Zones and Domains
Before setting up a zone, it is important to make a distinction between a zone and a domain. A domain is a generic label used to identify a resource (e.g., computer) on the Internet. A zone is a delegation of authority over a particular namespace. This delegation allows our name servers to be authoritative for that zone. In other words, it allows recursive name servers to receive an authoritative answer for a domain associated with your zone through our Route name servers.
A subdomain can be delegated to a different DNS service provider. For example, authority over "example.com" and "cdn.example.com" can be delegated to two different DNS service providers. However, this scenario requires that requests to "cdn.example.com" first be resolved by the name server that is authoritative for "example.com."
A recursive name server can cache the response provided by our authoritative name servers. The length of time for this cached response is determined by the time-to-live (TTL) defined for the corresponding record in your zone.
The following scenario provides a high-level overview on how a web browser's query is resolved. It assumes that a zone has been previously created and configured on our DNS service.
- A client uses a web browser to submit a request for "mydomain.com."
- The web browser forwards this DNS request to a recursive DNS server as defined by the client's network configuration.
- The recursive DNS server will check whether it is authoritative for the corresponding zone or if it previously has cached a response. If either of those conditions is true, it will provide an immediate response to the client.
- Otherwise, the recursive DNS server will forward the request to a root name server. A root name server has a list of name servers that are authoritative for each top-level domain (e.g., COM, ORG, INFO, etc.).
- The root name server will return the IP address of a name server that is authoritative for the requested domain's top-level domain (e.g., COM).
- The recursive DNS server will then forward the DNS query to top-level name servers. These name servers have a list of name servers that are authoritative for each second-level domain (e.g., mydomain.com) associated with that top-level domain.
- A top-level name server will then return the IP address of our authoritative name server.
- The recursive DNS server will then forward the DNS query to our authoritative name server.
- Our authoritative name server will provide an answer to the DNS query according to the records associated with your zone. For the purposes of this example, it will return the IP address defined in an A record.
- The recursive DNS server will then relay the authoritative name server's answer to the client's computer and oftentimes cache it for future requests for the length of time associated with the TTL.
- The client's user agent will then handle the request according to that answer.
The above scenario is illustrated below.
As previously mentioned, a name server is only authoritative for the zones associated with it. In the above example, the "mydomain.com" zone was delegated to our DNS service. In the following illustration, we will see how DNS is resolved when "us.mydomain.com" is delegated to our DNS service and the "mydomain.com" zone remains with a third-party DNS service provider.
It is important to note the following:
- An authoritative answer for a domain can only be provided by a name server that has authority over the corresponding zone. In the above example, "us.mydomain.com" has been delegated to our service. Although it is a subdomain of "mydomain.com," an authoritative answer can only be provided by our name servers. Likewise, an authoritative answer for "mydomain.com" can only be provided by the corresponding second-level name servers.
- Although authority over "us.mydomain.com" has been delegated to our service in this scenario, we are still reliant on a third-party second-level name server to provide our IP address to the recursive DNS server. If the third-party DNS service that owns those second-level name servers is unavailable or non-responsive, then the DNS query will be unable to reach our authoritative name servers. Therefore, we highly recommend that you delegate your second-level domain to our service by creating a zone for it and then point your domain to our name servers. This will lead to a faster response and avoid potential issues that may arise when a third-party DNS service is used.
Edgecast CDN