π The Internet's Phonebook: A Complete Guide to DNS Records (from A to ALIAS)
Published on 2025-11-13
Every time you type google.com into your browser, some magic happens. Your computer doesn’t know where that site physically lives. To find out, it asks the DNS (Domain Name System) β a giant distributed database often called “the Internet’s phone book.”
This book consists of records, each of which tells the world something specific about your domain: where your site lives, where to send email, or how to verify that you own the domain.
But before we dive into record types, let’s cover two fundamental principles that everything rests on.
βοΈ How does DNS work? Two pillars: TTL and Delegation
1. TTL (Time To Live) β Cache lifetime
Every DNS record has a TTL parameter. It’s a number (in seconds) that tells other DNS servers and your browser:
“Once you’ve learned this IP address, how long can you remember (cache) it before asking me again?”
| TTL | Pros | Cons |
|---|---|---|
| Low (300 sec / 5 min) | Fast propagation of changes (e.g., when migrating to a new hosting) | Increased load on NS servers |
| High (86400 sec / 24 h) | Fewer queries, stable operation | Changes apply slowly |
Recommendations:
- For stable records (
A,MX) use from 1 to 24 hours. - Before a migration temporarily lower TTL to 5β15 minutes 1β2 days before changes.
2. Delegation to multiple NS servers
No domain exists alone. It is delegated β meaning the parent zone (e.g., .com) hands control of your zone (example.com) to your DNS servers.
This is handled by the NS (Name Server) record. And important: never use only one NS server. RFC 2182 requires at least two independent NS servers for redundancy.
If
ns1.example.comstops responding, the world will automatically queryns2.example.comβ preferably located in another data center or with another provider.
That’s how DNS provides reliability without a single point of failure.
ποΈ Main “residents” of DNS: Basic record types
These are the basic records that almost every domain uses.
| Record | What it does | Example |
|---|---|---|
| A (Address) | Name β IPv4 | example.com β 192.0.2.1 |
| AAAA (Quad A) | Name β IPv6 | example.com β 2001:db8::1 |
| CNAME (Canonical Name) | Alias | blog.example.com β super-hosting.com |
| MX (Mail Exchanger) | Mail server | 10 aspmx.l.google.com20 alt1.aspmx.l.google.com |
CNAME cannot be placed on the apex domain (
example.com) β only on subdomains (RFC 1912).
ποΈ Service and verification records
5. NS record (Name Server)
Exists in two places:
- At the domain registrar β indicating which DNS servers the zone is delegated to:
example.com β ns1.my-hosting.com, ns2.my-hosting.com - Inside your zone β confirming that these are the servers answering for your domain.
6. SOA record (Start of Authority)
This is the “passport” of your zone. There is always one and it’s always the first record in the zone.
example.com. IN SOA ns1.example.com. admin.example.com. (
2025111101 ; Serial (YYYYMMDDXX)
7200 ; Refresh (2 hours)
3600 ; Retry (1 hour)
1209600 ; Expire (2 weeks)
86400 ; Minimum TTL (Negative caching TTL)
)
Serial β critically important!
Each time you edit the zone, increment this number.
The YYYYMMDDXX (year, month, day, version) format is a convenient standard.
7. TXT record (Text)
Stores arbitrary text. Used for SPF, DKIM, DMARC, verifications, and other purposes.
example.com. TXT "v=spf1 include:_spf.google.com ~all"
example.com. TXT "google-site-verification=abc123"
example.com. TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSq..."
example.com. TXT "v=DMARC1; p=reject; rua=mailto:dmarc@example.com"
π Special attention: GeoDNS, ALIAS and SRV
8. GeoDNS β not a record type, but a technology
GeoDNS allows serving different IP addresses depending on the user’s geolocation (via EDNS Client Subnet, RFC 7871).
Use cases:
- CDN: Germany β Frankfurt, Japan β Tokyo
- Localization: one domain, different versions of a site per region
Where it’s found: Cloudflare, Akamai, AWS Global Accelerator.
