Have you ever wondered how a domain name knows where to send visitors, emails, or online services? The answer lies in DNS records - the instructions that tell the internet how a domain should function. From connecting websites to servers and routing emails to verifying domain ownership, DNS records play a critical role in keeping online services running smoothly.
In this guide, IPFighter explains what DNS records are, how they work, the most important record types, and how to configure them correctly.
1. What are DNS records?
DNS records are configuration entries stored within a DNS zone that tell the Domain Name System how a domain should behave.
When someone enters a domain name into a browser, DNS records provide the instructions needed to route traffic to the correct destination. These records connect a domain to various internet services, including: Website hosting servers, email servers, Subdomains, etc. In simple terms, DNS records act as the rulebook that tells the internet where requests should go and how domain-related services should operate.
To understand DNS records more clearly, it is helpful to first learn “what is DNS” and how DNS translates domain names into machine-readable addresses.
Definition of DNS records
Discover more:
-
What is an IP Address? Everything you need to know
-
DNS leak: The silent threat to your online privacy
2. How do DNS records work?
The Domain Name System relies on DNS records to convert domain names into usable network information. The process typically works as follows:
-
User enters a domain name: A user types a website address such as example.com into their browser.
-
DNS resolver starts the lookup process: The resolver begins searching for the DNS records associated with the domain.
-
Authoritative DNS server returns DNS records: The authoritative DNS server responds with the appropriate DNS records that contain instructions about where the request should be sent.
-
User connects to the destination service: Using the information contained in the DNS records, the browser connects to the correct website, email server, or application.
In essence, DNS records function as instructions that tell internet services where traffic should go and how domain-related services should operate.
3. Common DNS record types explained
Many DNS record types exist, but a handful are responsible for most website and email configurations.
3.1. A and AAAA records
The A Record (Address Record) is the foundational cornerstone of all domain management. Its primary function is to map a host name directly to a specific 32-bit numeric address. To see how these classic numeric tags are structured across global hardware, check out our guide on what is ipv4 systems.
A record example setup:
-
Host/Name: @ (representing the root domain)
-
Type: A
-
Value/Points to: 192.0.2.1
-
TTL: 3600
As global network infrastructure evolves to accommodate billions of newly connected devices, systems are steadily transitioning to a more expansive, 128-bit address architecture. To learn how this massive, modern numbering standard scales web performance, explore our article on what is ipv6 frameworks. The AAAA Record (Quad-A Record) performs the exact same function as a standard A record, but maps a domain specifically to an IPv6 address.
AAAA record example setup:
-
Host/Name: @
-
Type: AAAA
-
Value/Points to: 2001:db8:85a3::8a2e:370:7334
In short, A and AAAA records are responsible for directing domain traffic to the correct server IP addresses.
3.2. CNAME record
A CNAME Record (Canonical Name Record) acts as a digital alias. Instead of mapping a name directly to a numeric destination, it maps a subdomain to another domain name.
This is incredibly useful when you rely on external cloud platforms, shopping carts, or landing page builders (like Shopify, HubSpot, or GitHub Pages). If your hosting provider needs to shift their server infrastructure to a new set of data addresses, you do not have to update your DNS records-the alias adapts automatically.
CNAME record example setup:
-
Host/Name: www
-
Type: CNAME
-
Value/Points to: example.com
This flexibility makes CNAME records one of the most commonly used DNS records for managing subdomains and third-party services.
3.3. MX record
An MX Record (Mail Exchanger Record) handles your inbound email traffic. It tells global mail servers which specific mail relays are authorized to accept incoming messages on behalf of your domain name.
Unlike basic routing records, an MX entry requires an additional parameter called a Priority value. This numeric integer tells external systems which mail server to contact first. The lower the priority number, the higher its execution preference.
MX record example setup:
-
Host/Name: @
-
Type: MX
-
Priority: 10
-
Value/Points to: mail.protonmail.ch
Because MX records determine where incoming emails are delivered, they are essential for ensuring reliable email communication and proper mail server routing.
Common DNS record types
3.4. TXT record
A TXT Record (Text Record) allows an administrator to store unformatted, human-readable text strings directly inside your DNS Zone file. While it does not route traffic by itself, it is heavily used to deploy advanced email security and authentication frameworks, including:
-
SPF (Sender Policy Framework): A text record that explicitly lists which specific IP addresses are permitted to send email out using your domain name, blocking unauthorized forgery.
-
DKIM (DomainKeys Identified Mail): Adds an advanced cryptographic signature to outbound mail headers, verifying that your messages were not altered or tampered with mid-transit.
-
DMARC (Domain-based Message Authentication): Uses text structures to instruct global recipient servers exactly how to handle incoming emails that fail basic SPF or DKIM validation checks.
TXT record example setup:
-
Host/Name: @
-
Type: TXT
-
Value/Points to: v=spf1 include:_spf.google.com ~all
As a result, TXT records play an important role in modern DNS management, particularly for security and domain verification purposes.
3.5. NS record
An NS Record (Name Server Record) dictates which specific authoritative DNS servers are trusted to hold and publish the actual, official DNS zone files for your domain name. If you want to move your domain management from your original registrar over to a premium optimization layer like Cloudflare, you must update your NS records to hand over routing control.
