Home › Glossary

DNS Glossary

Short, plain-English definitions of the DNS terms you'll bump into when troubleshooting propagation, mail authentication, or DNSSEC. Cross-linked with the WhereIsDNS lookup tools so you can move from definition to verification in one click.

• TTL (Time To Live) — What TTL means in DNS, how resolver caches use it, common values, and how to plan a DNS change around TTL.
• NXDOMAIN — What NXDOMAIN means in DNS, why you might see it, and how it differs from NODATA and SERVFAIL.
• GeoDNS — How GeoDNS returns different answers based on the resolver's location, and how to verify it's working as expected.
• Anycast — What anycast is, how anycast DNS resolvers work, and why 1.1.1.1 and 8.8.8.8 are everywhere.
• Recursive Resolver — The difference between recursive resolvers and authoritative nameservers, and why it matters for DNS troubleshooting.
• DNS Caching — How and where DNS records are cached, and why caching is the root cause of "DNS propagation" delays.
• DNS Zone — What a DNS zone is, how zones are delegated, and the role of the SOA record at the zone apex.
• DNSSEC — How DNSSEC adds cryptographic verification to DNS, the role of DNSKEY and DS records, and what "secure delegation" means.
• SPF — What SPF (Sender Policy Framework) is, how it's published as a TXT record, and how it interacts with DKIM and DMARC.
• DKIM — How DKIM cryptographically signs outgoing email, where the public key lives in DNS, and how to look it up.
• DMARC — How DMARC ties SPF and DKIM together, what "alignment" means, and how to read a DMARC policy record.