DNS Records Explained: A, MX, TXT, CNAME, NS and How to Look Them Up
A practical guide to DNS record types, what each one does, and how to query them instantly without installing any tools.
DNS (Domain Name System) is the phonebook of the internet — it translates human-readable domain names into the addresses and configurations computers need to connect. Understanding DNS records is essential for debugging email delivery, verifying domain ownership, tracking propagation, and configuring infrastructure. Here’s a practical breakdown.
The six most important record types
A — IPv4 address
The most fundamental record. Maps a domain name to an IPv4 address.
github.com. → 140.82.121.3When you type a URL in a browser, the first thing that happens is an A record lookup. If your site is unreachable, check this first.
AAAA — IPv6 address
Same as A, but for IPv6 addresses. Modern servers often have both A and AAAA records. If your users are on IPv6-only networks (increasingly common in mobile), the AAAA record is what gets used.
MX — Mail exchange
Tells email servers where to deliver mail for your domain. Always has a priority number — lower means higher priority.
10 mail.example.com
20 backup-mail.example.comIf email to your domain bounces or disappears, the MX record is the first place to look. Missing MX = undeliverable mail.
TXT — Text
A general-purpose record used for domain verification and email authentication. The most common TXT uses:
- SPF (
v=spf1 ...) — lists which servers are allowed to send email on your behalf. Missing or misconfigured SPF causes mail to land in spam. - DKIM (
v=DKIM1 ...) — a public key used to verify that emails were signed by your server. - DMARC (
v=DMARC1 ...) — policy telling receiving servers what to do with mail that fails SPF/DKIM. - Domain ownership proofs — Google Search Console, AWS, Cloudflare, GitHub, and others all verify domain ownership by asking you to add a specific TXT record.
CNAME — Canonical name
An alias from one name to another. Instead of pointing to an IP directly, a CNAME points to another hostname.
www.example.com → example.com
blog.example.com → example.ghost.ioCommon uses: pointing subdomains to CDN or SaaS providers, setting up www as an alias for the apex domain.
Important: You cannot use a CNAME on an apex domain (example.com) in standard DNS — only on subdomains. If you need apex aliasing, providers like Cloudflare offer a proprietary CNAME Flattening feature.
NS — Name servers
Delegates a domain (or subdomain) to a set of authoritative name servers. These are the servers that hold all the other DNS records.
dns1.registrar.com
dns2.registrar.comIf you’re migrating a domain to a new DNS provider (e.g. from GoDaddy to Cloudflare), you’re changing these NS records at your registrar.
Common DNS debugging scenarios
“My email is going to spam.”
Query TXT records and verify your SPF record includes your sending IP or mail provider. Check for DMARC (_dmarc.yourdomain.com) and DKIM (selector._domainkey.yourdomain.com).
“My new domain isn’t resolving.”
Check A records. If they’re correct but the site still doesn’t load, DNS propagation may still be in progress — TTL (Time to Live) on the old record can keep stale values cached for minutes to hours.
“I need to verify ownership for Google/AWS/GitHub.”
Look up TXT records to confirm the verification string was added correctly and has propagated.
“A subdomain is returning the wrong page.”
Check CNAME records for that subdomain. It may be pointing to an old host or a misconfigured SaaS endpoint.
How DNS propagation works
When you change a DNS record, the new value doesn’t appear everywhere instantly. Each record has a TTL (Time to Live) measured in seconds. Resolvers cache the old value until the TTL expires. Common TTLs:
| TTL | Common usage |
|---|---|
| 60–300 s | During migrations — allows fast rollback |
| 3600 s (1 h) | Standard for most records |
| 86400 s (24 h) | Rarely-changing records |
To speed up propagation for a planned migration, lower the TTL 24–48 hours before the change.
How our DNS Lookup tool works
Unlike browser-based alternatives that use DNS-over-HTTPS (which depends on Cloudflare or Google’s public resolvers), our DNS Lookup tool queries DNS records server-side using Node.js’s built-in dns module, which uses the system resolver. This means:
- All six record types queried in parallel in a single request
- MX records sorted by priority — lowest (highest priority) first
- TXT records concatenated — chunked TXT records are joined into readable strings
- No rate limiting from public DoH APIs
- The domain name is sent to our lookup service — it is not stored or logged
Use the DNS Lookup tool to query any domain’s records instantly — no signup, no install, no limits.