DNS Monitoring Glossary: Terms You Should Know

DNS involves a dense web of protocols, record types, and operational concepts. Whether you are new to managing domains or an experienced administrator brushing up on terminology, this glossary provides concise definitions for the terms you will encounter most often in DNS monitoring and management.

A

A Record

A DNS record that maps a domain name to an IPv4 address. The most fundamental record type, used to direct traffic to a specific server.

AAAA Record

A DNS record that maps a domain name to an IPv6 address. Functionally identical to an A record but for the newer, 128-bit IPv6 address format.

Anycast

A network addressing method where the same IP address is announced from multiple locations. DNS providers use anycast to route queries to the nearest server, reducing latency and improving resilience.

Authoritative Name Server

A DNS server that holds the original, definitive records for a zone. When a recursive resolver needs to answer a query, it ultimately contacts the authoritative server for the correct response.

B

BIND (Berkeley Internet Name Domain)

The most widely deployed DNS server software. Originally developed at UC Berkeley, BIND is an open-source reference implementation used by many organizations for authoritative and recursive DNS.

C

CAA Record (Certification Authority Authorization)

A DNS record that specifies which Certificate Authorities are permitted to issue SSL/TLS certificates for a domain. Helps prevent unauthorized certificate issuance.

Cache Poisoning

An attack where forged DNS responses are injected into a resolver's cache, causing it to return incorrect IP addresses. DNSSEC was designed to prevent this type of attack.

CNAME Record (Canonical Name)

A DNS record that creates an alias, pointing one domain name to another. The resolver follows the CNAME chain to find the actual A or AAAA record.

D

Delegation

The process of assigning authority for a subdomain or zone to a different set of name servers using NS records.

dig

A command-line tool for querying DNS servers. Widely used for diagnostics and troubleshooting. Available on most Unix-like systems and installable on Windows.

DKIM (DomainKeys Identified Mail)

An email authentication standard that uses cryptographic signatures stored in DNS TXT records to verify that messages were not altered in transit and originate from an authorized sender.

DMARC (Domain-based Message Authentication, Reporting and Conformance)

A DNS-based email authentication policy that builds on SPF and DKIM. DMARC records (published as TXT records) tell receiving servers how to handle messages that fail authentication checks.

DNS (Domain Name System)

The distributed hierarchical system that translates human-readable domain names into IP addresses. Often described as the phone book of the internet.

DNS Hijacking

An attack where DNS queries are redirected to malicious servers, either by compromising a resolver, modifying records at the registrar, or intercepting queries in transit.

DNSSEC (DNS Security Extensions)

A set of extensions to DNS that provide authentication of DNS data using digital signatures. DNSSEC allows resolvers to verify that responses have not been tampered with.

DNS Propagation

The process by which updated DNS records spread across the global network of DNS resolvers and caches. Propagation time depends on TTL values and resolver behavior.

DNS Resolver

A server that receives DNS queries from clients and either answers from its cache or performs recursive lookups to find the answer. Also called a recursive resolver.

E

EDNS (Extension Mechanisms for DNS)

An extension to the original DNS protocol that allows larger message sizes and additional flags. EDNS is required for DNSSEC and other modern DNS features.

ENUM (E.164 Number to URI Mapping)

A protocol that uses NAPTR DNS records to map telephone numbers to internet services such as SIP or email addresses.

F

Forwarder

A DNS server configured to pass queries it cannot answer to another DNS server rather than performing full recursive resolution itself.

FQDN (Fully Qualified Domain Name)

A complete domain name that specifies the exact position in the DNS hierarchy, ending with a trailing dot (e.g., www.example.com.). The trailing dot represents the root zone.

G

Glue Record

An A or AAAA record provided in the parent zone that gives the IP address of a name server for a delegated child zone. Necessary when the name server's hostname is within the zone it serves, which would otherwise create a circular dependency.

I

ICANN (Internet Corporation for Assigned Names and Numbers)

The organization that coordinates the global DNS root, IP address allocation, and top-level domain policies.

