Press "Enter" to skip to content

Posts published in “DNS”

5 Dig command examples

By Bob on April 22, 2026

Dig command (domain information groper) is a built-in command that you can find in any macOS computer and most Linux distros. You can use it to perform a quick check related to your DNS. See individual DNS records or check a name server from the Terminal app with a simple 1 line command. 

It might not have a graphical interface, but you will get all you need in its output.

Here you have 5 dig command examples that will show you how to use it and how the answers look. 

How does Dig command work?

Get the A or AAAA record of a domain name.

dig domainname.com

This command will show you the A record or the AAAA record, or both for the domain you are probing. The first will show you the IPv4 address of the domain name, the second IPv6. 

Get all of the available DNS records.

dig domainname.com ANY +noall +answer

Sometimes you want to see a list of all of the available DNS records, including A, NS, MX, TXT, AAAA, CNAME SOA, and PTR records. That way, you can get a lot of information about the zone, name server, and individual records. Later you can check a particular record or server.

+noall +answer will reduce the answer to just the answer section. 

Get information about the name servers for a particular domain. 

dig domainname.com NS +short

You will get an answer with all the name servers (NS records). Later you can use “dig @nameserver…” to perform additional probes for a particular NS server. 

Get the MX records for the domain name. 

dig domainname.com MX 

You can see the MX (mail exchanger) records for the hostname. From them, you will see which are the incoming mail servers. Not having MX records will be a problem for receiving emails. The senders won’t be able to find which of your mail servers are responsible for receiving the messages, and the delivery will fail. 

Get the TXT records for the domain name.

dig domainname.com TXT

By performing this command, you will see all the TXT records. The common TXT records are SPF, DKIM, and DMARC. All of them are used in email for verification and authentication. They increase the security during the transfer of emails and check if the sender is really the one it says it is. You can check the TXT records for your domain and see if they are properly configured. If you have made errors, you might not be able to send and receive emails or both. 

Get familiar with these examples and try to improvise by changing some of the parameters for your personal needs. 

The hostname could be changed with its IP address; You can probe each individual type of DNS record and more. 

Dig command can also show you the route of the query or answer reverse lookups. 

Why should you use the dig command?

Because it is already on your computer and it can give you enough information about your DNS. It works fast and has a few options to get the right answers. 

Dig is ideal for quick checks. 

Purpose and Advantages of GeoDNS

By Bob on April 18, 2022

GeoDNS is the topic of today’s article. First, we will explore it in detail: its purpose, how it works, and its advantages.

GeoDNS – what is its purpose

GeoDNS stands for global traffic director or simply traffic director. It is an effective method for optimizing traffic to domains through the use of geographically based routing. It is also regarded as a cloud alternative for load balancing. In addition, it has a positive impact on network performance.

How does it work?

GeoDNS operates in a unique way. How? To begin, when users query your site, their requests are routed through DNS servers. If you use GeoDNS, you will be using multiple DNS servers located all over the world. This is determined by the DNS service provider you choose. That is, these servers will search their database for each user’s IP address and compare it to the information they have on file for that IP address. The traffic is subsequently forwarded to a predefined IP address, which is usually the one closest to the query’s origin.

Advantages of using GeoDNS

GeoDNS could be really beneficial. Here are some of its main advantages:

  • It’s simple to use. When it comes to setting it up, you will have no problems. After that, everything will operate on its own. All you need is a basic understanding of DNS.
  • Monitoring the DNS. One of the most critical benefits is that it could also keep track of your DNS. It might also be set up such that IP addresses on your blacklist are blocked. As a result, complications will be avoided.
  • Traffic redirecting. You may establish a comprehensive CDN with GeoDNS. That way, you may host your website on multiple servers and use GeoDNS to automatically guide customers to the version of your site that is closest to them. That method will also serve as a load balancer for you. Your network will run without a hitch.
  • Implementing Geo-restrictions. You could set geo-restrictions based on your users’ IP addresses (location). You have the option of choosing who will be allowed to see specific kinds of information. This is particularly handy when dealing with intellectual property, such as videos, music, and photographs.

