dnsprobe v1

DNS record types explained: A, AAAA, CNAME, MX, TXT and when to use each

· ~2 min read · dnsprobe.net/blog

DNS is the internet's address book: it turns a name people remember into the technical details machines need. The entries in that address book are records, and while there are dozens of types, you'll spend 95% of your time with a handful. Here's what each does.

A and AAAA — name to IP

An A record points a hostname to an IPv4 address (e.g. example.com → 203.0.113.10). An AAAA record does the same for IPv6. These are the records that make a site reachable. If your site is “down” but the server is fine, a wrong or missing A record is the usual culprit.

CNAME — an alias to another name

A CNAME points one name at another name rather than an IP — useful when you want www.example.com to follow wherever example.com goes, or to point a subdomain at a provider's hostname (a CDN, a SaaS app). The key rule: you cannot put a CNAME on the root domain (the bare example.com) alongside other records, and a CNAME can't coexist with other record types on the same name. That single rule causes a large share of DNS confusion.

MX — where email goes

An MX record tells other mail servers which host accepts email for your domain, with a priority number (lower = preferred). Get this wrong and your website works perfectly while your email silently bounces. Email and web are separate DNS concerns — changing your A record doesn't move your mail, and vice versa.

TXT — verification and email security

A TXT record holds arbitrary text, and in practice it's where domain verification and email-authentication live: SPF (which servers may send mail as you), DKIM (cryptographic signing keys), and DMARC (what to do with mail that fails the checks). Missing or wrong SPF/DKIM/DMARC is why legitimate email lands in spam.

NS — who is in charge

An NS record delegates a domain (or subdomain) to a set of authoritative nameservers. Changing NS records moves control of the zone — and is the slowest change to take effect, because it's governed at the registry level.

Common mistakes

  • Putting a CNAME on the root domain — use an A record (or your DNS provider's ALIAS/flattening) instead.
  • Editing the A record and expecting email to follow — MX is independent.
  • Multiple SPF TXT records — you may only have one; merge them.
  • Forgetting TTL — lower it before a planned change so the switch applies in minutes, not hours.

Bottom line

Most DNS work is just A/AAAA for the site, CNAME for aliases, MX for mail, TXT for verification and email security, and NS for delegation. Knowing which record governs which behaviour turns “DNS is broken” into a five-minute fix.