All Guides
Technical14 min readIntermediate

DNS Basics: Understanding Domain Configuration

Learn the fundamentals of DNS and how to configure your domain's DNS records correctly.

Key Steps in This Guide

  1. 1Understand how DNS translates domains to IP addresses
  2. 2Learn the main record types: A, CNAME, MX, TXT
  3. 3Configure A records to point domain to web server
  4. 4Set up MX records for professional email
  5. 5Add TXT records for email authentication (SPF, DKIM, DMARC)
  6. 6Monitor propagation and troubleshoot issues

What is DNS?

DNS (Domain Name System) is often called the "phonebook of the internet." It translates human-readable domain names (like google.com) into IP addresses (like 142.250.191.46) that computers use to identify each other.

Without DNS: You'd have to type 142.250.191.46 to visit Google. Imagine remembering that for every website.

With DNS: Type google.com and DNS handles the translation automatically.

How DNS Works (Simplified):

  1. You type a domain in your browser (example.com)
  2. Your device asks DNS "What's the IP for example.com?"
  3. DNS server responds with the IP address
  4. Browser connects to that IP and loads the website

This happens in milliseconds, every time you visit any website.

Why DNS Matters for You:

As a domain owner, you control DNS records. This determines:

  • Where your website is hosted
  • Where your email is delivered
  • How services verify your domain ownership
  • Security and authentication settings

DNS Record Types Explained

A Record (Address Record)

What it does: Points your domain to an IPv4 address Use case: Connecting your domain to your web server

Example:

Type: A
Host: @
Value: 192.168.1.1
TTL: 3600

Breaking it down:

  • Host: @ = root domain (example.com)
  • Value = IP address of your web server
  • TTL = Time to live (how long to cache)

Common Configurations:

Root domain to web server:

@ → 192.168.1.1

Subdomain to different server:

blog → 192.168.1.2

AAAA Record (IPv6)

What it does: Points your domain to an IPv6 address Use case: Modern IPv6 connectivity

Example:

Type: AAAA
Host: @
Value: 2001:0db8:85a3:0000:0000:8a2e:0370:7334

Note: Not all services require IPv6. If your host doesn't provide one, you can skip this.

CNAME Record (Canonical Name)

What it does: Creates an alias that points to another domain Use case: Subdomains, www handling, third-party services

Example:

Type: CNAME
Host: www
Value: example.com

This means: When someone visits www.example.com, DNS resolves it to example.com first, then gets the A record.

Common Uses:

WWW to root:

www → example.com

Service subdomain:

mail → ghs.googlehosted.com
blog → mycompany.ghost.io

Important Limitation: You cannot have a CNAME at the root (@) level. Use A records for root domains.

MX Record (Mail Exchange)

What it does: Directs email to your mail servers Use case: Setting up professional email (Google Workspace, Microsoft 365)

Example (Google Workspace):

Type: MX
Priority: 1
Value: ASPMX.L.GOOGLE.COM

Type: MX
Priority: 5
Value: ALT1.ASPMX.L.GOOGLE.COM

Type: MX
Priority: 5
Value: ALT2.ASPMX.L.GOOGLE.COM

Understanding Priority:

  • Lower number = higher priority
  • Priority 1 is tried first
  • If it fails, move to Priority 5
  • Provides redundancy

Common MX Configurations:

ProviderMX RecordPriority
Google WorkspaceASPMX.L.GOOGLE.COM1
Microsoft 365domain.mail.protection.outlook.com0
Zoho Mailmx.zoho.com10
ProtonMailmail.protonmail.ch10

TXT Record (Text)

What it does: Stores text information for various purposes Use case: Domain verification, email authentication, security

Example (SPF):

Type: TXT
Host: @
Value: v=spf1 include:_spf.google.com ~all

Common TXT Uses:

Domain Verification: Services like Google, Microsoft, and Mailchimp verify you own a domain:

@ → google-site-verification=abc123xyz

SPF (Email Authentication): Lists authorized email senders:

@ → v=spf1 include:_spf.google.com ~all

DKIM (Email Signing): Adds cryptographic verification:

google._domainkey → v=DKIM1; k=rsa; p=MIIBIj...

DMARC (Email Policy): Tells receivers how to handle failures:

_dmarc → v=DMARC1; p=none; rua=mailto:dmarc@example.com

NS Record (Nameserver)

What it does: Specifies which servers handle DNS for your domain Use case: Delegating DNS to specific providers

Example:

Type: NS
Host: @
Value: ns1.registrar.com

Type: NS
Host: @
Value: ns2.registrar.com

When you change nameservers:

  • All DNS management moves to new provider
  • Records at old provider are ignored
  • Takes 24-48 hours to fully propagate

SRV Record (Service)

What it does: Specifies location of specific services Use case: VoIP, messaging protocols, Microsoft 365 discovery

Example (Microsoft 365):

Type: SRV
Service: _sip
Protocol: _tls
Priority: 100
Weight: 1
Port: 443
Target: sipdir.online.lync.com

Note: Most users don't need to manually configure SRV records. They're typically provided by specific services.

