What is NS Record?
Also known as: Name Server Record
An NS (Name Server) record in DNS specifies the authoritative name servers for a domain, directing queries to the servers that hold the zone's resource records.
An NS record is a type of resource record in the Domain Name System (DNS) that delegates a zone to a set of authoritative name servers. It answers the question: which servers are responsible for answering queries about a particular domain or subdomain? Each NS record contains the hostname of an authoritative name server for the zone. For a zone to operate correctly, it must have at least one NS record at the zone apex (the root of the zone).
When a recursive resolver queries for a domain name, it starts at the DNS root servers, which return NS records pointing to the top-level domain (TLD) servers. The TLD servers then return NS records for the second-level domain, and so on, until the resolver reaches the authoritative name servers listed in the NS records for the target zone. Those authoritative servers then provide the actual answer, such as an A or AAAA record. NS records are critical for the delegation chain; without them, a domain would be unreachable.
NS records are typically configured at the domain registrar or DNS hosting provider. They can also be used within a zone to delegate subdomains to other name servers. For example, a zone example.com might have NS records for ns1.example.com and ns2.example.com, or for external servers like ns1.provider.net. The records are defined in RFC 1035 and are a fundamental building block of the DNS hierarchy, enabling distributed administration and fault tolerance through multiple authoritative servers.
Key facts
- NS records delegate a DNS zone to authoritative name servers.
- Every zone must have at least one NS record at its apex.
- NS records form the delegation chain from root to TLD to domain.
- They are defined in RFC 1035 and are type 2 in DNS wire format.
- Multiple NS records provide redundancy for zone availability.
How it works in practice
Related terms
References
More in DNS
A Record
A DNS resource record that maps a hostname to a 32-bit IPv4 address. It is the most fundamental record type for translating domain names to numeric addresses on the Internet.
AAAA Record
A DNS resource record that maps a hostname to a 128-bit IPv6 address, analogous to the A record for IPv4.
Authoritative DNS
An authoritative DNS server holds the definitive resource records for a specific domain and responds to queries with the final answer for that zone, not a cached copy.
CAA Record
A CAA (Certification Authority Authorization) DNS record lets domain owners specify which certificate authorities are permitted to issue SSL/TLS certificates for their domain.
CNAME Record
A DNS record that maps an alias hostname to the true or canonical hostname, allowing multiple names to resolve to the same IP address without duplicating A or AAAA records.
DNS
The Domain Name System (DNS) is a hierarchical, distributed naming system that translates human-readable domain names (like example.com) into IP addresses and other resource records used by internet protocols.
DNS Anycast
DNS Anycast uses one IP address served from multiple geographically distributed nameservers; queries are routed to the nearest or healthiest node, improving resilience and reducing latency.
DNS Caching
DNS caching stores resolved domain name query results for the specified TTL duration to avoid repeated queries to upstream authoritative servers.
DNS Hijacking
DNS hijacking is an attack or misconfiguration that returns forged DNS responses, causing users to connect to attacker-controlled hosts instead of the intended server.
DNSSEC
DNSSEC (DNS Security Extensions) add cryptographic digital signatures to DNS records, enabling resolvers to verify that responses have not been tampered with or spoofed.