Every time someone types your website address into their browser, a behind-the-scenes system called DNS (Domain Name System) translates that human-readable address into a server IP address. Understanding DNS is essential for anyone who owns a website — it affects your site's availability, email delivery, and even security.
Don't worry if DNS sounds intimidating. By the end of this guide, you'll understand the key concepts and be confident enough to manage your own DNS records.
What Is DNS and How Does It Work?
DNS is essentially the internet's phone book. Just like you look up a contact name to find their phone number, DNS converts domain names (like example.com) into IP addresses (like 192.168.1.1) that computers use to locate each other.
Here's what happens when someone visits your website:
- User types
yourdomain.comin their browser - Browser asks the local DNS resolver (usually your ISP) for the IP address
- Resolver checks its cache — if it has a recent answer, it returns it immediately
- If not cached, the resolver queries root servers → TLD servers → your authoritative nameserver
- Your nameserver responds with the correct IP address
- Browser connects to that IP and loads your website
This entire process typically takes 20-120 milliseconds. Impressive for a system that handles billions of queries daily.
Essential DNS Record Types
A Record (Address Record)
The most fundamental DNS record. It points your domain to an IPv4 address.
Type: A
Name: @ (represents yourdomain.com)
Value: 203.0.113.50 (your server's IP address)
TTL: 3600 (cache for 1 hour)
When to use: Pointing your domain or subdomain to a specific server IP.
AAAA Record (IPv6 Address)
Same as an A record but for IPv6 addresses. As IPv6 adoption grows, having AAAA records becomes increasingly important.
Type: AAAA
Name: @
Value: 2001:0db8:85a3:0000:0000:8a2e:0370:7334
TTL: 3600
CNAME Record (Canonical Name)
Points one domain name to another domain name. Think of it as an alias.
Type: CNAME
Name: www
Value: yourdomain.com
TTL: 3600
This means www.yourdomain.com will resolve to whatever IP yourdomain.com points to.
Important rules:
- You cannot use a CNAME on the root domain (
@) — only on subdomains - A CNAME cannot coexist with other record types for the same name
Common use: Pointing www to your root domain, or pointing subdomains to third-party services (like blog.yourdomain.com → yoursite.wordpress.com).
MX Record (Mail Exchange)
Tells email servers where to deliver mail for your domain. Without correct MX records, you won't receive emails.
Type: MX
Name: @
Priority: 10
Value: mail.yourdomain.com
TTL: 3600
Priority matters: Lower numbers = higher priority. If you have multiple mail servers, email tries the lowest priority number first:
MX 10 primary-mail.example.com
MX 20 backup-mail.example.com
Common setups:
- Google Workspace: Points to
aspmx.l.google.com(and backup servers) - Microsoft 365: Points to
yourdomain-com.mail.protection.outlook.com - Self-hosted: Points to your mail server's hostname
TXT Record (Text Record)
Stores text information for various purposes. Most commonly used for email authentication and domain verification.
Type: TXT
Name: @
Value: "v=spf1 include:_spf.google.com ~all"
TTL: 3600
Common uses:
- SPF (Sender Policy Framework): Tells receiving servers which IPs can send email for your domain
- DKIM (DomainKeys Identified Mail): Cryptographic signature for email authentication
- DMARC: Policy for handling emails that fail SPF/DKIM checks
- Domain verification: Google Search Console, Microsoft 365, and other services use TXT records to verify domain ownership
NS Record (Nameserver)
Specifies which nameservers are authoritative for your domain. These are usually set at your domain registrar.
Type: NS
Name: @
Value: ns1.yourhostingprovider.com
When you change these: When switching hosting providers or moving to a DNS service like Cloudflare.
Understanding TTL (Time to Live)
TTL tells DNS resolvers how long to cache a record before checking for updates. It's measured in seconds.
| TTL Value | Duration | Best For |
|---|---|---|
| 300 | 5 minutes | During migrations or changes |
| 3600 | 1 hour | Standard for most records |
| 86400 | 24 hours | Stable records that rarely change |
Pro tip: Before making DNS changes, lower your TTL to 300 seconds (5 minutes) at least 24 hours in advance. This way, when you make the actual change, it propagates much faster. After the change is confirmed working, raise the TTL back up.
DNS Propagation: Why Changes Aren't Instant
When you update a DNS record, the change doesn't happen everywhere simultaneously. DNS resolvers around the world have cached the old record and will continue using it until the TTL expires.
Typical propagation times:
- Same ISP/region: Minutes to 1 hour
- Global: 1-48 hours (depending on old TTL)
How to check propagation:
# Check from your machine
dig yourdomain.com A
# Check from Google's DNS
dig @8.8.8.8 yourdomain.com A
# Check from Cloudflare's DNS
dig @1.1.1.1 yourdomain.com A
Or use online tools like whatsmydns.net to check propagation across multiple global locations at once.
Common DNS Tasks
Pointing Your Domain to a New Host
- Get the new server's IP address from your hosting provider
- Lower TTL to 300 on the A record (wait 24h)
- Update the A record with the new IP
- Verify the site loads correctly
- Raise TTL back to 3600 after confirming
Setting Up Email
For Google Workspace, add these MX records:
MX 1 aspmx.l.google.com
MX 5 alt1.aspmx.l.google.com
MX 5 alt2.aspmx.l.google.com
MX 10 alt3.aspmx.l.google.com
MX 10 alt4.aspmx.l.google.com
Plus SPF, DKIM, and DMARC TXT records as provided by Google.
Adding a Subdomain
To create shop.yourdomain.com pointing to a different server:
Type: A
Name: shop
Value: 198.51.100.25
TTL: 3600
Or if pointing to another service:
Type: CNAME
Name: shop
Value: shops.myplatform.com
TTL: 3600
DNS Security Tips
- Enable DNSSEC if your registrar supports it — prevents DNS spoofing
- Use a reputable DNS provider — downtime on DNS means your entire site is unreachable
- Lock your domain at the registrar to prevent unauthorized transfers
- Keep registrar account secure with 2FA — if someone controls your DNS, they control your online presence
- Monitor DNS changes — unauthorized modifications could redirect your traffic
Common DNS Mistakes to Avoid
- Forgetting MX records when changing nameservers — your email stops working
- Using CNAME on root domain — this breaks DNS standards and can cause issues
- Not lowering TTL before changes — stuck waiting hours for propagation
- Pointing to an IP that changed — always verify your server IP after hosting changes
- Missing the trailing dot — in some DNS interfaces,
example.com.(with dot) is the fully qualified domain name
Take Control of Your DNS
DNS management is a fundamental skill for anyone running a website. With the knowledge from this guide, you can confidently make changes, troubleshoot issues, and ensure your domain points exactly where it should.
At DeployBase, we provide a clean, intuitive DNS management panel with every hosting plan. Our support team is available 24/7 to help with DNS configuration, and our detailed documentation walks you through common setups step by step. Whether you're migrating from another host or setting up a brand new domain, DeployBase makes DNS management straightforward.
