DNS Record Types Explained: The Internet's Address Book
How does a browser know where a website lives?
Think about this for a moment: You type google.com into your browser, hit Enter, and boom—Google's homepage appears. But how did your browser know where to find Google's servers among billions of computers connected to the internet?
The answer is DNS—the Domain Name System. And today, we're going to explore exactly how it works, in the simplest way possible.
What is DNS? (The Internet's Phonebook)
Remember phonebooks? Those thick yellow books where you'd look up someone's name to find their phone number? DNS works exactly like that, but for the internet.
Here's the thing: Computers don't actually understand names like google.com or amazon.com. They speak in numbers—specifically, IP addresses like 172.217.14.206. But remembering numbers is hard for humans. We're much better with names.
DNS bridges this gap. It's a massive, distributed system that translates human-friendly domain names into computer-friendly IP addresses.
When you type a website address:
Your browser asks DNS: "Where is example.com?"
DNS responds: "It's at 93.184.216.34"
Your browser connects to that IP address
The website loads
Simple, right? But DNS does much more than just this basic translation.
Why Do We Need Different DNS Records?
If DNS was only about translating names to IP addresses, we'd only need one type of record. But the internet is more complex:
What if you want to use IPv6 instead of IPv4?
How do email servers know where to deliver your mail?
What if you want one domain to point to another?
How do you verify you own a domain?
Who's responsible for managing DNS for your domain?
Each of these questions requires a different type of DNS record. Think of DNS records as different types of entries in that phonebook some list addresses, some list email contacts, some provide notes and verification.
Let's explore each type, one at a time.
NS Record: Who's Responsible Here?
The Problem: When someone asks "Where is example.com?", who should answer?
The Solution: NS (Name Server) records
Think of an NS record as the property manager for a building. When someone has a question about an apartment (your domain), they need to know which management company (name server) to ask.
Real-World Analogy
Imagine you're looking for information about an apartment building. The city records say: "For questions about Maple Street Apartments, contact ABC Property Management." That's what an NS record does, it points to the authoritative source.
How It Works
Question: "Who manages DNS for example.com?"
NS Record Answer:
example.com NS ns1.nameserver.com
example.com NS ns2.nameserver.com
Most domains have multiple NS records for redundancy. If one name server goes down, others can still answer DNS queries.
When You'll See This
When you register a new domain, you specify which name servers to use
When you transfer a domain to a different hosting provider
If you use a third-party DNS service like Cloudflare
Key Point: NS records delegate authority. They say, "Don't ask me—ask these servers instead."
A Record: The Main Address (IPv4)
The Problem: Your browser needs to know the IP address of a website.
The Solution: A records (Address records)
This is the most fundamental DNS record. It's like the street address in that phonebook—it tells you exactly where something is located.
Real-World Analogy
If someone asks "Where does John live?", you might say "123 Main Street." An A record works the same way: "Where is example.com?" → "192.0.2.1"
How It Works
example.com A 93.184.216.34
When your browser looks up example.com, the A record provides the IPv4 address where the web server lives.
Multiple A Records
You can have multiple A records for the same domain:
example.com A 93.184.216.34
example.com A 93.184.216.35
This is useful for:
Load balancing: Distributing traffic across multiple servers
Redundancy: If one server fails, traffic goes to others
Common Subdomains
example.com A 93.184.216.34
www.example.com A 93.184.216.34
blog.example.com A 93.184.216.50
Each subdomain can point to a different server, or they can all point to the same one.
Remember: A records only work with IPv4 addresses (the ones that look like 192.168.1.1). For IPv6, you need a different record...
AAAA Record: The Modern Address (IPv6)
The Problem: We're running out of IPv4 addresses. IPv6 is the solution, but it uses a different format.
The Solution: AAAA records (Quad-A records)
What's the Difference?
IPv4 addresses look like this: 192.0.2.1 (four numbers separated by dots)
IPv6 addresses look like this: 2001:0db8:85a3:0000:0000:8a2e:0370:7334 (eight groups of hexadecimal numbers)
IPv6 provides vastly more addresses than IPv4, which is why it's the future.