Who is GeoDNS for?

GeoDNS could be an excellent solution for a variety of companies. The great majority of large organizations with a global presence, on the other hand, are likely to reap the most benefits from using this type of service. Also, content platforms that serve a worldwide audience and e-commerce websites that require a high level of uptime.

Conclusion

Let’s review. GeoDNS is a global traffic director. Its primary purpose is to distribute the traffic. Its main advantages are that it redirects the traffic, manages geo-locations, and monitors the Domain Name System. In addition, it is really easy to configure. So, it’s worth giving it a chance!

5 DNS records you should know

By Bob on March 5, 2022

What are the DNS records?

DNS records are text-based instruction for name servers (DNS servers) that can serve to link hosts to IP addresses, IP addresses back to hosts, services to hosts, one name of a host to another, combine to have complex rules, and more. 

There are some DNS records that are quite essential for the DNS functionally. Here are the first you should learn.  

The 5 DNS records you should know are:

A record

A record is the first that you think about when you are talking about DNS. It links domain name / hostnames to their IP addresses. When somebody wants to visit a site, they usually know its name (domain name). But what they actually need to find it is its address. The visitor’s browser will go on a long search, from one DNS server to another, until it gets the A record that resolves the query. It gets it back, and the browser knows already where the site is and can load it. 

SOA record

This is the start of authority record, which indicates the primary DNS server – the authoritative name server. It also contains information about the DNS zone, and it is a must-have for the normal functionality of your DNS network. Inside it, you can find out which is exactly the authoritative server, who is responsible for it, how often should the DNS server refresh, and more. 

PTR record

It is a bit neglected DNS record, but it is a must-have if you want to send emails without problems. The PTR is a pointer record that has a functionality opposite to the A record, and it serves for Reverse DNS. It can point an IP address to a domain name. Why do you need it if people don’t remember IP addresses? For the machines! Because when you send an email, the receiver will want to check if this email was really sent on behalf of the domain it is saying or no. If the A record and the PTR record are not configured properly, the emails will go to spam. It can work both with IPv4 addresses and A records or with IPv6 addresses and AAAA records. 

Why do you need a PTR record?

CNAME record

The CNAME record is used to show which is the real domain name (canonical) for domain / subdomain that you are looking for. You should know this DNS record because you should use it for all your subdomains. That way, you can just create CNAME record for them and point to the domain name without the need to create more DNS records for them. When you update DNS records for the YOURDOMAIN.com, you won’t need to update subdomain1.YOURDOMAIN.com, subdomain2.YOURDOMAIN.com, and so on. It will facilitate DNS management for you. 

MX record

This record is also important for email correspondence. It is known as the mail eXchanger record. It will show which exactly is the server or servers that are responsible for accepting emails for the domain. As you can most probably guess, without this DNS record, the sending servers won’t know to who they should send messages, and you can’t receive emails. So, with the PTR, you were fixing the sending, and with the MX record, you are fixing the receiving part. 

Conclusion

This is a good first step into the world of DNS. There are plenty of DNS records more, but now you know how the most important of them look like. The A, SOA, PTR, CNAME, MX are among the first that you should know and start using right away. 

Dynamic DNS – Common ways to use it

By Bob on January 27, 2022

For many people, using a Dynamic DNS could be really advantageous. Put simply, this DNS service is a method for automatically refreshing new IP addresses. We’ll look at what Dynamic DNS is and how it works in more detail in this article.

Dynamic DNS – What does it mean? 

Dynamic DNS, also known as DDNS, is a very useful service that allows us to keep the DNS constantly updated, with the correct IP address, even when the Internet Protocol is changing. Commonly, these kinds of resources include a Web server, a Web camera, or a computer for remote control operation.

