DNS (Domain Name System) translates human-readable domain names into IP addresses. When you type google.com, DNS figures out that means 142.250.185.78 and sends your request there.
It’s the phone book of the internet.
How it works (simplified)
- You type
example.comin your browser - Your computer asks a DNS resolver: “What’s the IP for example.com?”
- The resolver checks its cache. If not cached, it asks the root servers →
.comservers →example.com’s nameservers - The nameserver responds: “It’s
93.184.216.34” - Your browser connects to that IP address
- The result is cached so the next request is instant
This whole process takes milliseconds.
DNS record types
| Record | What it does | Example |
|---|---|---|
| A | Maps domain to IPv4 address | example.com → 93.184.216.34 |
| AAAA | Maps domain to IPv6 address | example.com → 2606:2800:220:1:... |
| CNAME | Alias to another domain | www.example.com → example.com |
| MX | Mail server | example.com → mail.example.com |
| TXT | Text data (verification, SPF, etc.) | v=spf1 include:_spf.google.com |
| NS | Nameserver for the domain | example.com → ns1.provider.com |
A records are the most common — they point your domain to a server IP.
CNAME records are aliases — www.example.com points to example.com, which has the actual A record.
Common DNS tasks
Point a domain to a server:
Type: A
Name: @ (or example.com)
Value: 93.184.216.34
TTL: 3600Point www to the same place:
Type: CNAME
Name: www
Value: example.com
TTL: 3600Verify domain ownership (Google, Vercel, etc.):
Type: TXT
Name: @
Value: google-site-verification=abc123...DNS propagation
When you change DNS records, the change doesn’t happen instantly. Old records are cached by DNS servers worldwide.
- TTL (Time To Live) controls how long records are cached
- Low TTL (300 = 5 min): changes propagate fast, more DNS lookups
- High TTL (86400 = 24 hours): changes are slow, fewer lookups
Before making changes: lower the TTL to 300 a day in advance. After the change propagates, raise it back.
Checking propagation:
# Check from your machine
dig example.com
nslookup example.com
# Check from specific DNS server
dig @8.8.8.8 example.com
dig @1.1.1.1 example.comOr use dnschecker.org to check from multiple locations worldwide.
Common DNS issues
“DNS not propagated yet” — wait. It can take up to 48 hours (usually much less).
“Site not working after domain change” — check with dig:
dig example.com +short
# Should show your server's IP“Email not working” — check MX records:
dig example.com MX +short“SSL certificate error after DNS change” — the new server needs its own SSL certificate. If using Let’s Encrypt, it needs DNS to be pointing to it first.
DNS providers
Your domain registrar usually provides DNS, but you can use a dedicated DNS provider for better performance:
- Cloudflare — free, fast, DDoS protection
- Route 53 — AWS, reliable, integrates with AWS services
- Google Cloud DNS — similar to Route 53
- Your registrar — Namecheap, GoDaddy, etc. (fine for simple setups)