Warning: Astra_Ext_Nav_Menu_Loader::load_gutenberg_addon_scripts(): The script tried to access a property on an incomplete object. Please ensure that the class definition "WPML_LS_Menu_Item" of the object you are trying to operate on was loaded _before_ unserialize() gets called or provide an autoloader to load the class definition in /home/liinovtion/domains/latitudeinnovation.com.my/public_html/wp-content/plugins/astra-addon/addons/nav-menu/classes/class-astra-ext-nav-menu-loader.php on line 164

Warning: Astra_Ext_Nav_Menu_Loader::load_gutenberg_addon_scripts(): The script tried to access a property on an incomplete object. Please ensure that the class definition "WPML_LS_Menu_Item" of the object you are trying to operate on was loaded _before_ unserialize() gets called or provide an autoloader to load the class definition in /home/liinovtion/domains/latitudeinnovation.com.my/public_html/wp-content/plugins/astra-addon/addons/nav-menu/classes/class-astra-ext-nav-menu-loader.php on line 164

Warning: Astra_Ext_Nav_Menu_Loader::load_scripts(): The script tried to access a property on an incomplete object. Please ensure that the class definition "WPML_LS_Menu_Item" of the object you are trying to operate on was loaded _before_ unserialize() gets called or provide an autoloader to load the class definition in /home/liinovtion/domains/latitudeinnovation.com.my/public_html/wp-content/plugins/astra-addon/addons/nav-menu/classes/class-astra-ext-nav-menu-loader.php on line 134

Warning: Astra_Ext_Nav_Menu_Loader::load_scripts(): The script tried to access a property on an incomplete object. Please ensure that the class definition "WPML_LS_Menu_Item" of the object you are trying to operate on was loaded _before_ unserialize() gets called or provide an autoloader to load the class definition in /home/liinovtion/domains/latitudeinnovation.com.my/public_html/wp-content/plugins/astra-addon/addons/nav-menu/classes/class-astra-ext-nav-menu-loader.php on line 134
DNS Explained: Everything You Need To Know | Latitude Innovation

DNS Explained: Everything You Need to Know

  1. Introduction
  2. What Is DNS?
  3. What Happens When You Visit a Website?
  4. DNS, Domain, and Hosting: The Key Difference
  5. Where DNS Records Are Stored
  6. The Cloudflare DNS Records Explained
  7. Why Do Websites Need So Many DNS Records?
  8. A Simple Real-World DNS Setup Example

  9. What Happens When DNS Is Misconfigured?

  10. DNS Propagation Explained
  11. Conclusion

1.0 Introduction

Every time you visit a website, send an email, or use an online service, one system quietly works in the background to make it all possible: DNS. Most people only encounter DNS when something breaks, a website won’t load, emails go missing, or a domain doesn’t point where it should. Yet DNS is one of the most fundamental parts of how the internet works.

This article explains DNS from absolute zero, using simple language and real-world examples. By the end, you’ll understand what DNS is, how it works, what each DNS record does, and why modern websites require so many DNS records to function properly.

2.0 What Is DNS?

DNS stands for Domain Name System. In simple terms, DNS is the system that translates human-friendly domain names into machine-friendly IP addresses.

Humans prefer names like:

example.com

Computers, however, communicate using numbers called IP addresses, such as:

93.184.216.34

DNS acts like a phonebook for the internet, matching domain names to their correct IP addresses. Without DNS, you would need to remember long strings of numbers just to visit a website.

3.0 What Happens When You Visit a Website?

When you type a website address into your browser, several things happen in a fraction of a second:

  1. Your browser asks a DNS server where the domain is located.
  2. The DNS server replies with the IP address of the website.
  3. Your browser connects to that IP address.
  4. The web server sends back the website content.
  5. The page loads on your screen.

DNS is always the first step. If DNS fails, the website never loads.

4.0 DNS, Domain, and Hosting: The Key Difference

These three terms are often confused, but they are very different:

  • Domain: The name of your website (example.com)
  • DNS: The instructions that tell the internet where the domain should go
  • Hosting: The server where your website files are stored

Buying a domain alone does not make a website work. DNS must be configured to connect the domain to its hosting server.

5.0 Where DNS Records Are Stored

DNS records are stored on authoritative DNS servers for a domain. These servers are responsible for holding the official DNS information and answering queries about the domain.

When you register a domain, you choose a DNS provider (such as Cloudflare, your domain registrar, or a hosting provider). This DNS provider manages the authoritative name servers listed in the domain’s NS records. All DNS records—like A, CNAME, MX, and TXT—are saved in the DNS zone file on these authoritative servers.

When someone visits a website or sends an email, their device does not go directly to the authoritative server. Instead, the request first goes through recursive resolvers (usually operated by ISPs or public services like Google DNS). These resolvers ask the authoritative servers for the DNS records and temporarily cache the results to speed up future requests.

In summary, DNS records live permanently on authoritative DNS servers, while copies are temporarily stored (cached) on recursive resolvers around the internet to improve performance and reliability.

6.0 The Cloudflare DNS Records Explained

Modern DNS uses multiple types of records, each with a specific purpose.

6.1 Advanced & Security-Focused DNS Records

PTR (Pointer) record
Maps an IP address back to a domain name (reverse DNS).
Most commonly used by email servers to verify that a sending server is legitimate and not spam.

SMIMEA record
Stores S/MIME certificate information in DNS for secure email communication.
Used mainly in corporate or enterprise email systems.

SSHFP record
Stores SSH public key fingerprints in DNS.
Allows clients to verify SSH servers automatically and prevent man-in-the-middle attacks.