Real-World Analogy
Think of IPv4 as old postal codes with limited combinations. IPv6 is like a new postal system with enough codes for every grain of sand on Earth. Same purpose (finding locations), just a newer, more expansive system.
How It Works
example.com AAAA 2606:2800:220:1:248:1893:25c8:1946
Using Both A and AAAA
Modern websites often have both:
example.com A 93.184.216.34
example.com AAAA 2606:2800:220:1:248:1893:25c8:1946
This way:
Devices using IPv4 get the A record
Devices using IPv6 get the AAAA record
Everyone can reach your website
Why "AAAA"? IPv6 addresses are four times longer than IPv4 addresses, hence four A's. It's that simple!
CNAME Record: The Alias
The Problem: Sometimes you want one domain name to point to another domain name, not directly to an IP address.
The Solution: CNAME records (Canonical Name records)
This is where beginners often get confused, so let's take it slow.
Real-World Analogy
Imagine you have a business called "Smith Consulting." You also operate under "Smith & Associates." When someone asks for the address of "Smith & Associates," you say "We're the same as Smith Consulting—just look up that address."
That's a CNAME: one name pointing to another name.
How It Works
www.example.com CNAME example.com
The lookup happens in two steps:
Look up
www.example.com→ Find CNAME → Points toexample.comLook up
example.com→ Find A record → Get IP address93.184.216.34
Why Use CNAME Instead of Just Another A Record?
Great question! Here's why:
Scenario: You run your website on a hosting provider. Their server IP is 203.0.113.10.
Option 1: Use A records everywhere
example.com A 203.0.113.10
www.example.com A 203.0.113.10
blog.example.com A 203.0.113.10
Problem: If your hosting provider changes the IP address, you have to update all three records.
Option 2: Use CNAME records
example.com A 203.0.113.10
www.example.com CNAME example.com
blog.example.com CNAME example.com
Benefit: If the IP changes, you only update one A record. The CNAMEs automatically follow the new address.
Common Use Cases
Content Delivery Networks (CDNs)
www.example.com CNAME example.cdn-provider.comThird-party services
shop.example.com CNAME shops.shopify.comEmail marketing
email.example.com CNAME mailprovider.com
Important CNAME Rules
You cannot use CNAME for the root domain. This is a common mistake:
❌ WRONG:
example.com CNAME hosting-provider.com
✓ CORRECT:
example.com A 203.0.113.10
www.example.com CNAME example.com
Why? Technical reasons involving how DNS works, but just remember: root domains need A or AAAA records, not CNAME.
MX Record: Where Emails Go
The Problem: Email and web hosting are usually on different servers. How does email know where to go?
The Solution: MX records (Mail Exchange records)
Real-World Analogy
Think of your domain as a company building. The web server is your office (where visitors come), but the mail room is in a different part of the building. MX records tell the post office where to deliver your mail.
How It Works
When someone sends an email to you@example.com:
1. Sender's email server asks: "Where do I deliver mail for example.com?"
2. DNS responds with MX record: "Send it to mail.example.com"
3. Email server looks up mail.example.com (A record)
4. Email gets delivered to that IP address
Priority Numbers
MX records have priority numbers. Lower numbers = higher priority:
example.com MX 10 mail1.example.com
example.com MX 20 mail2.example.com
example.com MX 30 mail3.example.com
Email servers try the lowest number first (10). If that fails, they try 20, then 30.
Why? Redundancy. If your primary mail server is down, email still gets delivered to a backup.
Using Third-Party Email (Gmail, Outlook, etc.)
Most people don't run their own mail servers. They use services like Google Workspace or Microsoft 365:
example.com MX 1 aspmx.l.google.com
example.com MX 5 alt1.aspmx.l.google.com
example.com MX 10 alt2.aspmx.l.google.com
Important: Your website can be hosted on one server (A record) while your email is hosted on completely different servers (MX records). They're independent.
TXT Record: The Notes Section
The Problem: We need a way to store extra information about a domain—verification codes, security policies, and other text data.
The Solution: TXT records (Text records)
Real-World Analogy
Remember those notes sections in phonebooks? "Warning: This business has moved" or "See also: ABC Company." TXT records are like sticky notes attached to your domain.
