DeployBaseDeployBase
ProductPricingBlogDocsContact
Light mode
Sign inStart free
Tutorials

DNS Management for Beginners: How to Configure Domain Records for Your Website

Muhammad SaadMay 10, 20269 min read
DNS Management for Beginners: How to Configure Domain Records for Your Website

Understanding DNS management is one of those skills that separates confident website owners from those who panic every time they need to point a domain, set up email, or migrate to a new host. DNS — the Domain Name System — is the internet's phone book, translating human-readable domain names into the IP addresses servers actually use. Get your DNS wrong and your website disappears. Get it right and everything just works.

This guide covers everything you need to know about DNS management, from basic concepts to practical configuration steps.

How DNS Works: The 30-Second Version

When someone types yourdomain.com into their browser, here's what happens:

  1. Browser asks a DNS resolver: "What's the IP address for yourdomain.com?"
  2. The resolver checks its cache. If empty, it asks the root nameservers.
  3. Root nameservers direct to the .com TLD servers.
  4. TLD servers point to your domain's authoritative nameservers.
  5. Your nameservers return the IP address from your DNS records.
  6. Browser connects to that IP address and loads your site.

All of this happens in milliseconds. Your DNS records control step 5 — they tell the world where to find your website, email server, and other services.

Essential DNS Record Types for DNS Management

A Record (Address)

The most fundamental record. It maps your domain directly to an IPv4 address.

Type: A
Name: @  (or yourdomain.com)
Value: 203.0.113.50
TTL: 3600

This tells DNS resolvers: "When someone asks for yourdomain.com, send them to IP 203.0.113.50."

You'll also want an A record for www:

Type: A
Name: www
Value: 203.0.113.50
TTL: 3600

AAAA Record (IPv6 Address)

Same as an A record but for IPv6 addresses. As IPv6 adoption grows, having AAAA records ensures your site is accessible to IPv6-only networks.

Type: AAAA
Name: @
Value: 2001:db8::1
TTL: 3600

CNAME Record (Canonical Name)

A CNAME creates an alias from one domain name to another. It's commonly used for subdomains.

Type: CNAME
Name: blog
Value: yourdomain.com
TTL: 3600

This means blog.yourdomain.com resolves to wherever yourdomain.com points. If you change your A record, the CNAME follows automatically.

Important rule: You cannot set a CNAME on your root domain (@). It must be on a subdomain.

Common CNAME uses:

  • wwwyourdomain.com (alternative to a second A record)
  • cdnd1234.cloudfront.net (CDN configuration)
  • mailghs.google.com (Google Workspace)

MX Record (Mail Exchange)

MX records tell the internet where to deliver email for your domain. Without correct MX records, email to you@yourdomain.com goes nowhere.

Type: MX
Name: @
Value: mail.yourdomain.com
Priority: 10
TTL: 3600

For Google Workspace:

Priority 1:  ASPMX.L.GOOGLE.COM
Priority 5:  ALT1.ASPMX.L.GOOGLE.COM
Priority 5:  ALT2.ASPMX.L.GOOGLE.COM
Priority 10: ALT3.ASPMX.L.GOOGLE.COM
Priority 10: ALT4.ASPMX.L.GOOGLE.COM

Lower priority numbers are tried first. Multiple MX records provide failover — if the primary server is down, mail routes to the backup.

TXT Record (Text)

TXT records store text data for various purposes. The most common uses are email authentication and domain verification.

Type: TXT
Name: @
Value: "v=spf1 include:_spf.google.com ~all"
TTL: 3600

Common TXT records you'll encounter:

  • SPF — Specifies which servers can send email on behalf of your domain. Critical for email deliverability.
  • DKIM — A cryptographic signature verifying emails are legitimate.
  • DMARC — Policy telling receiving servers how to handle emails that fail SPF/DKIM checks.
  • Domain verification — Google, Microsoft, and other services ask you to add a TXT record to prove you own the domain.

NS Record (Nameserver)

NS records define which nameservers are authoritative for your domain. You typically set these at your domain registrar, not in your DNS panel.

Type: NS
Name: @
Value: ns1.yourhost.com
TTL: 86400

When you change nameservers (like pointing to Cloudflare), you're updating these records at the registrar level.

Step-by-Step DNS Management for Common Scenarios

Pointing a Domain to Your VPS

This is the most common DNS task. You've bought a domain and need it to load your website on a VPS:

  1. Log into your DNS provider (registrar or Cloudflare)
  2. Add an A record: @ → YOUR_VPS_IP
  3. Add an A record: www → YOUR_VPS_IP
  4. Wait for propagation (usually 5-60 minutes, up to 48 hours)
  5. Verify with: dig yourdomain.com +short

If you're deploying a Laravel application on your VPS, get the DNS pointing correctly first so you can set up SSL certificates.

Setting Up Email with Your Domain

Professional email (you@yourdomain.com) requires MX records pointing to your email provider:

  1. Add the MX records your email provider specifies
  2. Add SPF TXT record to prevent your emails from landing in spam
  3. Add DKIM TXT record for email authentication
  4. Add DMARC TXT record for email policy
  5. Test at mail-tester.com to verify everything works

Skipping SPF, DKIM, or DMARC means your emails will likely go to spam. All three are essential for DNS management of email.

Configuring a CDN (Cloudflare)

Using Cloudflare as a CDN/proxy involves changing your nameservers:

  1. Sign up at Cloudflare and add your domain
  2. Cloudflare imports your existing DNS records
  3. Update your domain's nameservers at your registrar to Cloudflare's
  4. Wait for nameserver propagation (up to 24 hours)
  5. Configure SSL mode and caching rules in Cloudflare

Setting Up Subdomains

Creating a subdomain like api.yourdomain.com or staging.yourdomain.com requires adding DNS records:

Type: A
Name: api
Value: 198.51.100.25
TTL: 3600

This is particularly useful when you need a staging environment on a separate server for testing before production deployment.