SVCB (Service Binding) record
A modern record that tells clients how to connect to a service efficiently.
Used to improve performance, support newer protocols, and prepare for future internet standards.

TLSA record
Used with DANE (DNS-based Authentication of Named Entities).
Allows a domain to specify which TLS/SSL certificate should be trusted, improving connection security.

URI record
Maps a domain name to a specific URI (URL, SIP address, etc.).
Rarely used, but useful for advanced service discovery.

6.2 Core Website & Networking Records

A record
 Points a domain name to an IPv4 address (for example, example.com → 192.0.2.1).
 This is the most basic record used to make a website load.

AAAA record
 Same as an A record, but points to an IPv6 address instead of IPv4.
 Used for newer internet addressing.

CNAME record
 Points one domain name to another domain name.
 Commonly used for www.example.com → example.com or third-party services.

NS (Name Server) record
 Defines which DNS servers are authoritative for the domain.
 These tell the internet where to look for your DNS settings.

6.3 Email-Related Records

MX (Mail Exchange) record
 Tell other mail servers where to deliver emails for your domain.
 Without this, you cannot receive emails.

SPF (TXT record)
 Defines which servers are allowed to send emails for your domain.
 Helps prevent email spoofing.

DKIM (TXT / DNSKEY-based)
 Adds a cryptographic signature to emails to prove they were not altered.
 Improves email trust and deliverability.

DMARC (TXT record)
 Tells receiving servers how to handle emails that fail SPF or DKIM checks.
 Helps stop phishing and spam.

6.4 Security & Certificate Records

CAA (Certificate Authority Authorization) record
 Specifies which certificate authorities are allowed to issue SSL certificates for your domain.
 Prevents unauthorized SSL certificates.

CERT record
 Stores certificates directly in DNS.
 Rarely used in modern setups.

DNSKEY record
 Used with DNSSEC to sign DNS data cryptographically.
 Ensures DNS responses are authentic and not tampered with.

DS (Delegation Signer) record
 Connects DNSSEC between parent and child zones.
 Essential for full DNSSEC validation.

HTTPS record
 A modern record that tells browsers how to connect securely using HTTPS.
 Helps improve performance and security automatically.

6.5 Service & Advanced Routing Records

SRV (Service) record
 Defines the location (host and port) of specific services such as VoIP, chat, or game servers.
 Used when services run on non-standard ports.

NAPTR record
 Used for complex service discovery and protocol translation.
 Common in telecom and VoIP systems.

LOC record
 Stores geographic location data for a domain.
 Rarely used in practice.

6.6 Encryption & Identity Records

OPENPGPKEY record
 Stores a public PGP key for a domain or email address.
 Used to encrypt emails.

6.7 Big Picture Summary

Each DNS record exists for one specific job—website access, email delivery, security, verification, or performance.
 Modern websites rely on many services, which is why they require multiple DNS records even for simple setups.

7.0 Why Do Websites Need So Many DNS Records?

In the early days of the internet, DNS was simple because a domain usually pointed to just one server that hosted a basic website. As websites evolved, they began to rely on many different services working together, which made DNS more complex.

Today, DNS is used not only to show your website but also to support many other functions. Website hosting needs DNS records to tell browsers where the site is located. Email sending and receiving require DNS records so mail servers know where to deliver messages. Spam prevention uses DNS records to verify that emails truly come from your domain and not from impostors.

Security validation relies on DNS to prove domain ownership for services like SSL certificates, which encrypt data and protect users. Content Delivery Networks (CDNs) use DNS to send visitors to the nearest and fastest server, improving speed and performance. Many websites also connect to third-party services such as analytics tools, payment gateways, or social media integrations, all of which depend on DNS records to work correctly.

Because each of these services has a different purpose, each one needs its own DNS record. When combined, these records make DNS configurations look complicated, but they are essential for modern websites to be secure, reliable, and fast.

8.0 A Simple Real-World DNS Setup Example

A simple real-world DNS setup already involves several records working together. An A record is used to point the main domain to the server where the website is hosted. A CNAME record is commonly added for the www version of the domain so it directs visitors to the same website.

For email, MX records tell other mail servers where to deliver incoming emails for the domain. To protect email from spam and abuse, additional records are needed. SPF specifies which servers are allowed to send emails on behalf of the domain, DKIM adds a digital signature to verify email authenticity, and DMARC defines how receiving servers should handle emails that fail these checks.

Because each record has a specific role, even a website that seems simple can easily require six to ten DNS records to function properly and securely.

 

9.0 What Happens When DNS Is Misconfigured?

When DNS is misconfigured, the services connected to a domain may stop working correctly. A website may fail to load because browsers cannot find the correct server. Emails can bounce back or end up in spam folders if mail servers cannot verify where the messages are coming from.

Incorrect DNS records can also cause SSL certificate errors, which may lead browsers to warn users that a website is not secure. In some cases, poor DNS settings can slow down a website by sending visitors to the wrong servers or preventing content from being delivered efficiently.

Because DNS controls how traffic is directed across the internet, many common website problems can be traced back to DNS misconfiguration.

10.0 DNS Propagation Explained

When DNS records are changed, the updates do not apply instantly worldwide. This delay is called DNS propagation.

Propagation can take anywhere from a few minutes to 48 hours, depending on cache settings and internet providers.

11.0 Conclusion

DNS is the foundation of everything that happens on the internet. While it may seem complex at first, each DNS record has a clear and specific role.

Understanding DNS gives you more control over your website, improves troubleshooting, and helps you avoid common issues with hosting and email.

Once you understand DNS, managing websites becomes far less mysterious and far more powerful.

Scroll to Top