DNS Records Explained: A, MX, TXT, CNAME, NS and How to Look Them Up
A practical guide to DNS record types, what each one does, and how to query them instantly without installing any tools.
DNS translates domain names into the addresses and configurations computers need to connect. Most of the time it’s invisible — until email stops delivering, a new domain won’t resolve, or a subdomain starts returning the wrong page. When that happens, knowing which record to check first saves a lot of guessing.
The six most important record types
A — IPv4 address
The most fundamental record. Maps a domain name to an IPv4 address.
github.com. → 140.82.121.3When you type a URL into a browser, the first thing that happens is an A record lookup. If your site is unreachable, start here.
AAAA — IPv6 address
Same as A, but for IPv6. Modern servers often have both. If your users are on IPv6-only networks — increasingly common on mobile — the AAAA record is what gets used.
MX — Mail exchange
Tells email servers where to deliver mail for your domain. Always has a priority number — lower means higher priority.
10 mail.example.com
20 backup-mail.example.comIf email to your domain bounces or disappears, MX is the first place to look. No MX record means no deliverable mail.
TXT — Text
A general-purpose record used for domain verification and email authentication. The most common uses:
- SPF (
v=spf1 ...) — lists which servers are allowed to send email on your behalf. Missing or wrong SPF causes mail to land in spam. - DKIM (
v=DKIM1 ...) — a public key used to verify that emails were signed by your server. - DMARC (
v=DMARC1 ...) — policy telling receiving servers what to do with mail that fails SPF or DKIM. - Domain ownership proofs — Google Search Console, AWS, Cloudflare, GitHub and others verify ownership by asking you to add a specific TXT record.
CNAME — Canonical name
An alias from one name to another. Instead of pointing to an IP directly, a CNAME points to another hostname.
www.example.com → example.com
blog.example.com → example.ghost.ioCommon uses: pointing subdomains to CDN or SaaS providers, setting up www as an alias for the apex domain.
One thing to know: you cannot use a CNAME on an apex domain (example.com) in standard DNS — only on subdomains. If you need apex aliasing, Cloudflare offers CNAME Flattening as a proprietary extension.
NS — Name servers
Delegates a domain (or subdomain) to a set of authoritative name servers. These are the servers that actually hold all the other DNS records.
dns1.registrar.com
dns2.registrar.comWhen you migrate a domain to a new DNS provider — say, from GoDaddy to Cloudflare — you’re changing these NS records at your registrar.
Common debugging scenarios
“My email is going to spam.”
Check TXT records. Verify your SPF record includes your sending IP or mail provider. Look for DMARC at _dmarc.yourdomain.com and DKIM at selector._domainkey.yourdomain.com.
“My new domain isn’t resolving.” Check A records. If they’re correct but the site still won’t load, DNS propagation may still be in progress — TTL on the old record can keep stale values cached for minutes to hours.
“I need to verify ownership for Google / AWS / GitHub.” Query TXT records to confirm the verification string was added and has propagated.
“A subdomain is returning the wrong page.” Check the CNAME for that subdomain. It may be pointing to an old host or a misconfigured SaaS endpoint.
How DNS propagation works
When you change a DNS record, the new value doesn’t appear everywhere at once. Each record has a TTL (Time to Live) measured in seconds. Resolvers cache the old value until that TTL expires.
| TTL | Common usage |
|---|---|
| 60–300 s | During migrations — allows fast rollback |
| 3600 s (1 h) | Standard for most records |
| 86400 s (24 h) | Rarely-changing records |
To speed up propagation for a planned migration, lower the TTL 24–48 hours before the change.
How the DNS Lookup tool works
Most browser-based alternatives use DNS-over-HTTPS, which routes queries through Cloudflare or Google’s public resolvers. Our DNS Lookup tool queries records server-side using Node.js’s built-in dns module and the system resolver directly. That means:
- All six record types queried in parallel in a single request
- MX records sorted by priority — lowest number first
- Chunked TXT records joined into readable strings
- No rate limits from public DoH APIs
- The domain name goes to our lookup service and is not stored or logged
Use the DNS Lookup tool to query any domain’s records instantly — no signup, no install, no limits.