DNS Record Types¶
A quick reference for common DNS record types and when to use them.
Essential Records¶
A Record (Address)¶
Maps a domain name to an IPv4 address.
Use for: Pointing your domain to a web server
AAAA Record (IPv6 Address)¶
Maps a domain name to an IPv6 address.
Use for: Pointing your domain to an IPv6-enabled server
CNAME Record (Canonical Name)¶
Creates an alias pointing to another domain name.
Use for:
- Pointing subdomains to external services
- Creating aliases for your domain
Important: Cannot be used on the root domain (apex) - use A record instead.
MX Record (Mail Exchange)¶
Specifies which mail servers receive email for the domain.
The number is the priority (lower = higher priority).
Use for: Setting up email delivery
TXT Record (Text)¶
Stores text data, commonly used for verification and email authentication.
example.com. TXT "v=spf1 include:_spf.google.com ~all"
example.com. TXT "google-site-verification=abc123..."
Use for:
- SPF records (email authentication)
- DKIM keys (email signing)
- DMARC policies
- Domain verification for services
Email Authentication Records¶
SPF (via TXT)¶
Specifies which servers can send email for your domain.
DKIM (via TXT)¶
Contains the public key for verifying email signatures.
DMARC (via TXT)¶
Tells receiving servers what to do with emails that fail SPF/DKIM.
Other Useful Records¶
NS Record (Name Server)¶
Specifies the authoritative name servers for the domain.
Use for: Delegating DNS to a hosting provider
PTR Record (Pointer)¶
Reverse DNS - maps an IP address to a domain name.
Use for: Email server verification (must be set by your hosting provider)
SRV Record (Service)¶
Specifies the location of services like SIP, XMPP, or LDAP.
Format: priority weight port target
Use for: VoIP, chat servers, Microsoft 365 autodiscover
CAA Record (Certificate Authority Authorization)¶
Specifies which certificate authorities can issue SSL certificates.
Use for: Improving SSL security
Quick Reference Table¶
| Record | Purpose | Example Value |
|---|---|---|
| A | Domain → IPv4 | 203.0.113.50 |
| AAAA | Domain → IPv6 | 2001:db8::1 |
| CNAME | Alias → another domain | example.com. |
| MX | Mail server | 10 mail.example.com. |
| TXT | Text data (SPF, DKIM, etc.) | "v=spf1 ..." |
| NS | Name servers | ns1.hosting.com. |
| PTR | IP → domain (reverse DNS) | mail.example.com. |
| SRV | Service location | 10 5 5060 server.example.com. |
| CAA | SSL certificate authority | 0 issue "letsencrypt.org" |
TTL (Time to Live)¶
Every DNS record has a TTL value (in seconds) that controls how long it's cached.
| TTL | Duration | Use Case |
|---|---|---|
| 300 | 5 minutes | During migrations or changes |
| 3600 | 1 hour | Standard for most records |
| 86400 | 24 hours | Stable records that rarely change |
Tip: Lower your TTL before making DNS changes, then raise it again after.
Common Mistakes¶
- CNAME on root domain - Use A record instead
- Missing trailing dot - Some DNS providers need
example.com.(with dot) - Conflicting records - Can't have CNAME alongside other records for the same name
- Wrong MX priority - Lower number = higher priority
- Forgetting quotes on TXT - TXT values should be quoted