DNS Record Types Explained (with Examples)
DNS record types are instructions that provide essential information about a domain or hostname. Before we dive into more details about DNS Record Types, let us cover some basics:
DNS and Its Working Mechanism
DNS is a worldwide system for translating human-readable domain names to IP addresses. When you try to access a website like “example.com”, your web browser (or app) performs a DNS Query to a server by supplying the hostname. The DNS server takes the given hostname and resolves it into the host’s IP address, which the app or web browser can connect to.
For example, if you entered reddit.com in your browser and check its IP (in Developer Tools > Network >Reddit URL (reload page) > Headers > General>> Remote Address). Currently, the IP will be shown as 199.232.45.140:443 (199.232.45.140 is IP where 443 is the port). Your browser queried a DNS server to get this IP.
Types of DNS Servers
The following four are the most common types of DNS servers: DNS Resolver, DNS Root Server, TLD Server, and Authoritative DNS Server.
DNS Record
The data or instructions used by the DNS server to resolve the host address of a website would be stored in the DNS Record in a Zone File on an Authoritative DNS Server. These records also provide many other relevant details about hostnames and domains. These records can be considered the old-day telephone directories or business listings that help DNS servers direct DNS queries to where they are required to go.
DNS Record Types
A DNS Record may hold the following (and other) information:
- Domain Name
- Associated IP Address
- Time to Live or TTL
- Class (generally IN for Internet)
- Type (A, AAAA, etc.)
DNS records are stored in text files (called Zone Files) on an Authoritative DNS server. The contents of a DNS record would be a string with special commands that can be understandable by a DNS server. Another essential factor is TTL or Time to Live. TTL is a DNS record that regulates the time (in seconds) before any subsequent change to a record takes effect. For example, a record with a TTL value of 86400 seconds will take effect in 24 hours. It is recommended that one should set a TTL value to 3600 (seconds) that tells the servers across the Internet to check for any updated DNS record every hour.
Advantages of Different DNS Record Types
There are plenty of DNS Record Types (more than 90), some of which are depreciated in favor of a newer one. A question may arise in a reader’s mind why use so many DNS Record Types? The answer is simple; each DNS record type has its purpose and advantages. These types tell a DNS server how to approach them (e.g., an MX record type is used to say a DNS server that it is an E-Mail record type). Do not get intimidated by the number of DNS record types, as you only use a few of them (not all of them) depending on your particular usage scenario. Usually, the following DNS Record Types are commonly used:
A and Its Usage
This is the most basic and essential DNS record type. The A in the A Record Type represents Address and shows the IP address of the domain or hostname. For example, if we use the DNS Lookup tool of the DNSChecker website, then we find the following result for Reddit.com(we are only showing one record, but in reality, there are many A records setup for reddit.com):
| Type | Domain Name | TTL | Address |
| A | reddit.com | 164 | 151.101.129.140 |
Here A is telling the DNS server that the IP address of Reddit.com is 151.101.129.140. Remember that the A Record Type only supports the IPV4 Address (not IPv6) of a domain or hostname.
The primary use of A record by a browser through a DNS server is the IP address lookup of a host, and it enables a browser to load a website only using the domain name. This feature allows us to load a website in a browser even if we do not know its IP address. Another implication of A Record Type is the usage of System-Based Blackhole List (DNSBL), by which you can block mail from known spam resources/addresses.
AAAA and Its Usage
Just like the A record type, the AAAA record type also points to the IP address of a domain, but there is a difference, the AAAA record type refers to the IPV6 Address (not IPV4 like the A Record type). As you already know, the Internet is running out of unique IPV4 addresses,, and to cover this (and other IPV4 flaws), IPV6 was introduced. For example, when we use the DNS Lookup Tool of the DNSChecker website for reddit.com, we find the following information for AAAA records (here, we are showing only one record, there are many AAAA records for reddit.com):
| Type | Domain Name | TTL | Address |
| AAAA | reddit.com | 87 | 2a04:4e42::396 |
The usage of the AAAA record is the same as the A record type, but the significant difference is the use of IPV6.
NS and Its Usage
An NS (abbreviated from nameserver) record specifies an authoritative DNS server of a website or domain. In simple words, a domain’s NS record helps point to a browser (or any other Internet application) where it can find the IP address of the domain. Generally, as per the best industry practices, multiple nameservers of a domain are specified (with ns1, ns2, etc. at the start of the Address). For example, if we look into NS records of Reddit.com in the DNS Lookup tool of DNSChecker, we can find the following information:
| Type | Domain Name | TTL | Canonical Name |
| NS | reddit.com | 18300 | ns-1029.awsdns-00.org. (205.251.196.5) |
| NS | reddit.com | 18300 | ns-1887.awsdns-43.co.uk. (205.251.199.95) |
| NS | reddit.com | 18300 | ns-378.awsdns-47.com. (205.251.193.122) |
| NS | reddit.com | 18300 | ns-557.awsdns-05.net. (205.251.194.45) |
As you can see, there are multiple NS records (in the Canonical Name column) set up for reddit.com. When you purchase web hosting, you receive nameserver details (usually via email). These nameservers connect your domain name to the web host (where your website resides). These nameservers contain other DNS records of your domain (like A or MX records). Keep a point in your mind that an NS record should not point to a CNAME record.