The Domain Name System (DNS), as we already know, is a user-friendly and simple-to-use system for associating domains with their IP addresses. Unfortunately, these Internet Protocols are running out on a daily basis. Internet Service Providers (ISPs) are attempting to avoid this scarcity by utilizing dynamic DNS in particular. DDNS automatically logs changes from dynamic IP addresses. This ensures that domains remain connected to the appropriate Internet Protocols.

How does it work?

Most often, to take advantage of a dynamic DNS, you need to look for a provider. Then when you find it, you need to install their software on the host computer or on the router. When the IP addresses provided by the ISP are changed, this software connects with the DDNS service provider. As a result, the dynamic DNS provider updates the A record or AAAA record to reflect the changes, resulting in near-instantaneous updates.

In addition, a dynamic DNS service is incompatible with networks that use static IP addresses. This is because the domain name does not need to be asked again after the IP address is given the first time. The reason is straightforward: static IP addresses do not change.

Why do you need to benefit from Dynamic DNS? 

There are many advantages. Some of which are as follows:

  1. It keeps you online. It will reduce downtime by automatically updating A record or AAAA record. As a result, the gadgets or services will continue to be accessible via the Internet.
  2. Incredibly simple. It only has to be set up once – for example, IP cameras for surveillance. You’ll need to configure your router’s Dynamic DNS service by heading to settings and entering the user and password.
  3. Static IPs are more expensive. If you have multiple devices, it will be far more cost-effective to pay for only one DDNS service. It could be costly to pay for each static IP address.

Conclusion

We can conclude that it is a long and complex explanation for a very simple service that keeps millions of people connected to their devices all over the world. Remember that the DDNS method is useful in the case of dynamic IP addresses. The Dynamic Domain Name System (DDNS) is a very helpful technology that can save you a lot of time and money. It may be the only logical solution to a problem in some cases.

What is a DNS NAPTR record?

By Bob on October 12, 2021

DNS NAPTR record explained.

The DNS NAPTR record is a Name Authority Pointer record that helps with mapping servers to the users’ addresses in the Session Initiation Protocol or SIP for short. The NAPTR records, together with a different type of DNS record named SRV (service) record, let the chaining of various records set complex rewrite rules. As a result, they produce new domain labels or Uniform Resource Identifiers (URIs).

Based on the flag of the recently designed URI or domain label, it is possible to be applied in the following query for a DNS NAPTR record. It could also be straight as an output of the complete process for URI mapping.

When the DNS NAPTR record is present, it lets lookup at services for various different resource names such as URIs. These, in other cases, are not usual pieces of a domain name syntax.

How to check the NAPTR record?

DNS NAPTR record – Why do you need it?

DNS NAPTR records function collectively with SIP and the SRV records included, also. With them, you can understand the variety of services available for a domain name. When a user makes a query for the NAPTR records, it will notice all of the protocols and ports that are applied. In addition, it will examine if they support SIP or any extra VoIP service. 

Structure

The structure of the DNS NAPTR record is a little bit more complicated compared to other DNS records. However, inside it, you can view different values:

  • TYPE: In this case, it is NAPTR or its code, which is 35
  • Domain name: Here is the hostname to which it applies. This is the key for the rule database.
  • TTL: Here, you set the TTL value (Time to live) for the DNS record.
  • Order: Here, a number (16-bit unsigned integer) reveals the order by which the DNS NAPTR record must be processed to follow the rules correctly. First are the lower numbers. In case the values are identical for two or more DNS NAPTR records, the precise order is defined by the preference values.
  • Preference: Here, the value (16-bit unsigned integer) defines the order of DNS NAPTR records with identical numbers. Again, if the number is lower, it goes first. The distinction with the Order number is that Preference provides weight to otherwise identical rules. 
  • Flags: Here are the flags that are written with letters. For now, there are four different flags: S, A, U, and P. With them, it is determined if there is going to be a coming lookup or not. Additionally, they show what has to be next. 

