Managing your domain’s DNS records is an important part of running a website or web application. Properly configuring your DNS records helps ensure your domain resolves correctly, your site is accessible to visitors, and your email and other services work properly. While it may seem complicated at first, managing DNS records simply takes some understanding of what the different records do and how they work together.
What are DNS Records
DNS stands for Domain Name System. This system translates domain names that humans can understand, like example.com, to machine IP addresses like 192.168.1.1 that computers use to route traffic.
DNS records are entries that live on DNS servers that help direct traffic for your domain appropriately. Some common record types include:
- A Records – Map a domain name to an IPv4 address
- AAAA Records – Map a domain name to an IPv6 address
- CNAME Records – Map a domain name to another canonical domain name
- MX Records – Define mail servers for a domain
There are many other types of records as well, but these tend to be the most commonly used.
Checking Current DNS Records
Before making any changes, it’s always best to check what DNS records already exist for your domain. There are a few ways to check current records:
Via Registrar Account
Most domain name registrars provide control panels to manage domains. This normally includes a simple DNS record management interface:
Check this registrar interface for any existing records. Make note of important entries like mail servers, canonical name records, etc.
Online DNS Lookup Tools
Another option is to use online DNS lookup tools that query name servers in real time to show current record information. Some popular lookup tools include WhatsMyDNS and DNSLookup.
Dig Command Line Tool
Power DNS users can use the dig command in a Linux/Unix terminal to look for details records information. Dig provides full details about existing records configured for a given domain.
These options should provide you with information about existing DNS records for a domain.
Where Do DNS Records Get Managed?
Now that you have checked any existing records, where do you go to manage DNS configurations? There are a couple of common options:
At Your Domain Registrar
Most domain name registrars provide DNS hosting and management as part of the registration service. Registrars like GoDaddy, Namecheap, etc will have a control panel interface to add/remove/modify DNS records for domains.
This tends to be the default way DNS gets managed for simpler sites. The main downsides are less flexible advanced options, slower propagation of record changes globally, and possible reliability issues if the registrar has problems.
But for many basic site configurations, the default registrar DNS works fine.
With a Specialized DNS Provider
More advanced sites tend to use dedicated DNS hosting providers in addition to their registrar. Companies like Cloudflare, Amazon Route 53, and DNSMadeEasy specialize in providing managed DNS solutions.
The advantages of such providers include:
- Global high-performance DNS with faster propagation
- Advanced management options like DNS failover, geo-targeting, etc
- Often better reliability than registrars
- Integrations and API access
The additional configuration tradeoff is you need to manage DNS separately from your domain registration account.
If your site generates revenue, uses custom domains, or requires maximum uptime, a dedicated DNS provider is often a good choice. They usually either have a control panel like registrars for manual configuration, an API for automated DNS record management, or often both options.
On Your Own Servers
Organizations running their own servers will sometimes host DNS directly on infrastructure they control, like on Linux bind DNS server or Windows Server DNS. This gives maximum control and configurability for DNS resolution.
However hosting your own DNS infrastructure requires significant server and networking expertise related to properly configuring DNS servers, handling DNS security enhancements like DNSSEC, setting up secondary DNS, managing IP routing properly, etc.
Self-hosted DNS is typically only done by larger companies with available DNS administration resources.
Adding Important DNS Records
Once you know where you will manage your DNS records, some common entries to configure for any domain include:
The fundamental DNS records that map your root domain name and sub-domains to IPv4 and IPv6 addresses.
These should at minimum point your root domain and www sub-domain to web server IP addresses hosting your site:
example.com. 3600 IN A 192.168.1.100
www.example.com 3600 IN AAAA 2001:db8::1
For reliability, configure A/AAAA records on both IPv4 and IPv6 if available.
Helps direct traffic from one domain name to another canonical name. Often used to point root domain to www version:
example.com. 3600 IN CNAME www.example.com.
Or alternatively, CNAME www to the root:
www.example.com. 3600 IN CNAME example.com.
Use CNAMEs as aliases to ensure domain names resolve consistently.
Necessary to enable sending/receiving email for domains/email addresses. Point your domain to mail server IPs:
example.com. 3600 IN MX 10 mail.example.com.
Lower MX priority number = higher mail server priority.
Used to verify domain ownership and for various integrations. Often needed for security protections like DMARC, or for verifying site ownership to third parties like Google Search Console.
Advanced DNS Records
Once basic functionality is set with records like the above, there are a variety of more advanced entries that can customize and optimize DNS further:
Delegate DNS resolution for a domain to specific name servers. This allows moving DNS hosting completely to a third-party provider:
example.com 3600 IN NS ns1.mydnsprovider.com
example.com 3600 IN NS ns2.mydnsprovider.com
Define services running on specific ports at particular domains/servers, aiding discovery:
_imap._tcp.mailserver.example.com. 3600 IN SRV 0 0 143 mail.example.com.
helps client email programs find correct IMAP information.
Specifies which Certificate Authorities (CAs) can issue SSL certificates for a domain, improving security:
example.com. 3600 IN CAA 0 issue “letsencrypt.org”
Means only Let’s Encrypt CA can issue certs for the domain.
And many other records exist for specific purposes like geo DNS, mail, security, etc. The records above tend to handle the most common web hosting needs.
Propagating DNS Changes
After making updates in your DNS control panel or API, it takes time for changes to propagate globally across DNS servers worldwide. Propagation usually takes between 1-48 hours in most cases depending on a variety of factors.
Check the site What’s My DNS? again after 24-48 hours. The new records should be visible which means your changes have fully taken global effect.
For sites migrating DNS providers or making major infrastructure changes, the best practice is to reduce TTL timings to as low as 60 seconds for a week or so before migration, which helps speed up the propagation of pending record changes.
Troubleshooting DNS Issues
If after propagating DNS changes your site or email stops working, there are a couple of approaches to troubleshooting and fixing DNS issues:
Check Again For Typos
It can be easy to fat-finger a record value and not notice. Double and triple-check record values match docs from your infrastructure providers, especially name server (NS), IP address (A), and mail server (MX) records.
Use dig, nslookup, host Commands
These DNS query tools run at the terminal command line but provide interactive troubleshooting not relying on error-prone control panels. They can pinpoint mismatches between intended and actual DNS record values.
Trace Problems Down The Chain
Does the main domain resolve but not www? Do MX records show in tools but email down? Methodically check each link of the DNS chain.
Temporarily Fall Back To Old Provider
If a migrated DNS provider causing issues, you can temporarily point domains back to previous name servers using a registrar account to restore functionality while troubleshooting.
With some careful checking and troubleshooting steps, most DNS issues can be identified and fixed fairly quickly.
Like other infrastructure, DNS records can’t be completely “set and forget”. As servers get added/removed, services change, domains expire and other updates occur – DNS records will need occasional updates over time to keep pace.
But with a proper initial setup, and occasional check-ins to update records when making infrastructure changes, managing DNS records does not have to be burdensome. Just part of regular website maintenance!
Getting familiar with the various DNS record types, checking current records, knowing your management options, propagating changes properly and troubleshooting issues will go a long way in mastering DNS management for any domain.
While it may seem intimidating initially, DNS administration simply takes understanding the role and purpose of records, translating real-world infrastructure to matching DNS entries, and propagation patience. Set aside a little time to learn DNS, and you’ll remove a common website headache!