CNAME and Its Usage
The complete form of CNAME is Canonical Name. It is a DNS record type that points an alias domain to another domain, not to an IP address (like A or AAAA record types), i.e., a subdomain like abc.example.com may point to its main domain example.com by using a CNAME record, and then the main domain like example.com can point to an IP address by using an A or AAAA record type. There is no CNAME record for Reddit when checked through DNSChecker.
A question may arise in a reader’s mind why not create an A or AAAA record for the subdomain and point it to the IP address? The answer is very simple, for a single subdomain, it may be practical, but on hundreds of subdomains (think of subdomains of microsoft.com) may be pretty troublesome, especially when the IP address of the main domain changes. In such a case, if we use the CNAME, we are only required to change the A or AAAA record of a domain, not all the A records, if no CNAME record was in place. For example, if you use an FTP service on your website like ftp.example.com and use www.example.com to serve webpages to visitors, then you can CNAME records for both these subdomains and point it to the main example.com domain, which then points to an IP address. If the IP address of the example.com changes, you only edit the A record of the domain, whereas, no need to edit the CNAME records. Another point to remember is that you can point a CNAME record to another CNAME record but the industry experts usually avoid it as it can decrease the load speed and causes a bad user experience. Also, a CNAME record cannot be placed in the root domain.
MX and Its Usage
MX or Mail eXchange DNS record type shows where emails of a website should be directed to, i.e., by using an MX record, you can lead emails of your domain to a mail server. There can be more than one MX record for a single domain name, allowing you to set up backup email servers. For example, when we check MX records of reddit.com on the DNS Lookup tool of DNSChecker, we find the following information:
| Type | Domain Name | TTL | Preference | Address |
| MX | reddit.com | 234 | 1 | aspmx.l.google.com. (172.253.122.27) |
| MX | reddit.com | 234 | 10 | aspmx2.googlemail.com. (209.85.202.27) |
| MX | reddit.com | 234 | 10 | aspmx3.googlemail.com. (64.233.184.27) |
| MX | reddit.com | 234 | 5 | alt1.aspmx.l.google.com. (209.85.202.26) |
| MX | reddit.com | 234 | 5 | alt2.aspmx.l.google.com. (64.233.184.27) |
From the above table, the servers with preference (or priority) 10 will be the primary mail servers of reddit.com, whereas others are secondary servers and will only be used when the primary servers are unavailable. The rule of thumb is that the lower the preference or priority value of a server in an MX record, the higher the actual preference or priority of that server.
If you own a domain but do not want to go through the trouble of setting up your mail server, then you can easily hand off your emails to a dedicated mail server (like Reddit handed over email handling to Google, as shown in the table above). With the dedicated mail server, you can set up custom email clients to send and read emails, better security, and improved spam filters. Also, these dedicated servers (and many 3rd-party services) may alert you whenever an issue with a mail server your domain’s MX records point to. Remember that an MX record should not point to a CNAME record.
SOA and Its Usage
The SOA (or Start of Authority) DNS record stores essential information about a domain or zones, like the domain administrator’s email address, the last time the domain was updated, and the interval between server refreshes. To conform to IETF (Internet Engineering Task Force) standards, all DNS zones must have an SOA record. SOA records are also very helpful in zone transfers (sending a primary server’s DNS record data to a secondary nameserver). For example, if we use the Webchecker DNS Lookup tool to find the SOA record of reddit.com, the following information will be found:
| Type | Domain Name | TTL | Primary NS | Responsible Email |
| SOA | reddit.com | 900 | ns-557.awsdns-05.net. | awsdns-hostmaster.amazon.com. |
It showsprimary NS server of reddit.com and the emailadministrator’s email addresshe Responsible Email column. Do not get confused if you cannot find @ symbol in the email address as in the SOA DNS record; a full stop is used to replace @, i.e., the email shown as awsdns-hostmaster.amazon.com. Would be awsdns-hostmaster@amazon.com.
