DNS Lookup

Query DNS records for any domain. Check A, AAAA, MX, CNAME, TXT, NS, and SOA records with TTL values.

Check DNS Records

Enter a domain name to retrieve its DNS records

Enter without http:// or www

What is DNS?

The Domain Name System (DNS) is often called the "phonebook of the internet." It's a hierarchical, distributed database that translates human-friendly domain names (like example.com) into machine-readable IP addresses (like 93.184.216.34). Without DNS, you'd have to memorize numeric IP addresses to visit any website.

Every time you visit a website, send an email, or use almost any internet service, DNS queries happen behind the scenes—typically in milliseconds. Understanding DNS is essential for website owners, developers, and anyone managing online infrastructure.

4.3B+

DNS queries per day on Cloudflare alone

<50ms

Average DNS lookup time

13

Root DNS server clusters worldwide

350M+

Registered domain names globally

How DNS Works

When you type a URL into your browser, a series of DNS queries occur to find the correct IP address. Here's the step-by-step process:

  1. Browser Cache Check
    Your browser first checks if it has recently looked up this domain and has the IP cached.
  2. Operating System Cache
    If not in browser cache, the OS checks its own DNS cache and the hosts file.
  3. Recursive Resolver Query
    The query goes to a DNS resolver (usually your ISP or a public DNS like 8.8.8.8).
  4. Root Server Query
    The resolver queries a root server, which directs it to the TLD servers (.com, .org, etc.).
  1. TLD Server Query
    The TLD server points to the authoritative nameservers for the specific domain.
  2. Authoritative Nameserver
    The authoritative server returns the actual IP address for the requested domain.
  3. Response Cached
    The resolver caches the response (based on TTL) and returns it to your device.
  4. Connection Established
    Your browser connects to the web server using the resolved IP address.

DNS Record Types Explained

DNS uses various record types to store different kinds of information. Here's a comprehensive guide to each type:

A Address Record

Purpose: Maps a domain name to an IPv4 address (32-bit).

Example:

example.com.    IN    A    93.184.216.34

Common uses:

  • Point your domain to your web server
  • Create subdomains (www, blog, shop)
  • Load balancing with multiple A records
AAAA IPv6 Address Record

Purpose: Maps a domain name to an IPv6 address (128-bit).

Example:

example.com.    IN    AAAA    2606:2800:220:1:248:1893:25c8:1946

Why it matters:

  • IPv4 addresses are exhausted; IPv6 is the future
  • Some mobile networks use IPv6 exclusively
  • Better for IoT and modern infrastructure
MX Mail Exchange Record

Purpose: Specifies mail servers responsible for receiving email for the domain.

Example:

example.com.    IN    MX    10    mail.example.com.
example.com.    IN    MX    20    mail2.example.com.

Key concepts:

  • Priority: Lower numbers = higher priority
  • Multiple MX records provide redundancy
  • Required for receiving email at your domain
CNAME Canonical Name Record

Purpose: Creates an alias that points to another domain name (not an IP).

Example:

www.example.com.    IN    CNAME    example.com.
blog.example.com.   IN    CNAME    mysite.wordpress.com.

Important rules:

  • Cannot be used at the zone apex (root domain)
  • Cannot coexist with other record types for same name
  • Great for third-party services (CDNs, SaaS)
TXT Text Record

Purpose: Stores arbitrary text data, commonly used for verification and email security.

Common uses:

; SPF Record
example.com.  IN  TXT  "v=spf1 include:_spf.google.com ~all"

; Domain Verification
example.com.  IN  TXT  "google-site-verification=abc123..."

; DKIM Record
selector._domainkey.example.com.  IN  TXT  "v=DKIM1; k=rsa; p=..."
  • SPF: Authorize email senders
  • DKIM: Email authentication signatures
  • DMARC: Email policy and reporting
  • Verification: Prove domain ownership
NS Name Server Record

Purpose: Identifies the authoritative name servers for a domain or subdomain.

Example:

example.com.    IN    NS    ns1.cloudflare.com.
example.com.    IN    NS    ns2.cloudflare.com.

