today! Understanding the basics of DNS and why it is needed to run your WordPress site will help you better manage your sites and domains.
DNS History and Geekery
The original specifications for DNS were published by the IETF in RFC 882 and RFC 883 in 1983. These RFCs have been superseded by RFC 1034 and RFC 1035 in 1987, and both of them have been updated via several other RFCs.
DNS servers run on port 53 UDP for messaging, and use port 53 on TCP for zone transfers. For more technical details about DNS I recommend the following readings: