DNS Crash Course: A, AAAA and PTR Records

I usually contribute posts to my blog to share a new concept or to review an awesome new piece of software. However, every once an a while I feel it necessary to contribute to the general knowledge of the Internet by bringing you posts like these.

I plan to publish a series of articles called DNS Crash Course and over the next several weeks, I'll be explaining about DNS records - those pesky things that can make or break your website, email, and other services critical to a business or organization. I consider myself something of a subject matter expert on DNS as it relates to web hosting, being involved with Fox Design Werx. These articles will focus on a particular record type or types, if appropriate to be discussed together.

In this inaugural article, I'll be discussing the most basic of all DNS records: the A record. By extension, I'll also be explaining a reverse lookup record, also known as a PTR record, and something called AAAA or 'quad-A' records. First things first...

The A Record

The A in A record stands for address. Put simply, it is the record that browsers query on a DNS server to look up a particular website using the IPv4 protocol. For example, the A record for this blog is:

classicyuppie.com.    A   80.77.87.245  

IP addresses listed in an A record will connect over port 80. The port is implied by the browser when transferring data over HTTP (as opposed to HTTPS which implies port 443). Because of this lookup direction (hostname-to-address), it's considered a forward-lookup record because all Internet browsers initiate a DNS query by using the hostname. The query happens in a split-second, but here's what the dialogue between your browser and a DNS server might look like:

Browser:     What is the IP address for www.google.com?  
DNS Server:  It's 74.125.226.52.  
Browser:     Thanks, I'll load the page now.  

You can have multiple A records across different hostnames, but in most cases you should only have only one A record per hostname, as there is no prioritization of traffic between multiple IPv4 addresses on the same hostname.

classicyuppie.com.            A    80.77.87.245  
darkstat.classicyuppie.com.   A    80.77.87.245  
mint.classicyuppie.com.       A    80.77.87.245  
news.classicyuppie.com.       A    80.77.87.245  
server.classicyuppie.com.     A    80.77.87.245  
www.classicyuppie.com.        A    80.77.87.245  

For example, if I were to have more than one A record for classicyuppie.com, you would be bouncing between different servers without knowing it. Some servers may have up-to-date information, while others may contain stale information. If you want to load balance your traffic between multiple physical servers, it's best to stick with a service like CloudFlare CDN to keep things in line.

The AAAA Record

Much like the A record is to the IPv4 address space, the AAAA record (also known as a quad-A record) is to the IPv6 address space. An easy way to remember this is IPv4 addresses are 32 bits, and IPv6 addresses are 128 bits, so if an A record is 32 bits, 4xA (or AAAA) is 128 bits. (Sorry, I had to drop some algebraic nerd humor on you.) It's also a forward-looking DNS record.

A standard AAAA record looks much like this:

classicyuppie.com.    AAAA    2605:4500:2:25bc::  

The same rule applies for a quad-A record as a regular A record: you should only have one record per hostname in most cases.

The PTR Record

You can think of a PTR record (called a pointer record, in nerd slang) as a reverse A or AAAA record. It works much the same way as a forward-looking record, but in reverse (and is called a reverse lookup record as a result). That means instead of creating a hostname-to-address listing, it matches an IPv4 or v6 address to a hostname. A typical PTR record looks like this:

245.224/27.87.77.80.in-addr.arpa.  PTR  server.classicyuppie.com.  

This record type can be used to validate the true identity of a server for the purposes of SPAM-checking the server sending an email or for security certificate validation. It usually serves to prove the identity of a particular IP address exiting on the Internet.

Because a PTR record creates a reverse lookup (address-to-hostname), you cannot set this record type in the control panel of your DNS provider's control panel. The owner of the IP address must create the record for you. The owner is usually who gave you the IP address, such as your ISP or your web hosting provider. A word of caution: I don't know of any ISPs that will create a PTR record for you unless your IP address is static. If you're not sure if you have a static IP address, simply ask them.

The reason why the owner of the IP address must create it for you is because the reverse record is created using the in-addr.arpa domain. All IP addresses have a default hostname of the IP address, in reverse, followed by in-addr.arpa and as you can see from the example above, the FQDN of the IP address for my web server is 245.87.77.80.in-addr.arpa. One is the forward address, the other is the reverse address. The only entity that has the authority to add a DNS record for your IP address is the entity that has access to the x.x.x.x.in-addr.arpa address, which again is the company that provided you with use of the IP in the first place. If you want to learn more about the in-addr.arpa domain, I might suggest reading up on RFC 1035, section 3.5.

Querying These Records

Since I'm a command line fan, in these articles, I'll be providing you an easy way to check the various DNS record types through the Linux/Unix terminal or Windows command prompt.

To query A or AAAA records:

Linux/Unix/Mac OS

dig a <hostname>  
dig aaaa <hostname>  

Windows (all versions)

nslookup type=a <hostname>  
nslookup type=aaaa <hostname>  

To query PTR records:

Linux/Unix/Mac OS

dig -x <ipv4 address>  
dig -x <ipv6 address>  

or

dig ptr <ipv4 address in reverse>.in-addr.arpa  
dig ptr <ipv6 address in reverse>.in-addr.arpa  

N.B.: When typing the IP in reverse, each octet in the IPv4 address must be seperated with a decimal. Each alphanumeric character in the IPv6 address must be seperated with a decimal.

Windows (all versions)

nslookup <IPv4 address>  
nslookup <IPv6 address>  

N.B.: Each octet in the IPv4 address must be seperated with a decimal. Each nibble in the IPv6 address must be seperated with a colon.

Conclusion

Now you know about the basics of how your web browser is able to visit websites and the importance of A and AAAA records on the web surfing experience. Without these two record types, you'd have to recall an IP address from memory every time you wanted to visit a web site.

My next article for this series will be coming in the next week or two and will discuss MX records.