Domain Name System (DNS) Fundamentals

DNS Record Types
DNS records are instructions stored in authoritative nameservers that tell the internet how to handle traffic for a domain. Here's the full breakdown:

The Most Important Records
A Record — the most fundamental record. Maps a domain name to an IPv4 address.
jamestarleton.com  →  A  →  123.1.2.3

AAAA Record — same as A but for IPv6 addresses.
jamestarleton.com  →  AAAA  →  2011:db8::1

CNAME (Canonical Name) — maps a domain alias to another domain name, not an IP. The lookup chain continues until an A record is found.
www.jamestarleton.com  →  CNAME  →  jamestarleton.com

Important rule: a CNAME cannot coexist with other records on the same name. You can't put a CNAME on a root/apex domain (jamestarleton.com) for this reason — use ALIAS or ANAME instead (CloudFlare/Cloudflare support these as extensions).

MX (Mail Exchange) — tells mail servers where to deliver email for a domain. Has a priority number — lower number = higher priority.
jamestarleton.com  →  MX  10  mail1.jamestarleton.com
jamestarleton.com  →  MX  20  mail2.jamestarleton.com

NS (Nameserver) — delegates a domain or subdomain to a specific nameserver. This is how CloudFlare takes over DNS authority for a domain.
jamestarleton.com  →  NS  →  a1-67.akam.net

TXT Record — stores arbitrary text. Used heavily for verification and security.
jamestarleton.com  →  TXT  →  "v=spf1 include:sendgrid.net ~all"

Security Records (TXT-based)

These all live inside TXT records but serve critical security functions:
SPF   →  Which mail servers are allowed to send email for this domain
DKIM  →  Cryptographic signature to verify email wasn't tampered with
DMARC →  Policy for what to do when SPF/DKIM fail (quarantine, reject, report)
Together SPF + DKIM + DMARC protect against email spoofing and phishing.

Other Record Types
SOA   →  Start of Authority. Metadata about the zone itself (serial, refresh, TTL defaults)
PTR   →  Reverse DNS. Maps an IP address back to a hostname. Used in email reputation
SRV   →  Service locator. Points to host + port for specific protocols (SIP, XMPP, etc)
CAA   →  Certificate Authority Authorization. Controls which CAs can issue SSL certs
TLSA  →  DANE. Pins a TLS certificate to a domain via DNS

Can DNS Do Redirects?

Directly — no. DNS does not speak HTTP, so it has no concept of 301 or 302 redirects. DNS only resolves names to IP addresses.

However there are patterns that achieve redirect-like behavior:

CNAME chaining — not a true redirect but points one domain to another:
old-domain.com  →  CNAME  →  new-domain.com
The browser still lands on old-domain.com in the address bar though — no URL change.
The real answer — DNS + a web server or CDN layer:
DNS resolves old-domain.com  →  IP of server or CDN
Server / CDN issues 301      →  https://new-domain.com
Browser follows redirect     →  new URL in address bar

This is exactly what CloudFlare does. You point your DNS at CloudFlare's edge, and CloudFlare's configuration handles the HTTP 301/302 redirect rules. The DNS just gets traffic to CloudFlare  — the redirect logic lives in the CDN config.

Priority / Importance Ranking
Rank  Record   Why
────────────────────────────────────────────────────
1     A / AAAA  Nothing works without this
2     NS        Delegates authority — wrong NS = domain is broken
3     MX        Email delivery
4     CNAME     Subdomains, CDN integration (www, cdn, api, etc)
5     TXT/SPF   Email security — missing this = your email goes to spam
6     DKIM      Email authentication
7     DMARC     Email policy enforcement
8     CAA       SSL cert issuance control
9     SOA       Zone integrity
10    PTR       Email reputation / reverse lookups
For a site like jamestarleton.com running on CloudFlare, the most critical records in practice are A/CNAME → CloudFlare edge IPs, NS → CloudFlare DNS, MX, and the SPF/DKIM/DMARC trio for email security.