DNS Checker Guide: Propagation & Records

DNS Propagation Explained

DNS propagation is the time it takes for DNS changes to spread across the internet's DNS servers. When you update your domain's DNS records—like pointing to a new server or changing nameservers—those changes don't take effect instantly worldwide. Instead, they "propagate" gradually as DNS servers refresh their cached information.

Think of DNS propagation like updating a phone book distributed to thousands of locations. It takes time for each location to receive and implement the updates. During this transition period, some users see old information while others see new information, creating temporary inconsistency.

How Long Does DNS Propagation Take?

• Typical timeframe: 24-48 hours for complete global propagation
• Fast changes: Can be as quick as 15 minutes to a few hours for major DNS providers
• Slow changes: Occasionally up to 72 hours for regions with longer DNS cache times
• TTL impact: Time To Live settings control how long DNS servers cache your records

Why DNS Propagation Takes Time

1. DNS Caching: Internet Service Providers (ISPs) and DNS servers cache DNS records to improve performance. They won't query for fresh data until the cache expires (determined by TTL).
2. TTL (Time To Live): Each DNS record has a TTL value (in seconds) that tells DNS servers how long to cache the record. A TTL of 86400 means 24 hours.
3. Hierarchical Lookup: DNS queries travel through multiple layers (root servers, TLD servers, authoritative nameservers), each with its own caching.
4. Geographic Distribution: DNS servers are distributed globally, and updates reach different regions at different times.

Reducing Propagation Time

You can minimize propagation delays with proper planning:

• Lower TTL before changes: Reduce TTL to 300 (5 minutes) 24-48 hours before planned DNS changes
• Wait for old TTL to expire: After lowering TTL, wait for the old (higher) TTL period to pass before making changes
• Make changes: Update DNS records with the lower TTL in effect
• Restore TTL: After propagation completes, increase TTL back to 3600 (1 hour) or 86400 (24 hours) for better performance

DNS Record Types Explained

DNS records are instructions that tell DNS servers how to handle requests for your domain. Each record type serves a specific purpose.

A Record (Address Record)

Maps a domain name to an IPv4 address. This is the most fundamental DNS record.

example.com.    3600    IN    A    192.0.2.1

Purpose: Points your domain to your web server's IP address.

Example use:

• example.com → 192.0.2.1 (points to main website)
• www.example.com → 192.0.2.1 (points to same server)
• blog.example.com → 192.0.2.50 (points to different server)

AAAA Record (IPv6 Address)

Maps a domain name to an IPv6 address. Same as A record but for the newer IPv6 protocol.

example.com.    3600    IN    AAAA    2001:0db8:85a3::8a2e:0370:7334

CNAME Record (Canonical Name)

Creates an alias from one domain name to another. Points a domain to another domain name, not an IP address.

www.example.com.    3600    IN    CNAME    example.com.

Purpose: Allows you to point multiple domains to the same destination without maintaining duplicate A records.

Important limitations:

• Cannot be used for root domain (example.com) - only subdomains
• Cannot coexist with other record types on the same name
• Adds an extra DNS lookup (slight performance cost)

MX Record (Mail Exchange)

Specifies mail servers responsible for receiving email for your domain.

example.com.    3600    IN    MX    10 mail.example.com.
example.com.    3600    IN    MX    20 backup-mail.example.com.

Priority: The number (10, 20) indicates priority. Lower numbers have higher priority. Email is delivered to the lowest-priority server available.

Common configurations:

• Google Workspace: Points to aspmx.l.google.com
• Microsoft 365: Points to [domain].mail.protection.outlook.com
• Custom mail server: Points to your own mail server

TXT Record (Text Record)

Stores text information. Widely used for domain verification and email authentication.

example.com.    3600    IN    TXT    "v=spf1 include:_spf.google.com ~all"

Common uses:

• SPF (Sender Policy Framework): Specifies which mail servers can send email from your domain
• DKIM (DomainKeys Identified Mail): Email authentication using cryptographic signatures
• DMARC: Email authentication policy and reporting
• Domain verification: Proving domain ownership to Google, Microsoft, etc.
• Site verification: Verifying domain for various services

NS Record (Nameserver)

Specifies authoritative nameservers for your domain.

example.com.    86400    IN    NS    ns1.nameserver.com.
example.com.    86400    IN    NS    ns2.nameserver.com.

Purpose: Delegates DNS management to specific nameservers. This is typically set at your domain registrar and points to your DNS hosting provider.

SRV Record (Service)

Specifies location of services like VoIP, instant messaging, or custom applications.