S: This flag shows that the next lookup has to be for the SRV record.

A: The next lookup has to be concerning the A, AAAA records.

U: This flag shows that the next is going to be URI output.

P: With this flag is represented the protocol. It indicates that the protocol is going to define the next step.

  • Service: Establishes the service one or many down the rewrite path. It is also possible to be a particular protocol that is specifically applied for a service.  
  • Regular expression: Typically, it is also called Regexp. It is a string that becomes attached to the original string. The purpose is to generate the following domain name for a lookup. It has to link the string of the customer and not regarding a prior DNS NAPTR record.  
  • Replacement: It is based on the flag, and what is the following name (fully qualified domain name) to query for NAPTR, SRV, or different records.

How to use NSlookup commands

By Bob on August 22, 2021

NSlookup is a built-in software that allows you to query domain name servers.

NSlookup commands can be used on most typical OSes like Windows, macOS, and Linux (Ubuntu, CentOS, Debian, etc.). Now you will see what is it, and how to you it?

How to start the NSlookup command?

For Windows

1. Press Windows key + the letter “R”. This will start the run application.

2. Write “cmd” and press “ok”.

3. Now, you are ready to use NSlookup command. See the examples below.

For macOS

1. Press the command button + Spacebar button.

2. Type the name of the app – Terminal.

3. Ready to write NSlookup commands.

Nslookup: command not found – how to fix it?

Examples of how to use Nslookup commands:

Use these examples with the domain you like by changing the domainname.com with the one you like. The same goes for the IP addresses used in the examples. 

Use the NSlookup to see the domain’s IP address:

nslookup domainname.com

This will show you the data from the A and AAAA records of the domain. There you can see the IPv4 and IPv6 addresses.

Check specific DNS type of record with the following:

nslookup -type=TYPE domainname.com 

You can change TYPE with the type of DNS record you want to query like: A, AAAA, MX, SOA, NS, ANY (any type available). 

nslookup -type=a domainname.com – shows you the IPv4 addresses of the domain.

nslookup -type=aaaa domainname.com – shows you the IPv6 addresses of the domain. 

nslookup -type=mx domainname.com – shows you the MX records, and you can see the responsible email servers for receiving emails. 

nslookup -type=soa domainname.com – shows you the start of authority. 

nslookup -type=ns domainname.com – shows you the name servers available. 

nslookup -type=any domainname.com – shows you all of the DNS records available. 

Check a specific name server.

After you have seen all of them with the NS query, you can now probe each individually. 

nslookup domainname.com ns1.domainname.com

Change ns1.domainname.com with one of the name servers for your domain. 

Check an IP address (Reverse DNS lookup)

You can also probe an IP address and see if there is a PTR record set in a Reverse DNS zone. 

nslookup 111.111.111.111

Change the 111.111.111.111 IP address with the one you want to verify. It can be IPv4 or IPv6 address. 

Learn more about rDNS

Nslookup check of a particular port for communication.

You can also use the NSlookup to check a server through a particular port. In this case, we will use port 53. Change it with another if you like. 

nslookup -port=53 domainname.com

Give a particular time limit to wait for the response.

You can set the waiting period, in seconds, for the queries. Let’s set it to 35 seconds in this example. You can set it to another period. 

Nslookup -timeout=20 domainname.com

Nslookup debug mode enable 

nslookup -debug domainname.com

Conclusion

The NSlookup command is a very used tool because it is easy to find on different devices and works the same. It doesn’t have so much different behavior on the different Oses like some other network tools. 

The Nslookup command can help you check your domain name and see problems with your DNS.

Premium DNS service explained.

By Bob on July 6, 2021

If you are wondering what Premium DNS service has to offer and what is the purpose of DNS. Let’s make things a little bit more clear and dig a bit deeper into this topic!

DNS explained 

It is important to mention what DNS is for the purpose of explaining Premium DNS accurately. 

