What is a Nameserver and what does a DNS entry do?

A nameserver's task is to assign a Uniform Resource Locator (URL) - commonly referred to as a web address or domain - to a fixed destination, usually an FTP or web server. Simply put, it is an instance in a database that is hierarchically organised and stores all necessary information in various Domain Nameserver categories (DNS entry). The primary function of a nameserver is to convert easily readable names (Fully Qualified Domain Name) composed of letters according to the Internet Protocol (IP) into a decimal or hexadecimal number. This allows encoding the address in binary machine language, enabling a computer (client) to identify the correct recipient (host) and establish a connection when requested.

What is a Nameserver?

In a narrower sense, the term nameserver refers to a program that waits for external requests for name resolution and responds to them based on the stored information. However, it is also commonly used as a general synonym for the hardware and in this context refers to a server that is part of the global network ensuring that domains are accessible worldwide. Nameservers store the information in plain text and are the first point of contact when a website is accessed, a process that occurs in the background and without direct user interaction, mostly passively utilised by end customers.

All major web hosting providers offer their customers their own nameservers where they can create or edit a DNS entry. They provide a secondary infrastructure essential for a website's accessibility. Web hosting providers usually create a DNS entry on the nameserver automatically, but with a dedicated server, a Virtual Private Server (VPS), or Cloud Server, there is often a subsequent manual configuration required or advisable. This is also the case when the webspace and domain come from different providers - users can often choose which of the two nameservers to use.

What Information Does a Nameserver Store?

The primary function of a Nameserver is to resolve addresses and redirect queries to the corresponding IPv4 address consisting of four decimal numbers or IPv6 address made up of eight hexadecimal numbers. Additionally, the Nameserver serves other purposes such as email delivery and sender verification. For each use, it utilises a distinct DNS record in a readable format. These records include:

• A Record: Points to an IPv4 address
• AAAA Record: Similar to an A Record, but stores an IPv6 address
• CNAME: Also known as an Alias, redirects from one domain to another
• ANAME: Similar to CNAME, but specific to the root of a domain
• MX: Indicates the mail server responsible for a domain
• NS: Additional nameservers responsible for the domain
• TXT: Customisable texts, often used by mail servers
• SPF: Sender Policy Framework helps detect spam and forged senders
• PTR: Pointer, enables a "Reverse Lookup" from an IP to a domain

All information on a Nameserver is publicly accessible, as its sole purpose is to provide other computers with the necessary data for establishing connections. However, they may also contain keys used for purposes such as asymmetric cryptography, aiding in securely identifying the sender of an email or the owner of a domain. Additionally, SSL certificate providers like Let's Encrypt utilise a unique TXT DNS record on the Nameserver to verify that an applicant has full control over the domain or server.

How can information be retrieved from a Nameserver?

Nameservers communicate unencrypted by default and do not require authentication because they only provide public information. The data stored on them can therefore be easily queried. In normal operation - such as accessing a website through a browser - the query for a nameserver's data always happens in the background and is cached for a certain period of time. Detailed information can also be viewed - for example, through online tools like MX Toolbox or through command lines like Microsoft Windows PowerShell or a Linux Terminal. Typically, a simple command is sufficient - for example, in PowerShell the command:

Get-DnsServerResourceRecord -ZoneName Example.com

It displays the timestamps for each DNS entry as well as the periods for which they are valid. Although this information is public, any changes always require unique identification, which can be done either through a web interface or direct access - for example, via an SSH account on the server.

How to configure a nameserver?

Nameservers follow a strictly hierarchical order - for example, when someone accesses the address example.com, they first query the Top Level Domain (TLD) .com. The response comes from a Root Nameserver, which operates at the top hierarchy and forwards the request for an exact match downwards. At the lowest level, the system allows setting up one's own nameserver on a virtual or dedicated server that manages all subdomains and directs clients to the appropriate instance.

Usually, configuration is done through a web interface in the customer account of a web hosting provider or domain provider, allowing each DNS entry to be modified individually. It must adhere to specific formal requirements, unless it is a TXT record, which is relatively free in its design and contains only optional notes. It can be used to store contact addresses, public keys, or to authorize websites to a third party.

In the majority of cases, it is not necessary to set up a DNS server on the command line - unless it operates on a dedicated server or VPS hosting, access is typically provided through higher-level instances, which are often directly provided by the web hosting provider. In some cases, such as with many web hosting packages, there is no direct access as the data is configured and managed by the provider.

If you want to learn more about Floating IPs, we recommend reading the current article on the topic.

Photo: Michael Schwarzenberger on Pixabay