Let us discuss an example of SOA record type as per the IETF standards. Look at the example below:
| name | example.com |
| record type | SOA |
| MNAME | ns.primaryserver.com |
| RNAME | admin.example.com |
| SERIAL | 1111111111 |
| REFRESH | 86400 |
| RETRY | 7200 |
| EXPIRE | 4000000 |
| TTL | 11200 |
Here, the name is the domain name (here example.com), and SOA is the DNS record type. Other are:
MNAME: The name of the primary nameserver of a zone is shown in MNAME (here, ns.primaryserver.com). Secondary servers that maintain the duplicates of the DNS records of the zone receive updates to the zone from the primary server.
RNAME: This is the server administrator’s email address and should be interpreted as admin@example.com.
SERIAL: A zone, in DNS, is an area to control over namespace. A zone may consist of a single domain, domain and many of its subdomains, or many domains. Sometimes, a zone may be equivalent to a domain, but that will not be the case always. The version number of the SOA record is dedicated as a zone serial number (or Serial as shown in the above table). Whenever there is a change in the serial number, it alerts the secondary server to update their copies of the zone files.
REFRESH: The time (in seconds) that secondary servers should wait before querying primary servers for the state of the SOA record to see if it has been updated.
RETRY: The time a secondary server will wait before again querying an unresponsive primary nameserver for an update.
EXPIRE: The time a secondary server should wait to receive an update from the primary server. Otherwise, it will stop responding to the zone queries.
SRV and Its Usage
SRV (abbreviated from Service) is a DNS record type that specifies a host and the host’s port. This is required by many Internet services like instant messaging, Voice over IP (VoIP), etc. Other DNS record types (like A or AAAA) may point to an IP address or a server, but the SRV DNS record also includes a port of that particular IP address. This record type is essential for the operation of some Internet protocols. There is no SRV record of Reddit when checked through DNSChecker.
In computer networking, ports are virtual places that designate a particular type of network traffic to a specific process within a computer. By using ports, computers can easily differentiate between different kinds of web traffic, e.g., a VoIP stream goes to a different port than an email message, for instance, even though both reach the same computer over the Internet. Similar to IP addresses, all ports are assigned with a number. Internet protocols like IMAP, SIP, XMPP, etc. need to connect to a specific port in addition to connecting to a particular server. SRV records help us in specifying server ports within the DNS. See the example below:
| service | XMPP |
| proto (protocol) | TCP |
| name (domain name) | example.com |
| TTL | 86400 |
| class | IN |
| type | SRV |
| priority | 10 |
| weight | 5 |
| port | 5223 |
| target | server.example.com |
Here, XMPP will connect to the target server on port 5223. But the SRV record is formatted like the below:
_service._proto.name. TTL class type of record priority weight port target
So, our example will be like
_xmpp._tcp.example.com. 86400 IN SRV 10 5 5223 server.example.com.
Remember that the target (like server.example.com) in an SRV DNS record must point to an A or AAAA record type (due to the requirement of IP address by the port), not to a CNAME or anything else.
PTR and Its Usage
PTR or Pointer Record provides the domain name associated with a particular IP address. We can easily say that the PTR record is exactly the reciprocal of the A record type, which will point to an IP address associated with a domain name. Reddit has not set up any PTR DNS record types on its website.
The main use of DNS PTR records is in reverse DNS lookups. When you try to visit a website by using a web browser, a DNS lookup occurs, and an IP address of a domain is found. In a reverse DNS lookup, the query starts with an IP address and finds out the associated domain name. This is quite helpful in curbing spam, troubleshooting email delivery problems, and logging. When a mail server receives an email from another mail server, it uses the PTR record to verify that the sending mail server matches the IP address of the server it claims to be; if not, then that email will be marked as spam.
The PTR works for both IP versions, i.e., IPv4 and IPv6 (in different namespaces in .arpa TLD). For example, a PTR record for the IP address 192.0.2.255 would be stored as 255.2.0.192.in-addr.arpa. The in-addr.arpa is the namespace within arpa TLD to perform reverse DNS lookups in IPv4. The IPv6 PTR record will be stored with a .ip6.arpa extension.
TXT and Its Usage
TXT (aka Text) DNS record types let a website or domain admin enter text in the DNS records. This type was intended for human-readable text notes, but now it also supports some machine-readable data. There can be many TXT records for a single domain. The two most important usages of DNS TXT records are domain ownership verification and email spam prevention, although, the basic purpose of TXT records was not that. SPF (Sender Policy Framework) is also a DNS record type. It was used to prevent email spam but it is now depreciated in favor of the TXT record type. For example, if we check the TXT record of reddit.com on the DNS Lookup tool of DNSchecker, we can find the following line (although there are more than dozen TXT records of reddit.com):
| Type | Domain Name | TTL | Record |
| TXT | reddit.com | 655 | apple-domain-verification=qC3rSSKrh10DoMI7 |
In this record, Reddit verified its domain ownership to Apple. Following is an example of a pattern of adding a TXT record:
| example.com | record type: | value: | TTL |
| @ | TXT | Appuals is an awesome domain! Ask the Experts | 3260 |
As per the original RFC, text strings can go in the value field of a TXT record. This text string can be any text that an admin wants to associate his domain with. Nowadays, most DNS servers will limit the length and number of TXT records that can be added. Due to this TXT records cannot be used for a large amount of data.