_service._protocol.example.com.    3600    IN    SRV    10 60 5060 server.example.com.

CAA Record (Certification Authority Authorization)

Specifies which Certificate Authorities (CAs) can issue SSL certificates for your domain.

example.com.    3600    IN    CAA    0 issue "letsencrypt.org"

Purpose: Prevents unauthorized certificate issuance, enhancing security.

Common DNS Issues and Troubleshooting

Issue 1: DNS Changes Not Taking Effect

Symptoms: Updated DNS records but site still points to old server.

Causes:

• Propagation still in progress
• High TTL causing slow propagation
• Local DNS cache on your device
• Changed wrong DNS zone (registrar vs hosting)

Solutions:

# Check DNS from authoritative nameserver
dig @ns1.yournamserver.com example.com

# Flush local DNS cache
# Windows
ipconfig /flushdns

# macOS
sudo dscacheutil -flushcache

# Linux
sudo systemd-resolve --flush-caches

# Check global propagation
# Use dnsdingo.com to check from multiple locations

Issue 2: Email Not Receiving

Symptoms: Emails sent to your domain bounce or don't arrive.

Causes:

• Missing or incorrect MX records
• MX priority misconfigured
• A record pointing to web server, not mail server
• Missing SPF/DKIM records causing spam filtering

Solutions:

# Check MX records
dig example.com MX

# Check SPF record
dig example.com TXT | grep "v=spf1"

# Test email delivery
# Use online tools like MXToolbox to test email configuration

Issue 3: Subdomain Not Resolving

Symptoms: Main domain works but subdomain (blog.example.com) doesn't.

Causes:

• Missing A or CNAME record for subdomain
• Typo in subdomain record
• Wildcard DNS not configured for dynamic subdomains

Solutions:

# Check subdomain A record
dig blog.example.com A

# Check CNAME
dig blog.example.com CNAME

# Add missing record in DNS management panel

Issue 4: NXDOMAIN Error

Symptoms: "Server not found" or "DNS_PROBE_FINISHED_NXDOMAIN" error.

Causes:

• Domain doesn't exist or typo in domain name
• Nameservers not configured at registrar
• Domain expired
• Recently registered domain not yet propagated

Solutions:

• Verify domain spelling
• Check domain registration status at registrar
• Confirm nameservers are set correctly
• Wait for propagation (new domains)

Issue 5: DNS Hijacking/Spoofing

Symptoms: Your domain suddenly points to wrong IP or website showing incorrect content.

Causes:

• Compromised registrar account
• Unauthorized nameserver changes
• DNS cache poisoning

Use our IP lookup tool to verify where your domain is currently pointing and check if the IP address is legitimate.

Solutions:

• Immediately change registrar password
• Enable two-factor authentication on registrar account
• Enable registrar lock to prevent unauthorized transfers
• Contact registrar support immediately
• Check DNS records and revert unauthorized changes

DNS Best Practices

1. Use Multiple Nameservers

Always configure at least 2 nameservers (ideally 3-4) for redundancy. If one fails, others continue serving DNS.

2. Set Appropriate TTL Values

• Static records: Use 86400 (24 hours) or 43200 (12 hours)
• Dynamic records: Use 3600 (1 hour) or 1800 (30 minutes)
• Before migration: Temporarily reduce to 300 (5 minutes)

3. Implement DNSSEC

DNS Security Extensions (DNSSEC) add cryptographic signatures to DNS records, preventing DNS spoofing attacks.

4. Monitor DNS Performance

Use DNS Dingo to regularly check:

• Response times from different geographic locations
• Record accuracy across global DNS servers
• Nameserver availability and redundancy

5. Document Your DNS Configuration

Maintain clear documentation of:

• All DNS records and their purposes
• Nameserver configurations
• Third-party services using DNS (email, CDN, etc.)
• Recent changes and migration history

6. Use DNS Management Tools

Consider using specialized DNS hosting providers for advanced features:

• Cloudflare: Fast, free DNS with DDoS protection
• AWS Route 53: Highly scalable with health checks and failover
• Google Cloud DNS: Low-latency managed DNS
• NS1: Advanced traffic management and filtering

Conclusion

DNS is the foundation of internet functionality, translating human-readable domain names into machine-readable IP addresses. Understanding DNS propagation, record types, and troubleshooting techniques is essential for managing websites and email services effectively.

Tools like DNS Dingo make DNS management easier by providing real-time propagation checking, global DNS queries, and clear visualization of your DNS configuration. Whether you're migrating a website, setting up email, or troubleshooting connectivity issues, mastering DNS is a critical skill for developers and IT professionals.