DNS records tell the internet where to find everything associated with your domain: your website, your email, your subdomains, and verification tokens for third-party services. Each record type serves a specific purpose. Understanding what each one does saves hours of debugging when something stops working.
The A record is the most fundamental DNS record. It maps a hostname to an IPv4 address, telling browsers which server to connect to. When you want yourdomain.com to resolve to a specific server, you create an A record pointing @ (the bare domain) to that server's IP.
Example, pointing the bare domain and www to a server:
You typically need separate A records for the bare domain (@) and www, or you can use a CNAME for www pointing to the bare domain. Both approaches work.
Functionally identical to an A record, but for IPv6 addresses. IPv6 addresses are longer and look like 2001:db8::1. Most modern servers and CDNs support dual-stack (both IPv4 and IPv6), in which case you'll have both an A and an AAAA record for the same hostname.
Example:
If your hosting provider doesn't support IPv6, you don't need an AAAA record. The absence of one isn't an error.
A CNAME (Canonical Name) record maps one hostname to another hostname rather than an IP address. It's used to point subdomains at external services, or to alias www to the bare domain. When a resolver looks up a CNAME, it follows the chain and resolves the target hostname's IP.
Common uses: pointing shop.yourdomain.com to a Shopify store, cdn.yourdomain.com to a CDN provider, or www to the bare domain.
Critical rule: you cannot use a CNAME at the bare domain (@). The root domain must use an A or AAAA record. CNAMEs are only valid for subdomains. Additionally, a CNAME must be the only record for that name, you can't have a CNAME and an MX record at the same hostname.
MX records tell receiving servers where to deliver email addressed to your domain. They point to a hostname (never an IP address directly) and include a priority number. Lower priority numbers are tried first. If the primary mail server is unavailable, the sending server tries the next-lowest priority.
Example, Google Workspace MX records:
Email providers (Google Workspace, Microsoft 365, Zoho) give you their specific MX records during setup. Use exactly the values they provide. Never point MX records at an IP address, always use a hostname.
TXT records store free-form text and are used for two main purposes: domain ownership verification and email authentication. You'll typically have several TXT records for different services.
Domain verification examples (Google Search Console, various services):
Email authentication (SPF record):
DKIM (cryptographic email signing key, published at a selector subdomain):
You can have multiple TXT records at the same name (the bare domain can have several), which is how you add both SPF and Google verification without conflict.
NS records specify which DNS servers are authoritative for a domain. When you set nameservers at your registrar, the registry writes NS records into the parent zone pointing to your nameservers. Those nameservers then host all the other DNS records for your domain.
Example, HostBible's nameservers as seen in a zone:
You don't usually add NS records manually, they're set by changing nameservers at your registrar. However, you can create NS records for subdomains to delegate a subdomain's DNS to a different provider (called subdomain delegation).
PTR records are the reverse of A records, they map an IP address back to a hostname. Used primarily for email deliverability checks (receiving mail servers verify that the sending server's IP resolves back to a legitimate hostname). PTR records are managed by whoever controls the IP address block, typically the hosting provider, not through your domain's DNS zone.
SRV records specify the location of specific services. They include the service name, protocol, priority, weight, port number, and target hostname. Rarely needed for standard web hosting, but you'll encounter them when setting up Microsoft Teams (SIP federation), VoIP services, or some multiplayer game servers.
Example format:
CAA records restrict which certificate authorities (CAs) are allowed to issue SSL certificates for your domain. If a CAA record specifies only Let's Encrypt, then DigiCert and other CAs are prohibited from issuing certificates for your domain, even if someone submits a valid domain control verification request. Useful for preventing unauthorised certificate issuance.
HostBible's control panel gives you access to all DNS record types. Add, edit, and delete records without raising a support ticket. Domains from £5.99/year.
Register a Domain