Enter your domain name, choose a preset configuration, and get ready-to-use DNS records.
Maps a hostname to an IPv4 address. The most fundamental DNS record — when someone visits your domain, the A record tells DNS which server IP to connect to.
example.com. 3600 IN A 93.184.216.34
www.example.com. 3600 IN A 93.184.216.34
Use when: Pointing your domain to a web server, mail server, or any IPv4 address.
Maps a hostname to an IPv6 address. Functions identically to an A record but for modern IPv6 infrastructure. Recommended to add alongside A records for full dual-stack support.
example.com. 3600 IN AAAA 2606:2800:220:1:248:1893:25c8:1946
Use when: Your server supports IPv6 (GitHub Pages, Cloudflare, most modern CDNs).
Creates an alias from one hostname to another. Instead of an IP, a CNAME points to another domain name. Cannot be used at the zone apex (@) in standard DNS — use ALIAS/ANAME or flatten at the registrar. The target must ultimately resolve to an A or AAAA record.
www.example.com. 3600 IN CNAME example.com.
blog.example.com. 3600 IN CNAME my-site.netlify.app.
Use when: Pointing subdomains to hosting providers (Vercel, Netlify, GitHub Pages www subdomain, CDN hostnames).
Specifies the mail servers responsible for receiving email for a domain. Multiple MX records can exist with different priority values — lower numbers = higher priority. The value must be a hostname (not an IP address).
example.com. 3600 IN MX 1 aspmx.l.google.com.
example.com. 3600 IN MX 5 alt1.aspmx.l.google.com.
example.com. 3600 IN MX 10 alt2.aspmx.l.google.com.
Use when: Configuring email delivery — Google Workspace, Microsoft 365, Fastmail, ProtonMail, etc.
Stores arbitrary text data. Widely used for domain verification, email authentication (SPF, DKIM, DMARC), and service-specific configuration. A domain can have multiple TXT records.
# SPF — authorize mail senders
example.com. 3600 IN TXT "v=spf1 include:_spf.google.com ~all"
DMARC — email policy#
_dmarc.example.com. 3600 IN TXT “v=DMARC1; p=reject; rua=mailto:dmarc@example.com”
DKIM — signing key#
selector._domainkey.example.com. 3600 IN TXT “v=DKIM1; k=rsa; p=MIIBIjAN…”
Domain verification#
example.com. 3600 IN TXT “google-site-verification=abc123”
Use when: SPF/DKIM/DMARC email authentication, domain ownership verification, service configuration.
Delegates a domain or subdomain to a set of authoritative name servers. NS records at the zone apex are set by your domain registrar. You can also delegate subdomains to different DNS providers using NS records.
example.com. 86400 IN NS ns1.cloudflare.com.
example.com. 86400 IN NS ns2.cloudflare.com.
Subdomain delegation#
staging.example.com. 3600 IN NS ns1.otherprovider.com.
Use when: Changing DNS providers, delegating subdomain DNS management to another provider.
Contains administrative information about a DNS zone: primary name server, responsible party's email, serial number, and refresh/retry/expire timers. Every DNS zone must have exactly one SOA record. Usually managed automatically by your DNS provider.
example.com. 86400 IN SOA ns1.example.com. admin.example.com. (
2025051601 ; Serial (YYYYMMDDnn)
3600 ; Refresh (1 hour)
900 ; Retry (15 min)
604800 ; Expire (7 days)
300 ) ; Minimum TTL (5 min)
Use when: Typically auto-managed. Manually adjust serial/TTL values in self-hosted DNS (BIND, PowerDNS).
Specifies the location of servers for specific services, including the service name, protocol, priority, weight, port, and target. Format: _service._proto.name TTL IN SRV priority weight port target.
# Microsoft Teams / Skype for Business
_sip._tls.example.com. 3600 IN SRV 100 1 443 sipdir.online.lync.com.
_sipfederationtls._tcp.example.com. 3600 IN SRV 100 1 5061 sipfed.online.lync.com.
XMPP (Jabber)#
_xmpp-client._tcp.example.com. 3600 IN SRV 5 0 5222 xmpp.example.com.
Use when: Microsoft 365 (Teams/Lync), VoIP, XMPP, and any protocol requiring service discovery.
Controls which Certificate Authorities (CAs) are permitted to issue SSL/TLS certificates for your domain. Prevents unauthorized certificate issuance. Three tag types: issue (single domain), issuewild (wildcard), iodef (violation reporting).
example.com. 3600 IN CAA 0 issue "letsencrypt.org"
example.com. 3600 IN CAA 0 issuewild "letsencrypt.org"
example.com. 3600 IN CAA 0 issue "digicert.com"
example.com. 3600 IN CAA 0 iodef "mailto:security@example.com"
Use when: Strengthening SSL certificate security, required by some compliance frameworks (PCI-DSS).
The reverse of an A record — maps an IP address back to a hostname. Lives in the in-addr.arpa (IPv4) or ip6.arpa (IPv6) zones. Configured with your ISP or hosting provider, not your domain registrar. Critical for mail server reputation.
# IPv4 reverse DNS (34.216.184.93 → example.com)
34.216.184.93.in-addr.arpa. 3600 IN PTR mail.example.com.
IPv6 reverse DNS#
6.4.9.1.8.c.5.2.3.9.8.1.8.4.2.0.1.0.0.0.0.2.2.0.0.8.2.6.0.6.2.ip6.arpa. 3600 IN PTR example.com.
Use when: Setting up a mail server (anti-spam), network diagnostics, compliance requirements.