Domain Name System (DNS) is a global network of name servers. Its purpose is to indicate where domain names are. It links the domain names to their IP addresses. Also, the Domain Name System has features such as linking hostnames to other hostnames, further instructions about services, verifications, etc.

DNS is a communication network, which will guide all of your users to the correct addresses or other hostnames.

Premium DNS 

Premium DNS is a DNS hosting provider’s service. In Premium plans, you can benefit from more of everything. You can take advantage from more DNS servers and DNS zones. Also, you are capable of managing the traffic better. If you choose the Premium DNS plan, you will see improvement in the loading speed for sure. It will provide better up time, better security, and even better SEO. 

For companies that can’t afford to have downtime, Premium DNS is the service that should be implemented. Any website that is more than a small blog could benefit from Premium DNS

If the number of monthly visitors is increasing, you may need to consider using this service.  

Here are some questions that can help you clarify if you need Premium DNS:  

  • What is the number of people that need to connect to the site?
  • How often will these people connect?
  • Are all of these people only from your country? Or maybe there is an international interest in your site?
  • Do you require any extra security features? How critical is it for you to protect your customers at every move of their website journey?

Premium DNS advantages

Premium DNS gives you a solid foundation with the needed resources. Here is a general summary of the features Premium DNS providers can offer.

  • Many more DNS zones. 
  • Ensured uptime.
  • Higher speed.
  • Robust DNS servers’ networks. Benefit from more presence points (PoP) for your company.
  • Implementing load balancing methods, including GeoDNS 
  • Loading time is a lot faster.
  • Millions of queries, and often infinite amount.
  • Monitoring and checkings. DNSSEC support, cryptographic, and more high-level tech security to keep your site protected from attacks. Depending on the plan you picked, you can receive more or less features. 
  • Efficient traffic management.
  • DNS Failover.
  • Many email forwards.
  • Friendly interface.
  • 24/7 Professional support.

Conclusion.

Take your time when you are checking providers. What they guarantee and offer, and the costs. Premium DNS benefits must provide reliability and powerful performance. It is essential for demanding websites, such as government, banking, e-commerce, etc.

If your site is becoming bigger or has customers from around the globe, or you want to guarantee excellent security. That is the moment to begin using a Premium DNS service. It will increase speed, performance, redundancy, and security.

rDNS (Reverse DNS) explained

By Bob on March 24, 2021

So you have set up your Forward DNS. You are happy that you added all the needed DNS records, and you think you are done. Guess again! What are you missing? Just try to send an email from the domain, and immediately you will notice a problem. Your emails are going missing or to the SPAM folder because you haven’t set up a rDNS (Reverse DNS)! Luckily, now you will learn all about it.

What does rDNS mean?

The Reverse DNS is a service, a part of your typical managed DNS plan, and it allows reverse lookups. It lets you create a Reverse DNS zone, where you can add PTR records and use them as proof that the IP addresses and the domain name matches.

The Reverse DNS works with both IPv4 addresses and IPv6 addresses. You can use it with one or the other or both at the same time.

You will need proof that the PTR records provide so servers of other companies can backtrack the IP address to the domain name, and that way, to be sure that it is not a scam.

You will need the combination of A (IPv4), or AAAA (IPv6) records that map domain names and IP addresses and PTR records that have the opposite purpose, IP addresses to a domain name.

Why should we care about rDNS?

You should care about rDNS if:

  • You want your emails to arrive at their destination and check of the incoming mail server to finish successfully. You will most probably need a few more records than the PTR, like SPF, DMARC, and DKIM records.
  • If you are an IP network owner, you will need it to be able to do reverse lookups.

How to start using Reverse DNS?