9. ALIAS record (aka ANAME)
Solves the problem that CNAME cannot be set on the root (apex) domain.
| Function | ALIAS | CNAME |
|---|---|---|
Works on apex domain (example.com) | β | β |
| Compatible with MX/NS | β | β |
| RFC standard | β (proprietary) | β |
| Support | Cloudflare, Route 53, DNSimple | All DNS |
How it works:
example.com ALIAS app-123.heroku.com β
the DNS provider itself queries app-123.heroku.com and returns A/AAAA records to the end user.
10. SRV record (Service Record)
Defines the server and port for a specific service.
_minecraft._tcp.play.example.com. IN SRV 10 5 25565 mc-server.example.com.
| Field | Purpose |
|---|---|
10 | Priority (lower = higher priority) |
5 | Weight (for load balancing) |
25565 | Service port |
mc-server.example.com. | Target host |
Used in VoIP (SIP), XMPP, Minecraft, Kerberos, and other services.
π Other record types (Quick reference)
| Record | Purpose | Example |
|---|---|---|
| PTR | Reverse record (IP β domain) | 1.2.0.192.in-addr.arpa β mail.example.com |
| CAA | Restricts who can issue SSL certificates | example.com CAA 0 issue "letsencrypt.org" |
| DS / DNSKEY | Used in DNSSEC to protect against spoofing | β |
| NAPTR | Routing for VoIP/SIP calls | β |
π Practical checklist: Is DNS ready for action?
dig NS example.com +trace # Check delegation
dig A example.com # Check A/AAAA records
dig MX example.com # Check mail servers
dig TXT example.com # SPF/DKIM/DMARC and verifications
dig SOA example.com # Zone passport
dig SRV _minecraft._tcp.play... # Check SRV records
dig example.com +dnssec # Check DNSSEC
π§ TTL during migration β practical plan
D-7: TTL β 86400 (1 day)
D-1: TTL β 300 (5 minutes)
Migration
D+0: TTL β 3600 (1 hour)
D+1: TTL β 86400 (return to normal value)
This ensures instant updates during migration without sacrificing stability afterward.
π― Summary
DNS is not just “an A-record and a CNAME.” It’s a complex and powerful system that lets you:
- Manage traffic with GeoDNS
- Ensure resilience via NS and MX
- Work with PaaS platforms via ALIAS
- Automate service routing via SRV
- Protect users using DNSSEC
Understanding DNS is the key to building fast, reliable, and secure web projects.
Resources:
Related reviews
Very pleased with working with Mikhail. Any task, even one that seems difficult at first, is executed to a high standard thanks to him! Thank you )
Dr-zelenin Β· VPS setup, server setup
2025-11-11 Β· β 5/5
Very satisfied with working with Mikhail. Any task, even one that seems difficult at first glance, becomes, thanks to him, implemented to a high standard! Thank you)
Thanks to Mikhail for his professionalism. I recommend him. He was very helpful in helping me understand Docker.
Vadim_U Β· VPS setup, server setup
A customer who has settled in2025-11-10 Β· β 5/5
Thanks to Mikhail for his professionalism. I recommend him. He was a great help in getting to grips with Docker.
Mikhail is an expert. He quickly figured it out and fixed the problem.
Vadim_U Β· VPS setup, server setup
An acclimated customer2025-11-10 Β· β 5/5
Mikhail is an expert. Quickly figured it out and resolved the issue.
Comes through for any problem β I recommend it!
AlekseiDotsenko Β· VPS setup, server setup
Power buyer2025-11-05 Β· β 5/5
Comes to the rescue with any problems, I recommend!
Mikhail helped set up the website very quickly. I wouldβve definitely been fiddling with it all day. Itβs great when a professional saves your time and delivers high-quality work. I recommend him!
N_Konstantin Β· VPS setup, server setup
An established customer2025-10-21 Β· β 5/5
Mikhail was very prompt in helping set up the website. I would definitely have been tinkering with it all day. It's nice when a professional helps save your time and does the work at a high level. I recommend him!
The most qualified, top-notch specialist who knows his stuff.
Alexeyvodopyanov Β· VPS setup, server setup
Experienced buyer2025-10-21 Β· β 5/5
The most qualified and coolest specialist who knows their stuff