What is an NS Record?
A DNS NS record is a type of resource record in the Domain Name System (DNS) that identifies a name server responsible for the resolution of queries for a particular hostname. A host may have multiple name servers, and each register an alternative address location for its name server’s responsibility. We will explore the purpose and function of NS records in greater detail below.
What is a nameserver?
A nameserver is a server that holds information about domains. Every domain on the internet has at least one nameserver, but many domains have more than one. Nameservers are responsible for translating domain names into IP addresses, and vice versa.
What Does an NS Record Do?
An NS (nameserver) record specifies the authoritative name servers for a domain. The authoritative name servers are the servers that are used to resolve queries to hostnames and determine which IP addresses should be used to access a given server.
These records store information about domain names—including their names, their target IP addresses, and other information like Time To Live (TTL). NS records are set and managed by domain registrars – companies specializing in selling and transferring domains. By default, each domain has a primary and a backup NS record pointing to the same name server. If a domain name changes, for example, an NS record can be updated to reflect that change.
For example, if you have a domain name like “example.com”, one of your DNS records might look like this:
ns1.example.com
ns2.example.com
*Note: If you have an NS record in your DNS zone and it points to a name server that is not up, that means that there is no point of contact for your domain. It’s because they maps an address to its name server. It tells other domain controllers how to find the name of your domain, as well as where to send zone transfers and zone updates.
How Do NS Records Work?
Let’s say you want to visit [example.com](https://www.example.com). Your computer will first look up the IP address of that domain by querying a DNS server (usually provided by your ISP). The DNS server will then return the IP address of example.com’s nameservers, which are responsible for managing all records related to that domain. The name servers’ job is to keep track of all records associated with example.com: its A record (IP address), MX records (mail server), NS records (name server), TXT records (textual data), CNAME records (aliases), etc.
When you visit [example.com](https://www.example.com) in your browser, your computer will query one of example’s name servers for this information again before displaying it on your screen!
Simplify DMARC with PowerDMARC!
Example of an NS Record
RFC 1035 specifies the syntax for NS records. Here’s an example of NS records for domain.com
domain.com. 21600 IN NS emely.ns.cloudflare.com domain.com. 21600 IN NS vern.ns.cloudflare.com |
In this example, the domain domain.com lies within the zone of the authority of the name servers named emely and vern.
21600 denotes the Time To Live (TTL), which is the amount of time a DNS request is kept in memory. IN stands for Internet, and NS stands for Name Server.
Usage of NS Records
Nameserver records specify the primary and secondary DNS servers responsible for a zone. The primary is responsible for resolving the zone’s name into an IP address, whereas the secondary server is responsible for returning the IP address of the host record associated with that name.
Every DNS server from a DNS zone must have an NS record assigned to it, or it will not be able to properly perform its duties in the zone.
This allows for the maintenance of two separate databases: one for each type of server (primary and secondary), which ensures that when one server goes offline, another can handle queries.
For instance:
NS record provides IP address resolution in case of an outage of the primary or secondary DNS server. So if your primary or secondary DNS server goes offline, then all queries would need to be sent through other servers until one of them comes back online again (i.e., resolver). This is where NS records come in handy—they can route the traffic towards alternate servers that have the backup of the main server. Therefore, you do not run the risk of experiencing total downtime.
Updating or Changing nameserver Records
➜ Your nameserver records are updated when you want to change your domain’s nameservers:
If the example.com admin wanted blog.example.com to resolve via ns2.exampleserver.com instead, they could set this up by updating the NS record.
➜ They are also updated when you want a subdomain to use different nameservers than its parent domain:
If the example.com admin wanted blog.example.com to resolve via a ns1.exampleserver.com instead of ns2.exampleserver.com, they would update the NS record for that domain and then set it up so that blog.example.com uses ns1 as its nameserver and ns2 as its backup nameserver (which is what happens automatically with DNS changes).
A domain administrator can update their records by going to the “Record Types” page in the DNS management console. These updates are propagated throughout the DNS within a few hours as they take some time to reach all authoritative nameservers.
The Difference Between DNS NS Record vs A Record
The NS records and A records are both used to provide DNS services. The difference between them is that the former define the servers that provide DNS services for a domain name while the A records translate hostnames (such as www, FTP, mail) into IP addresses.
A Record
An A record is a type of Domain Name System (DNS) entry that associates a hostname with an Internet Protocol (IP) address.
For example:
abc.example.com IN A 192.168.1.4.1 states that abc.example.com resolves to 192.168.1.4.1
Address (A) records are the backbone of a zone file. They provide DNS with enough information to map domain names to specific IP addresses for hosts that receive their own individual entries in the zone file.
An A (address) record lists the hostname in its owner field, so DNS can add a domain name to derive the fully qualified domain name.
The A record’s RDATA field contains the IP address of that host.
DNS NS Record
DNS NS records identify the authoritative name servers for a zone.
Every zone must have at least one entry that identifies the name servers responsible for the domain. The availability of a zone can be increased by using two or more such records. If the first name server is unavailable, the zone will still be accessible via another server.
The owner field should contain either a fully qualified domain name for the zone, with a trailing dot (e.g., example.com), or an at sign (@).
The RDATA section of the DNS resource record contains just one field: the fully qualified domain name (FQDN) of the name server that handles queries for this entry.
FREE Domain NS Lookup Tool by PowerDMARC
Your NS Record is one of the most important in your domain’s DNS configuration. It determines what name servers are authoritative for your domain and other hostnames.
With PowerDMARC’s free NS Lookup Tool, you can quickly check the type of DNS record that your domain is set up with. The tool provides a proper NS Record that includes DNS Record Type, Value of the Record, and DNS Server TTL. It also provides the ability to search for all NS Records for a domain or specific subdomain.
- Travel Cybersecurity Threats and How to Stay Protected - December 18, 2024
- Cybersecurity Best Practices for Digital Nomads in Japan - December 17, 2024
- NCSC Mail Check Changes & Their Impact on UK Public Sector Email Security - December 13, 2024