DNS Propagation: Why Changes Aren't Instant

When you change a DNS record, the update doesn't reach every DNS resolver in the world immediately. Resolvers cache records based on the TTL (Time to Live) value.

TTL explained:

  • TTL of 3600 = resolvers cache for 1 hour
  • TTL of 86400 = resolvers cache for 24 hours
  • TTL of 300 = resolvers cache for 5 minutes

Pro tip for migrations: Lower your TTL to 300 seconds at least 24 hours before making changes. This ensures that when you switch the record, the old cached value expires quickly. After the change is stable, raise TTL back to 3600 or higher.

Check propagation status at dnschecker.org — it shows whether your DNS changes have reached resolvers in different countries.

Common DNS Management Mistakes

Forgetting the www record. Adding an A record for @ but not for www means www.yourdomain.com doesn't resolve. Always configure both.

Setting a CNAME on the root domain. The DNS specification prohibits CNAME records on the apex domain (@). Some providers offer workarounds (ALIAS or ANAME records), but standard CNAME won't work here.

Using your registrar's default DNS. Registrar DNS is often basic and slow. Consider using Cloudflare (free), AWS Route 53, or your hosting provider's DNS for better performance and features.

Not setting up email authentication. MX records alone aren't enough. Without SPF, DKIM, and DMARC, your emails will end up in spam folders. This is the most overlooked aspect of DNS management.

Extremely high TTLs during setup. Setting TTL to 86400 (24 hours) while still configuring means every mistake takes a full day to clear from caches. Use 300-600 during initial setup, then increase once stable.

Deleting old records before verifying new ones. When migrating, add new records first, verify they work, then remove old ones. Deleting first creates downtime. If you're planning to scale your infrastructure across multiple servers, careful DNS planning prevents service interruptions.

DNS Debugging Commands

When DNS isn't working, these commands help diagnose the problem:

# Check what IP your domain resolves to
dig yourdomain.com +short

# Check specific record types
dig yourdomain.com MX
dig yourdomain.com TXT
dig yourdomain.com NS

# Check a specific DNS resolver
dig @8.8.8.8 yourdomain.com

# Trace the full DNS resolution path
dig yourdomain.com +trace

# Quick lookup (simpler output)
nslookup yourdomain.com

If dig returns the wrong IP, check your DNS records. If it returns nothing, your domain may not be resolving at all — verify nameserver configuration at your registrar.

DNS Security Best Practices

Enable DNSSEC if your registrar and DNS provider support it. DNSSEC adds cryptographic signatures to DNS responses, preventing attackers from redirecting your domain to malicious servers.

Use a reputable DNS provider. Your DNS provider's infrastructure directly affects your site's availability. If their DNS servers go down, your website becomes unreachable regardless of whether your server is running.

Lock your domain. Enable registrar lock (also called transfer lock) to prevent unauthorized domain transfers. This is a basic security measure that every domain should have enabled.

Monitor DNS changes. Set up alerts for any modifications to your DNS records. Unauthorized changes could indicate a compromised account.

FAQ

How long does DNS propagation take?

DNS propagation typically takes 5 minutes to 48 hours, depending on TTL values and resolver cache behavior. Most changes propagate within 1-2 hours. Lowering TTL before making changes speeds up propagation.

Can I use different DNS for different subdomains?

Not directly. All subdomains under your domain use the same authoritative nameservers. However, you can delegate specific subdomains to different nameservers using NS records, which is common for large organizations.

What happens if my DNS provider goes down?

If your DNS provider experiences an outage, your domain stops resolving and your website becomes unreachable. This is why using a reliable DNS provider with redundant infrastructure is critical. Cloudflare's free tier offers enterprise-grade DNS reliability.

Do I need to change DNS when switching hosting providers?

Yes, if your new host has a different IP address. Update your A record to point to the new server's IP. If you're using Cloudflare, you only need to change the A record in Cloudflare's dashboard — no nameserver changes needed.

Build on Solid DNS Foundations with DeployBase

Proper DNS management is the invisible foundation of every successful website. Without correct records, even the fastest server and most beautiful website are unreachable.

At DeployBase, we provide clear documentation and hands-on support for DNS configuration with every VPS plan. Our team helps you set up domains, configure email records, and troubleshoot DNS issues — included with plans starting at $5/month. NVMe SSD storage, dedicated resources, and 24/7 support.

Get your VPS at DeployBase → — hosting that makes DNS management simple.

Share this article

TwitterLinkedIn
Muhammad Saad

Muhammad Saad

DeployBase Team

Explore DeployBase

Related features and resources for this topic

Domain Management

Connect custom domains with auto-SSL

All Features

Everything you need to host your site

View Pricing

Simple, transparent pricing

Related Articles

How to Migrate Your WordPress Site to a New Host Without Downtime

How to Migrate Your WordPress Site to a New Host Without Downtime

May 10, 2026

How to Dockerize Your Web Application: A Beginner's Production Guide

How to Dockerize Your Web Application: A Beginner's Production Guide

May 10, 2026

PHP Performance Tuning: Speed Up Your Web Application on a VPS

PHP Performance Tuning: Speed Up Your Web Application on a VPS

May 10, 2026

Ready to Get Started?

Join thousands of developers who trust DeployBase for their hosting needs.

View PlansRead Docs