Other Types of DNS Records
The above 9 DNS record types are the most common ones but there are also other types (90+ DNS Record Types) we will try to briefly cover a few more of them here:
- CERT Record: The public key certificates are stored in the Cent Record type of the DNS.
- DCHID: The information about Dynamic Host Configuration Protocol (DHCP)is stored in the DNS’s DCHID record type.
- DNAME: DNAME (abbreviated from Delegation Name) is similar to the CNAME record type but the DNAME Record type points all the subdomains for the alias to a canonical domain i.e., if we use DNMAE to point secondexample.com to example.com, then it will also automatically apply to all the subdomains of the secondexample.com like abc.secondexample.com and any other subdomains.
- CAA record: CAA or Certification Authority Authorization is used by domain owners to mark which certificate authorities can issue certificates on behalf of that domain. This record is also in inherited by the subdomains.
- DNSKEY record: The DNS Key record contains a public key that is used to verify DNSSEC (Domain Name System Security Extension) signatures.
- CDNSKEY record: This is a copy of the DNSKEY record, meant to be transferred to a parent DNS record.
- HIP record: HIP or Host Identity Protocol is a way to differentiate roles of an IP addresses. This type is mainly used in mobile computing.
- IPSECKEY record: The IPSEC key DNS record works with the IPSEC (Internet Protocol Security), an end-to-end security protocol framework that is part of the Internet Protocol Suite (TCP/IP).
- LOC record: LOC or Location DNS record contains geographical information about a domain in the form of long (longitude) and lat (latitude) coordinates.
- NAPTR record: NAPTR or Name Authority Pointer DNS record is combinable with an SRV record to create dynamic URI’s to point to based on an expression.
- NSEC record: The Next Secure record is part of DNSSEC that is used to prove that a requested DNS resource record is not available or exists.
- RRSIG record: The Resource Record Signature or RRSIG is a DNS record type to store digital signatures used to authenticate DNS records in accordance with the DNSSEC.
- RP record: PR or Responsible Person record stores the email address of the person/admin responsible for the domain.
- SSHFP record: The SSH public key fingerprints are stored in SSHFP type of DNS, where SSH is Secure Shell that is cryptographic networking protocol to provide secure communication over a network that is not secure.
Example DNS Configuration
As we discussed each of the commonly used DNS record types, to make the concept clearer, here is an example of DNS configuration for a domain or website when used with Google Cloud services. Keep in mind that despite your domain name, when configuring a DNS record, you may use @ or blank.
| Name / Host / Alias | Record Type | Priority | Value / Answer / Destination |
| Blank or @ | A | NA | 216.239.32.21 |
| Blank or @ | A | NA | 216.239.34.21 |
| Blank or @ | A | NA | 216.239.36.21 |
| Blank or @ | A | NA | 216.239.38.21 |
| Blank or @ | MX | 1 | ASPMX.L.GOOGLE.COM. |
| Blank or @ | MX | 5 | ALT1.ASPMX.L.GOOGLE.COM. |
| Blank or @ | MX | 5 | ALT2.ASPMX.L.GOOGLE.COM. |
| Blank or @ | MX | 10 | ASPMX2.GOOGLEMAIL.COM. |
| Blank or @ | MX | 10 | ASPMX3.GOOGLEMAIL.COM. |
| CNAME | NA | ghs.googlehosted.com. | |
| Blank or @ | TXT | NA | google-site verification=6tTalLzrBXBO4Gy9700TAbpg2QTKzGYEuZ_Ls69jle8 |
| Blank or @ | TXT | NA | v=spf1 include:_spf.google.com ~all |
| www | CNAME | NA | ghs.googlehosted.com. |
Add a New DNS Record
For illustration, we will discuss the process of adding a new DNS record on netlifty.com (you may follow the steps as per your particular use case):
- Open the Domains tab of your team and select the domain that you want to edit.
- Now, under the DNS records panel, click on Add New Record and select the DNS record type that you want to use like A, AAAA, etc.
Add a New DNS Record on Custom Domain on Netlifty - Then fill in all the other options as per your requirements which will depend on the DNS record type and afterward, click Save.
And a new DNS record will be added to your netlifty.com hosted domain.
So that is it, we have tried our best to cover the basics of the DNS record types. If you have any queries or suggestions, you are most welcome in the comments section.