Common DNS Tasks

Task 1: Point Domain to Web Host

Using A Record:

  1. Get your web host's IP address
  2. Create A record: @ → IP address
  3. Create A record: www → IP address (or CNAME: www → yourdomain.com)

Using Nameservers:

  1. Get nameservers from your host
  2. Update nameservers at your registrar
  3. Wait for propagation

Task 2: Set Up Professional Email

For Google Workspace:

  1. Add MX records (provided by Google)
  2. Add SPF TXT record: v=spf1 include:_spf.google.com ~all
  3. Add DKIM TXT record (generated in Google Admin)
  4. Add DMARC TXT record: v=DMARC1; p=none; rua=mailto:you@domain.com

Task 3: Verify Domain Ownership

When a service needs to verify you own a domain:

  1. Service provides a verification code
  2. Add as TXT record at @ or specific host
  3. Click "Verify" in the service
  4. Can usually delete after verification

Task 4: Add Subdomain

For different IP (blog.example.com → different server):

Type: A
Host: blog
Value: 192.168.1.100

For external service (blog.example.com → Ghost):

Type: CNAME
Host: blog
Value: yoursite.ghost.io

Understanding TTL

TTL (Time to Live) controls how long DNS records are cached.

Common Values:

  • 300 (5 minutes) - For records that change often
  • 3600 (1 hour) - Standard default
  • 86400 (24 hours) - For stable records

When to Use Low TTL:

  • Planning DNS changes
  • Migration between hosts
  • Testing new configurations

When to Use High TTL:

  • Stable, unchanging records
  • Better performance (fewer lookups)

Pro Tip for Changes:

Before making DNS changes:

  1. Lower TTL to 300 (5 min) 24 hours ahead
  2. Make your changes
  3. Wait for propagation
  4. Raise TTL back to 3600+ after stable

DNS Propagation

When you change DNS records, the changes don't take effect instantly everywhere.

What Happens:

  1. You update a record
  2. Your registrar's nameservers have the new value
  3. Other DNS servers have the old value cached
  4. As caches expire (based on TTL), they fetch new values
  5. Eventually all servers have updated data

Typical Propagation Times:

  • Most locations: 15 minutes to 4 hours
  • Some locations: Up to 24 hours
  • Full global: Up to 48 hours

Checking Propagation:

  • whatsmydns.net - Check from multiple locations
  • dnschecker.org - Similar multi-location check
  • dig command - Technical tool for DNS queries

Best Practices

Security:

  1. Use DNSSEC if available (adds cryptographic security)
  2. Enable 2FA on your registrar account
  3. Use domain lock to prevent unauthorized transfers
  4. Monitor for unauthorized changes

Performance:

  1. Use appropriate TTL (not too short, not too long)
  2. Consider a DNS provider with global network (Cloudflare, Route53)
  3. Minimize record count (cleaner is faster)

Organization:

  1. Document your records (screenshot or spreadsheet)
  2. Note why each record exists
  3. Remove unused records regularly
  4. Test after changes

Troubleshooting DNS Issues

Website Not Loading After DNS Change:

  1. Check propagation - Has it spread to your location?
  2. Flush local DNS cache - Clear your computer's cache
  3. Verify record - Is the IP correct?
  4. Check nameservers - Are they pointing where you expect?

Email Not Working:

  1. Verify MX records - Priority and values correct?
  2. Check SPF record - Is your email service included?
  3. Test delivery - Send from another account
  4. Check spam - Deliverability can be affected by missing records

Subdomain Not Resolving:

  1. Verify record exists - Is the host name correct?
  2. Check for typos - Host and value both matter
  3. Wait for propagation - New records take time
  4. Test with dig - Get authoritative answer

Frequently Asked Questions

How long do DNS changes take to work?

Most changes propagate within 15 minutes to 4 hours, though full global propagation can take up to 48 hours. The TTL (Time to Live) of the existing record affects this—lower TTL means faster propagation.

What's the difference between A record and CNAME?

A records point directly to an IP address, while CNAME records point to another domain name (alias). Use A records for your root domain and CNAME for subdomains pointing to external services. You cannot use CNAME at the root level.

Do I need to configure DNS if I use my registrar's nameservers?

Yes, you still need to add records at your registrar. Nameservers determine where DNS is managed, but you still need to create A, CNAME, MX, and other records regardless of which nameservers you use.

Why isn't my email working after adding MX records?

Common issues include: incorrect priority values, typos in MX values, missing SPF/DKIM records causing deliverability issues, or propagation still in progress. Verify all records and wait 1-4 hours for propagation.

More Guides

Buying

How to Buy a Domain Name: Complete Step-by-Step Guide

Managing

How to Transfer a Domain to Another Registrar

Selling

How to Value a Domain Name: Pricing Guide

Ready to Find Your Domain?

Use our tools to generate and check domain availability.

Domain Generator