Key points:

  • Every domain must have at least 2 NS records
  • NS records delegate authority for DNS zones
  • Changing NS records moves DNS management

Other DNS Record Types

Type Name Purpose
SOA Start of Authority Contains administrative information about the zone (primary NS, admin email, serial number, refresh/retry timers). Every zone has exactly one SOA record.
PTR Pointer Record Used for reverse DNS lookups—maps an IP address back to a domain name. Essential for email deliverability and security.
SRV Service Record Specifies the location (hostname and port) of servers for specific services like LDAP, SIP, or XMPP.
CAA Certification Authority Authorization Specifies which Certificate Authorities (CAs) are allowed to issue SSL/TLS certificates for the domain.
ALIAS ALIAS/ANAME Record Similar to CNAME but can be used at the zone apex. Not an official standard but supported by many DNS providers.
DNSKEY DNS Key Record Contains public keys used for DNSSEC (DNS Security Extensions) to authenticate DNS responses.

Understanding TTL (Time to Live)

TTL is a value in seconds that tells DNS resolvers how long to cache a record before requesting a fresh copy. Choosing the right TTL involves balancing performance against flexibility.

Long TTL (24-48 hours)

Values: 86400 - 172800 seconds

Pros:

  • Faster DNS resolution (cached)
  • Reduced load on nameservers
  • Better reliability during DNS outages

Cons:

  • Slow propagation of changes
  • Difficult to recover from errors

Best for: Stable records that rarely change

Medium TTL (1-4 hours)

Values: 3600 - 14400 seconds

Pros:

  • Good balance of caching and flexibility
  • Reasonable propagation time
  • Suitable for most use cases

Cons:

  • May still cause delays during migrations

Best for: Most websites and services

Short TTL (5-15 minutes)

Values: 300 - 900 seconds

Pros:

  • Fast propagation of changes
  • Quick failover capability
  • Ideal before migrations

Cons:

  • More DNS queries (higher load)
  • Slightly slower resolution

Best for: Load balancing, failover, pre-migration

Pro Tip: TTL Strategy for Migrations

Before migrating servers or changing hosting, lower your TTL to 300-600 seconds at least 48 hours in advance. This ensures the old, longer TTL has expired from all caches. After migration is complete and verified, increase TTL back to normal values.

DNS Security Best Practices

DNSSEC

DNS Security Extensions add cryptographic signatures to DNS records, preventing attackers from forging DNS responses.

  • Protects against DNS spoofing and cache poisoning
  • Establishes a chain of trust from root to your domain
  • Supported by most major registrars and DNS providers
  • Essential for high-security applications
Email Authentication

Protect your domain from email spoofing with these DNS-based email security records:

  • SPF: Specifies which servers can send email for your domain
  • DKIM: Adds digital signatures to verify email authenticity
  • DMARC: Tells receivers what to do with failed SPF/DKIM checks
  • BIMI: Displays your logo in supporting email clients

Common DNS Issues and Solutions

Cause: Old DNS records are cached based on the previous TTL value.

Solution: Wait for the old TTL to expire (can take up to 48 hours for long TTLs). In the future, lower TTL before making changes. You can also try flushing your local DNS cache.

Cause: Missing or incorrect MX records.

Solution: Verify MX records point to your mail server. Check priority values (lower = higher priority). Ensure the mail server hostname has a valid A record.

Cause: Missing or incorrect SPF, DKIM, or DMARC records.

Solution: Add proper SPF record listing authorized senders. Configure DKIM signing and add the public key as a TXT record. Set up DMARC policy to tell receivers how to handle authentication failures.

Cause: A record exists for one but not the other, or CNAME is misconfigured.

Solution: Create A records for both root (@) and www. Alternatively, use A record for root and CNAME for www pointing to root. Ensure your web server accepts requests for both hostnames.

Popular DNS Providers

Provider Type Key Features Best For
Cloudflare Free / Paid Fast global network, DDoS protection, CDN included, DNSSEC Most websites, especially those needing CDN/security
AWS Route 53 Paid Highly reliable, integrates with AWS, advanced routing policies AWS users, enterprise applications
Google Cloud DNS Paid Google infrastructure, low latency, DNSSEC support GCP users, high-traffic sites
Namecheap DNS Free with domain Easy to use, included with domain registration Small websites, beginners
NS1 Paid Advanced traffic management, real-time analytics Enterprise, complex DNS needs
Recent Lookups
allcitymenu.comALL1d
seemenus.comALL1d
webinc.coALL2d
Related Tools
Header Checker

Analyze HTTP headers
SSL Checker

Verify SSL certificates
Redirect Checker

Trace redirect chains