NS record example setup:
-
Host/Name: @
-
Type: NS
-
Value/Points to: ns1.cloudflare.com
In short, NS records determine which DNS servers are responsible for managing a domain's DNS configuration.
3.6. PTR record
A PTR Record (Pointer Record) functions as the exact inverse of an A or AAAA entry. Instead of resolving a domain name into a numeric address, a PTR record takes a numeric IP address and resolves it back into its official, matching domain name. This reverse DNS lookup mechanism is heavily used by security firewalls and anti-spam systems to verify that an outbound email server is genuinely who it claims to be.
3.7. CAA records
A CAA record (Certification Authority Authorization) is a specialized security entry that lets domain owners declare exactly which specific Certificate Authorities (such as Let's Encrypt, DigiCert, or Comodo) are legally permitted to issue SSL/TLS certificates for their domain name. This blocks attackers from sneakily acquiring fraudulent security certificates to launch spoofed versions of your platform.
3.8. SOA records
An SOA record (Start of Authority) contains foundational administrative metadata regarding your specific DNS Zone. It lists the primary master name server, the direct contact email of the domain administrator, the domain's unique serial number (which updates every time changes are made), and specific refresh timings that dictate how secondary backup DNS servers should synchronize their data records.
4. What is TTL in DNS records?
When working with DNS records, you will often encounter a setting called TTL (Time To Live). TTL specifies how long DNS resolvers and intermediate servers are allowed to cache a DNS record before requesting an updated version from the authoritative DNS server. TTL values are typically measured in seconds. For example, if a DNS record has a TTL of 3600 seconds, DNS servers may continue using the cached version of that record for up to one hour before checking for updates.
In practical terms, TTL affects how quickly DNS changes propagate across the internet. If you update an A record, MX record, or CNAME record, the change may not become visible immediately because other DNS servers may still be using cached information until the TTL expires.
As a result, DNS updates can take anywhere from a few minutes to several hours before they are reflected worldwide, depending on the TTL value and the caching behavior of different DNS providers.
What is TTL in DNS records
Once you update a record, the changes do not display across the global web instantly. Intermediate internet routers worldwide must wait for their existing cached values to expire based on their original TTL limits. While many updates complete in just a few minutes, full global replication can sometimes take anywhere from 2 to 24 hours to finalize.
5. When do you need DNS records?
Most people do not interact with DNS records on a daily basis. However, whenever you need to connect a domain to a website, configure email services, or verify domain ownership, DNS records become essential.
Some of the most common situations where you may need to configure DNS records include:
-
Connect a domain to a website: When launching a new website or moving to a different hosting provider, you'll typically need to update A or AAAA records to point your domain to the correct server.
-
Set up business email services: Platforms such as Google Workspace and Microsoft 365 require MX records so incoming emails can be delivered to the correct mail servers.
-
Create subdomains: If you want to use addresses such as blog.example.com, shop.example.com, or api.example.com, you'll often need to configure CNAME or A records.
-
Verify domain ownership: Many services, including Google, Microsoft, Cloudflare, and various SaaS platforms, ask users to add TXT records to prove ownership of a domain.
-
Improve email security: DNS records such as SPF, DKIM, and DMARC help protect domains against spoofing, phishing attacks, and unauthorized email usage.
Understanding these common use cases makes it much easier to see why DNS records are a critical part of managing websites, email systems, and online services.
When do you need DNS records
Read more:
-
What is WebRTC? Exploring its architecture, use cases, and benefits
-
How to flush DNS on Windows, Mac, and Linux in simple steps
6. Conclusion
DNS records are the foundation that allows domains, websites, email services, and online applications to function correctly. Records such as A, AAAA, CNAME, MX, TXT, and NS handle most of the critical routing and communication tasks behind the scenes.
Understanding how DNS records work makes it easier to manage websites, troubleshoot configuration issues, and deploy online services successfully. After making DNS changes, always verify your records to ensure everything is configured correctly and operating as expected.
7. FAQ
What are DNS records?
DNS records are configuration entries stored in DNS servers that tell the internet how a domain should route traffic and connect to various services.
What is the difference between A and AAAA records?
An A record maps a domain to an IPv4 address, while an AAAA record maps a domain to an IPv6 address.
What does a CNAME record do?
A CNAME record points one domain or subdomain to another domain name rather than directly to an IP address.
What is an MX record used for?
MX records specify which mail servers should receive email for a domain.
What is a TXT record?
TXT records store text information in DNS and are commonly used for verification, SPF, DKIM, and DMARC configurations.
How long does DNS propagation take?
Most DNS changes propagate within minutes to a few hours, although some updates can take up to 24-48 hours.
Can I have multiple DNS records for the same domain?
Yes. A domain can have multiple DNS records of different types and, in some cases, multiple records of the same type.
How do I check DNS records?
You can use DNS lookup tools, command-line utilities such as nslookup or dig, or online DNS checkers to view current DNS records.
Read more
DNS records - The ultimate blueprint for website & email routing
DNS leak: The silent threat to your online privacy
What is a virtual IP? Understanding VIPs in networking
How to warm up IP address: Why new IPs need reputation building
What is an ASN lookup? How to track autonomous system numbers
IP whitelisting: The gatekeeper of network security