A quick reference guide to DNS record types with syntax examples and common configurations. Use this as a lookup when configuring DNS for domains, email, or services.
name TTL class type value - Example: example.com. 300 IN A 93.184.216.34
Quick Reference Table
| Type | Name | Purpose | Category |
|---|---|---|---|
| A | Address | Maps domain to IPv4 address | Essential |
| AAAA | IPv6 Address | Maps domain to IPv6 address | Essential |
| CNAME | Canonical Name | Alias to another domain name | Essential |
| MX | Mail Exchange | Mail server for the domain | |
| TXT | Text | Arbitrary text (SPF, DKIM, verification) | Essential |
| NS | Name Server | Authoritative nameservers | Infrastructure |
| SOA | Start of Authority | Zone administrative info | Infrastructure |
| SRV | Service | Service location (host + port) | Services |
| CAA | CA Authorization | Allowed certificate authorities | Security |
| PTR | Pointer | Reverse DNS (IP to domain) | |
| DNSKEY | DNS Key | DNSSEC public key | Security |
| DS | Delegation Signer | DNSSEC delegation | Security |
| TLSA | TLS Authentication | DANE certificate pinning | Security |
| NAPTR | Name Authority Pointer | Regex-based rewriting rules | Advanced |
| SSHFP | SSH Fingerprint | SSH host key fingerprint | Security |
Record Syntax Examples
A Record (IPv4 Address)
Maps a domain name to an IPv4 address. The most common DNS record type.
# Basic A record
example.com. 300 IN A 93.184.216.34
# Subdomain
www.example.com. 300 IN A 93.184.216.34
# Multiple A records (round-robin load balancing)
example.com. 300 IN A 93.184.216.34
example.com. 300 IN A 93.184.216.35AAAA Record (IPv6 Address)
Maps a domain name to an IPv6 address.
# Basic AAAA record
example.com. 300 IN AAAA 2606:2800:220:1:248:1893:25c8:1946
# Dual-stack (A + AAAA)
example.com. 300 IN A 93.184.216.34
example.com. 300 IN AAAA 2606:2800:220:1:248:1893:25c8:1946CNAME Record (Alias)
Creates an alias pointing to another domain. Cannot be used at zone apex.
# www points to apex domain
www.example.com. 300 IN CNAME example.com.
# Subdomain to third-party service
blog.example.com. 300 IN CNAME hosting.provider.com.
# CDN configuration
static.example.com. 300 IN CNAME d1234.cloudfront.net.Cannot use CNAME at zone apex (example.com). Cannot coexist with other records for same name. Use ALIAS/ANAME if your provider supports it.
MX Record (Mail Exchange)
Specifies mail servers for the domain. Priority value determines preference (lower = higher priority).
# Single mail server
example.com. 300 IN MX 10 mail.example.com.
# Multiple servers with priority (failover)
example.com. 300 IN MX 10 mail1.example.com.
example.com. 300 IN MX 20 mail2.example.com.
example.com. 300 IN MX 30 backup.example.com.Google Workspace MX
1 ASPMX.L.GOOGLE.COM.
5 ALT1.ASPMX.L.GOOGLE.COM.
5 ALT2.ASPMX.L.GOOGLE.COM.
10 ALT3.ASPMX.L.GOOGLE.COM.
10 ALT4.ASPMX.L.GOOGLE.COM.
Microsoft 365 MX
0 yourdomain-com.mail.protection.outlook.com.
TXT Record (Text Data)
Stores arbitrary text data. Used for domain verification, SPF, DKIM, DMARC.
# Domain verification
example.com. 300 IN TXT "google-site-verification=abc123xyz"
# SPF (email sender policy)
example.com. 300 IN TXT "v=spf1 include:_spf.google.com ~all"
# DKIM (email signing)
selector._domainkey.example.com. 300 IN TXT "v=DKIM1; k=rsa; p=MIGfMA0..."
# DMARC (email authentication policy)
_dmarc.example.com. 300 IN TXT "v=DMARC1; p=reject; rua=mailto:dmarc@example.com"Common SPF Records
"v=spf1 include:_spf.google.com ~all"
"v=spf1 include:spf.protection.outlook.com ~all"
"v=spf1 a mx ~all"
Common DMARC Records
"v=DMARC1; p=none; rua=mailto:dmarc@example.com"
"v=DMARC1; p=quarantine; pct=100"
"v=DMARC1; p=reject; rua=mailto:dmarc@example.com"
NS Record (Name Server)
Specifies authoritative nameservers for the domain or subdomain.
# Domain nameservers
example.com. 86400 IN NS ns1.provider.com.
example.com. 86400 IN NS ns2.provider.com.
# Subdomain delegation
api.example.com. 86400 IN NS ns1.apihost.com.
api.example.com. 86400 IN NS ns2.apihost.com.SRV Record (Service Location)
Specifies service location with priority, weight, port, and target host.
# Format: _service._proto.name TTL class SRV priority weight port target
# SIP service
_sip._tcp.example.com. 300 IN SRV 10 60 5060 sip.example.com.
# XMPP/Jabber
_xmpp-server._tcp.example.com. 300 IN SRV 5 0 5269 xmpp.example.com.
# Microsoft Autodiscover
_autodiscover._tcp.example.com. 300 IN SRV 0 0 443 autodiscover.outlook.com.CAA Record (Certificate Authority Authorization)
Specifies which CAs may issue certificates for the domain.
# Allow Let's Encrypt only
example.com. 300 IN CAA 0 issue "letsencrypt.org"
# Allow multiple CAs
example.com. 300 IN CAA 0 issue "letsencrypt.org"
example.com. 300 IN CAA 0 issue "digicert.com"
# Wildcard certificates only from specific CA
example.com. 300 IN CAA 0 issuewild "letsencrypt.org"
# Report policy violations
example.com. 300 IN CAA 0 iodef "mailto:security@example.com"PTR Record (Reverse DNS)
Maps IP address to domain name. Configured in reverse DNS zone, typically by hosting provider.
# IPv4 reverse (for 93.184.216.34)
34.216.184.93.in-addr.arpa. 300 IN PTR mail.example.com.
# IPv6 reverse (for 2001:db8::1)
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa. 300 IN PTR mail.example.com.Common TTL Values
| TTL | Duration | Use Case |
|---|---|---|
| 60 | 1 minute | Failover, testing, pre-migration |
| 300 | 5 minutes | Dynamic records, frequently changing |
| 3600 | 1 hour | Standard records, good balance |
| 86400 | 24 hours | Stable records, NS records |
| 604800 | 7 days | Very stable records, maximum caching |
Before making DNS changes, lower TTL to 300 (5 min) at least 24-48 hours in advance. This ensures faster propagation when you make the actual change.