  1. Get a DNS plan with Reverse DNS. The rDNS is a service that is usually missing from the free DNS plans. So, first, you will need to get a paid plan with Reverse DNS included and other parameters that you will need for your Forward DNS.
  1. Create a Primary Forward DNS zone. You will need to add the A or AAAA record that links your domain name to the IP addresses first.
  2. Create a Primary Reverse DNS zone. You can do it from the control panel of your provider. There you find the add Reverse DNS zone. Pay attention to the instruction. Usually, you will need to add a range of IP addresses in reverse.
  3. Add the PTR records. They must link the IP addresses to A or AAAA records in the Froward DNS zone. If they don’t make a match, it won’t function.

Can you check your Reverse DNS?

Yes, you can check your Reverse DNS by probing the IP addresses and see if they lead to the hostname. The easiest way to do it on most of the OSes (Linux, macOS, Windows, etc.) is to use the Nslookup command:

nslookup 192.169.1.2

Just change the IP address, in this case, is 192.169.1.2, with the one you want to verify. This one is an IPv4 address, but you can put an IPv6 address too.

If you need more information I recommend you this article: What is Reverse DNS?

Conclusion:

The Reverse DNS is a must-have when we are talking about sending emails. If you don’t set it up correctly, you might have emails that don’t arrive at the destination. That can cause missing opportunities, problems, and extra costs. You don’t want to lose money just because you didn’t set up your rDNS, do you?

Secondary DNS (Slave DNS) explained

By Bob on March 11, 2021

You probably came to this article because you want to improve your DNS’s reliability, and you heard about Secondary DNS. Yes, Secondary DNS definitely useful to provide redundancy, and peace of mind, especially in this world, constantly full of DDoS attacks and other DNS problems.

Secondary DNS explained?

Secondary DNS, also known as Slave DNS or Backup DNS, is a service that provides a network of DNS servers that are secondary to the Primary DNS server. They can automatically copy the Primary DNS zone file and provide more points in the world where your DNS records are available even in case of downtime with your Primary DNS.

Your DNS is managed inside the Primary DNS. There you can add, remove or edit DNS records. The Secondary DNS could be a service that the same DNS provider offers, or it could be with another DNS provider. Even multiple Secondary providers, if you really want to back up that Primary DNS.

There is a mechanism for copying the zone data, usually through an API.

That way, the Secondary DNS receives the changes that happen in the Primary DNS.

Why should you consider a Secondary DNS service?

  • The main point why you would like a Secondary DNS service is redundancy. If, or most likely when your Primary DNS goes down, your Secondary DNS will continue to answer queries. No problems! It will reduce the risk of downtime significantly. Your customers will be able to reach your site or use your app undisturbed.
  • Lower the weight of your Primary DNS. You can use the Secondary to reduce the stress on the Primary. It can load balance and answer queries, too, so not all queries must be answers straight from the Primary DNS. It will reduce the stress and lower the chance of single-point failure.
  • Hide the Primary DNS. You can also completely hide the Primary and make it look like your Secondary DNS is your primary. This way, the most valuable for you server will be hidden from the eyes of your attackers. You can bullet-prove your Primary DNS with a firewall too.
  • Have a backup. If something bad happens to your Primary DNS, you still will have a complete backup of the zone file. All your DNS records will be available, and you can save them and later use them again for the Primary. It is not often that you lose all your data from the Primary, but it is nice to be relaxed knowing you have a complete backup.
  • It is easy to use. You won’t need to tweak many settings. Just find the mechanism for the zone transfer, probably through an API, and set it up. It usually takes very little time, and little to no knowledge is needed to connect the Secondary.
  • Easy migration. If you are going from one DNS provider to another, the Secondary DNS could be a good first step. You can see how well the new provider’s service works and how to use their control panel. When your DNS records are there already, it will be an easy step to go to any of their other plans.

Conclusion

The Secondary DNS is an easy way of backing up your Primary DNS and provide redundancy. It is easy to set up and deploy. It has one big flaw. It can’t work with DNSSEC. If the fast and easy way it works attracts you more than the problem, go for it. If no, don’t worry. There are other methods to provide excellent DNS, like Anycast or GeoDNS loading balance.