How It Works
TXT records store arbitrary text:
example.com TXT "v=spf1 include:_spf.google.com ~all"
They don't make your website work, but they serve important purposes.
Common Uses
1. Email Verification (SPF Records)
Prevents spammers from pretending to send email from your domain:
example.com TXT "v=spf1 include:_spf.google.com ~all"
This says: "Only Google's servers are allowed to send email from example.com."
2. Domain Ownership Verification
When you sign up for services (Google Search Console, SSL certificates), they ask you to add a TXT record to prove you own the domain:
example.com TXT "google-site-verification=rXOxyZounnZasA8Z7oaD3c14JdjS9aKSWvsR1EbUSIQ"
It's like showing your ID: "Yes, I really own this domain."
3. DKIM (Email Security)
Another email security measure:
default._domainkey.example.com TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBA..."
This provides a digital signature proving emails really came from your domain.
4. DMARC (Email Policy)
Tells email servers what to do with suspicious emails:
_dmarc.example.com TXT "v=DMARC1; p=quarantine; rua=mailto:dmarc@example.com"
Multiple TXT Records
You can have multiple TXT records for different purposes:
example.com TXT "v=spf1 include:_spf.google.com ~all"
example.com TXT "google-site-verification=abc123def456"
example.com TXT "facebook-domain-verification=xyz789"
Key Point: TXT records are extremely flexible. If you need to attach any text information to your domain, this is how you do it.
How All DNS Records Work Together
Let's put it all together with a real example. Here's what DNS records might look like for a small business website:
Example: myshop.com
Who manages DNS for myshop.com?
myshop.com NS ns1.cloudflare.com
myshop.com NS ns2.cloudflare.com
Where is the website? (IPv4)
myshop.com A 104.26.10.123
www.myshop.com CNAME myshop.com
Where is the website? (IPv6)
myshop.com AAAA 2606:4700:3033::6815:a7b
Subdomain hosted elsewhere
blog.myshop.com CNAME myblog.medium.com
Where does email go?
myshop.com MX 1 aspmx.l.google.com
myshop.com MX 5 alt1.aspmx.l.google.com
Email security and verification
myshop.com TXT "v=spf1 include:_spf.google.com ~all"
myshop.com TXT "google-site-verification=abcdef123456"
_dmarc.myshop.com TXT "v=DMARC1; p=quarantine;"
What Happens When You Visit www.myshop.com?
1. Browser asks: "What's the IP for www.myshop.com?"
2. DNS checks NS records: "Ask Cloudflare's nameservers"
3. Cloudflare's nameserver responds: - www.myshop.com is a CNAME → points to myshop.com - myshop.com has A record → 104.26.10.123
4. Browser connects to 104.26.10.123
5. Website loads!
What Happens When You Send Email to hello@myshop.com?
1. Your email server asks: "Where do I send email for myshop.com?"
2. DNS responds with MX records:
- Priority 1: aspmx.l.google.com
- Priority 5: alt1.aspmx.l.google.com
3. Email server checks SPF TXT record:
- Verifies the sender is legitimate
4. Email gets delivered to Google's mail servers
5. You can check it in Gmail!
Quick Reference Guide
| Record Type | Purpose | Example | When to Use |
| NS | Specifies name servers | ns1.cloudflare.com | Setting up domain DNS |
| A | Domain to IPv4 address | 192.0.2.1 | Pointing domain to server |
| AAAA | Domain to IPv6 address | 2001:db8::1 | Supporting IPv6 |
| CNAME | Domain to another domain | example.com | Aliases and subdomains |
| MX | Email server location | mail.example.com | Configuring email |
| TXT | Text information | "v=spf1..." | Verification, security |
Wrapping Up
DNS might seem complex at first, but it's really just a system of different record types, each solving a specific problem:
NS records delegate authority
A and AAAA records provide addresses
CNAME records create aliases
MX records route email
TXT records store verification and security information
Together, these records work behind the scenes every time you browse the web, send an email, or use any internet service.
The beautiful part? Once set up, DNS just works. You type a name, and like magic, you're connected to the right place.
Now you know exactly how that magic happens!
