DNS Record Types
DNS is a hierarchical database that maps names to records. Each record type encodes a specific kind of information.
Address records
| Type | Purpose | Example value |
|---|---|---|
A | Map a name to an IPv4 address. | 192.0.2.1 |
AAAA | Map a name to an IPv6 address. | 2001:db8::1 |
CNAME | Alias for another name. Cannot coexist with other records at the same node. | www CNAME example.com. |
ALIAS / ANAME | Non-standard "flattened" CNAME-at-apex supported by some providers. | example.com → cdn.host. |
Mail records
| Type | Purpose | Example |
|---|---|---|
MX | Mail server(s) for the domain, with priority. | 10 mx.example.com. |
TXT | Free-form text. Used for SPF, DKIM, DMARC, domain ownership proofs. | "v=spf1 include:_spf.example.com -all" |
Infrastructure records
| Type | Purpose |
|---|---|
NS | Authoritative name servers for the zone. |
SOA | Start Of Authority — administrative metadata for the zone (serial, refresh, expire). |
PTR | Reverse DNS — IP-to-name. Lives in in-addr.arpa and ip6.arpa. |
SRV | Service location for a specific protocol — used by SIP, XMPP, LDAP, Minecraft, others. |
Security records
| Type | Purpose |
|---|---|
CAA | Certificate Authority Authorization — which CAs may issue certs for this domain. |
TLSA | DANE — pin TLS certificates in DNS (requires DNSSEC). |
DNSKEY / DS / RRSIG / NSEC | DNSSEC chain-of-trust records. See DNSSEC. |
The SOA fields
example.com. SOA ns1.example.com. hostmaster.example.com. (
2026051301 ; serial — bump on every change
7200 ; refresh — how often secondaries check
3600 ; retry — wait before retry after fail
1209600 ; expire — stop serving after this
300 ; negative TTL — how long to cache NXDOMAIN
)
i
CNAMEs at the apex. RFC 1034 forbids CNAMEs alongside other records, which means you cannot put a CNAME at the zone apex (the bare domain). Use ALIAS/ANAME if your provider supports it, or use an A/AAAA record that the provider keeps updated.