DNS in a Nutshell

DNS (Domain Name System) is the Internet’s phonebook. It maps human-friendly names (like webvaults.com) to machine-friendly IP addresses (like 203.0.113.10). When you type a URL, your device queries resolvers, which ask authoritative nameservers for the right records, then cache the answer so the next lookup is faster.

Core DNS Records

• A – IPv4 address mapping (e.g., @ → 198.51.100.8).
• AAAA – IPv6 address mapping.
• CNAME – Alias (name → name). Never use CNAME at the root (@) on most providers.
• MX – Mail exchangers (email routing).
• NS – Which nameservers are authoritative for your zone.
• TXT – Arbitrary text (SPF, DKIM, verification tokens).
• SRV – Service records (e.g., SIP, LDAP).

Nameservers vs. DNS Records

Nameservers host your zone file. You set them at your domain registrar. Your DNS records live inside that zone. If you change nameservers (e.g., to a CDN), you must re-create your records in the new provider’s DNS or import them.

TTL and Caching

TTL (time to live) controls how long resolvers cache an answer. Lower TTLs (e.g., 300s) speed up changes but increase query load; higher TTLs (e.g., 3600–14400s) are more efficient once stable.

What “Propagation” Really Means

There’s no magic propagation switch. After you change a record, caches worldwide expire at different times depending on their local TTL, so some users see the new destination while others still see the old one. Nameserver changes can take longer because registries and resolvers refresh NS glue on their own schedules.

Common Tasks

Point a domain to a host

1. Create/modify A (and AAAA if provided) at @ to your server IP.
2. Set www as a CNAME to @ or add a second A/AAAA.
3. Wait for TTL to expire; test with dig / nslookup.

Move DNS to a new provider

1. Export current zone or copy records by hand.
2. Import into new DNS provider and verify.
3. Change registrar nameservers to the new set.
4. Expect up to 24–48 hours for global consistency.

Set up email

1. Point MX to your mail provider as instructed.
2. Add SPF (TXT), DKIM (TXT), and DMARC (TXT) for deliverability.
3. Allow time for caches; test with provider tools.

Troubleshooting Checklist

• Check you’re editing DNS at the active nameserver (registrar shows which one).
• Eliminate conflicting records (e.g., an A record + CNAME for the same name).
• Verify TTL is not excessively high during changes.
• Flush local DNS cache and browser cache; try mobile data vs Wi-Fi.
• Use dig +trace to follow delegation from root → TLD → nameserver.
• Confirm firewalls/CDNs allow your origin and that SSL is configured.

Glossary

Resolver: The DNS service your device queries (often your ISP or public DNS like 1.1.1.1).
Authoritative Nameserver: The DNS server that holds the final answer for your domain.
Glue Record: Registry-held IP for a nameserver to break circular lookups.
Zone: The set of records for your domain.

Related: Email Deliverability: DKIM, SPF, and DMARC · Handy .htaccess Tricks · Zero-Downtime Migration