Anycast DNS explained

Anycast DNS explained

Better, faster, stronger. We all want to improve the performance of our websites. To make them stand out from the crowd of millions of sites and prove a better service for our users. One useful tool in this race is Anycast DNS that will shorten the time for domain resolution and thereby lower the latency for the clients who want to use our sites.

Let’s explain Anycast DNS! 

Read More

DNS MX record

What is a DNS MX record, and how does it work?

The DNS MX is a DNS record that has an essential role in the proper functionality of your email server. It points to the right email server or servers for accepting emails for the domain name.

Without it, the sending email servers will not know where is the target of the emails and can’t ensure proper delivery.

What is a DNS MX record?

The DNS MX record, also known as the mail exchanger record, is a key component of a working email server that links a domain name to the hostname of the incoming mail server. It is a name-to-name connection that indicates the host that the senders need to interact with for the communication. The senders will then ask for the IP address, and finally, they can send emails.

A DNS MX record will have the following parameters: type – MX, Host – domain name, Points to – the hostname of the incoming mail server, TTL – time in seconds that indicates for how long the DNS record is valid, Priority – a number that could be between 0 and 65535 and shows which email server should receive the email.

You can have multiple email servers for accepting emails and put them different priority values through different DNS MX records. It is good to provide backup. We recommend you to use a number like 10 or more as a baseline. That way, if you want to put a server with a higher priority, you can set another MX record with 9 or lower number. If you want, you can put a higher number too. You have enough space.

How does the DNS MX record works?

To understand the DNS MX record, let’s see all the necessary steps that one outgoing mail server needs to perform in order to send an email to domain.com.

1. A user on the outgoing email server is trying to send an email to Maria that has the email maria@domain.com.

2. The outgoing mail server will see the domain name, in this case, domain.com, and query it to get where exactly its nameservers are.

3. What the sender needs is a DNS MX record, so it knows where to send the email. So it queries the nameservers of domain.com (for example, ns1.domain.com, ns2.domain.com, etc.) for MX record.

4. Domain.com responds with one or more MX records that show which servers can receive emails for domain.com (for example, emailone.domain.com, emailtwo.domain.com, etc.).

5. The sender receives the MX records, sees the host or hosts responsible for receiving emails, and makes a new query for A or AAAA records to get the IP address or addresses of the servers.

6. When it gets the IP address, finally, it can send the email to maria@domain.com.

*This model skips verification or authentications on the way for simplicity.

Conclusion

Now you know a bit more about how does outgoing and incoming mail servers work. The MX record is an essential building block that we need to put right away. It will help us receive the emails in the right place. Otherwise, you might not receive emails for your domain, and that is a serious problem.

Recursive DNS server

Recursive DNS server – an overview.

Domain Name System (DNS) is a great invention no matter its credit is not always recognized. And that is because it’s absolutely needed but invisible for regular users. But the situation is different for network administrators, IT teams, and online business owners. They all know that to make websites, and other resources accessible for people means profits for them.

There is no gain without Domain Name System functionality. Everything you want to offer online, from content to products or services, needs to be shown through websites. And to load them for clients can’t happen without the DNS resolution. 

We can talk long about DNS functionality, but let’s focus this time on one important DNS component, the recursive DNS server. 

Read More

DNSSEC

What is DNSSEC?

You can see DNSSEC as a patch to otherwise unsafe DNS. It brings cryptography to the table and a whole line of trust, which guarantees every level and provides top-notch security for your domain.

What does DNSSEC mean?

The whole meaning of DNSSEC is a mouth full – Domain Name System Security Extensions.

The original DNS is fast and reliable, but it lacks security. It wasn’t that of a problem when it was first created. Later, in 1993, the Internet Engineering Task Force (IETF) finalized specifications for DNS data encryption standards. It got in use in 2005, and its latest revision is from 2010. 

The DNSSEC aims to stop the DNS cache poisoning and alteration of the DNS data that could happen if it is not activated.

The DNSSEC involves all levels of a domain, including the root, TLD, and the part that you can manage.

It uses a combination of public and private keys, where each upper level can verify the level below.

It is a chain of trust. If one level fails, the chain is broken, and the data cannot be trusted.

Find out more information about DNSSEC!

Read More

DNS Failover

Why do we need DNS Failover?

Every website or network owner knows that having an alternative plan in case of an outage is a must. There are different ways to get redundancy not to be affected if a server is attacked, down due to maintenance, or broken. Usually to have not one, but more alternatives to guarantee your up-time are totally welcome.

This said, DNS Failover is a technology you should understand and consider for your business.

Read More

Authoritative DNS server

Authoritative DNS server – everything you need to know

The world of DNS is complicated, and there are a lot of small details that we should think about. The DNS is a mechanism for domain resolution. The whole system involves many different DNS servers on different levels – root, TLD, domain name, subdomain. Now we will talk about the authoritative DNS server of the domain name level. Why do you need it, and what it does. 

What is an autoritative DNS server?

Read More

Round-Robin DNS

Round – Robin DNS explained

Round-Robin DNS is a simple mechanism for managing DNS load balancing. This task is not done through hardware but via a DNS server known as an authoritative nameserver.

When you deploy Round-Robin in a DNS server, this will save different A records. Each of them has different IP addresses, but all with the same domain name. Every time this DNS record is requested, it will deliver a response (IP address) by its order. And every IP address used to respond to a request will be put at the end of a line to be used again. You have multiple IP addresses working on a constant rotation cycle.

This mechanism is really useful if you have your website’s content hosted on different redundant servers located at separate points of the globe. The authoritative nameserver will use this rotation cycle to answer with a different IP address. By doing so, it will load balance the traffic.

Read More

What is an SPF record?

What is an SPF record?

Emails from your company are very important and delicate stuff. They are part of your image, the trustability clients have on you, and therefore, an attractive tool for criminals to get profit through phishing and other illegal activities. Suspicious use of them can be painful for a business and a reason to be banned. 

SPF means Sender Policy Framework. This DNS record is in itself a system that validates legitimate emails. SPF record recognizes the mail servers allowed to send emails in your company’s name (domain). It enhances the trustability of your email server while preventing domain spoofing.

Read More