Iterative Query

A DNS query mode where the server responds with the best answer it has (often a referral to another server) rather than performing full resolution on behalf of the client. Contrast with recursive query.

L

Lame Delegation

A situation where an NS record points to a server that is not actually configured as authoritative for the zone. This causes resolution failures or delays.

M

MX Record (Mail Exchange)

A DNS record that specifies which mail servers accept email for a domain and in what order of priority. Lower priority values indicate higher preference.

N

NAPTR Record (Naming Authority Pointer)

A DNS record type used for URI rewriting and service discovery, most commonly in telephony applications like ENUM and SIP routing.

Negative Caching

The practice of caching a negative response (such as NXDOMAIN) so that repeated queries for non-existent names do not burden authoritative servers. The SOA minimum TTL field controls negative cache duration.

NS Record (Name Server)

A DNS record that delegates a zone to a set of authoritative name servers. NS records at the zone apex define who is responsible for the zone.

NXDOMAIN

A DNS response code indicating that the queried domain name does not exist. One of the most common DNS error responses.

P

PTR Record (Pointer)

A DNS record used for reverse DNS lookups, mapping an IP address back to a hostname. Essential for email deliverability and network diagnostics.

Propagation Delay

The time it takes for DNS changes to become visible across all resolvers worldwide. Influenced by TTL values, caching behavior, and resolver refresh intervals.

R

RDAP (Registration Data Access Protocol)

The modern replacement for WHOIS, providing structured, standardized access to domain registration data via a RESTful API.

Recursive Query

A DNS query mode where the resolver performs the full lookup process on behalf of the client, following referrals through the DNS hierarchy until it reaches an authoritative answer. Contrast with iterative query.

Registrar

An organization accredited to register domain names on behalf of customers. Registrars interact with the registry to manage domain records, including NS records and contact information.

RRSIG Record (Resource Record Signature)

A DNSSEC record that contains the digital signature for a DNS record set. Resolvers use RRSIG records to verify the authenticity of DNS responses.

S

SERVFAIL

A DNS response code indicating that the server encountered an internal error or was unable to complete the query. Common causes include DNSSEC validation failures and upstream connectivity issues.

SOA Record (Start of Authority)

A mandatory DNS record present in every zone that contains administrative metadata including the primary name server, contact email, serial number, and timing parameters.

SPF (Sender Policy Framework)

An email authentication method published as a DNS TXT record that lists which IP addresses and servers are authorized to send email on behalf of a domain.

SRV Record (Service Locator)

A DNS record that specifies the hostname and port for a specific service, along with priority and weight for load balancing. Used by protocols like SIP, XMPP, and LDAP.

T

TLD (Top-Level Domain)

The highest level of domain names in the DNS hierarchy, such as .com, .org, .net, and country codes like .uk and .de.

TTL (Time to Live)

A value in seconds that tells DNS resolvers how long to cache a record before requesting a fresh copy from the authoritative server. Lower TTLs allow faster propagation of changes but increase query load.

TXT Record

A DNS record that holds arbitrary text data. Widely used for email authentication (SPF, DKIM, DMARC), domain verification, and other metadata.

W

WHOIS

A protocol and database system for querying domain registration information, including registrant details, name servers, and registration dates. Gradually being replaced by RDAP.

Z

Zone

A portion of the DNS namespace that is managed by a specific organization or administrator. A zone contains all the DNS records for the domain names it covers.

Zone File

A text file that contains the DNS records for a zone, formatted according to RFC 1035. Zone files define the authoritative data for a domain.

Zone Transfer (AXFR/IXFR)

The mechanism by which DNS records are replicated from a primary name server to secondary servers. AXFR transfers the full zone; IXFR transfers only changes since the last update. Zone transfers should be restricted to authorized servers for security.

Additional Terms Worth Knowing

Understanding the language of DNS is the first step toward managing it effectively. Monitoring ensures you stay ahead of problems before they become outages.