[hayst4ck]

As for A records... A records are an indirect reference, specifically a domain name is an indirect reference for an IP address. A DNS server is responsible for providing an IP address when asked to de-reference a domain name when it receives an A record request.

You are probably used to seeing a DNS server that uses a simple text file basically as a database, but there is no reason the DNS server couldn't pull the sender IP out of the UDP packet it receives and then query a mysql server with a table of {sender_ip, domain_to_look_up, a_record_response} to choose the right response.

Said more simply: A DNS server can do anything it likes so long as it sends back a well formed A record response.

Sometimes if you want to block a website, you can do DNS blackholing. That means you resolve a domain you don't like to 127.0.0.1. If someone were to request evil.com, you could make it so people who use your DNS server think it's at 127.0.0.1 while everyone else who doesn't use your webserver sees it at it's proper internet wide ip address.