ITMar 31, 2026

🌐

Complete DNS Setup Guide — A Records, CNAME, and Nameservers Explained Simply

Q: What is the difference between a domain registrar and a DNS provider?

domain registrar is where you purchase and own your domain (Namecheap, GoDaddy, Gabia, etc.). A DNS provider manages the DNS records for your domain (Cloudflare, Route 53, etc.). They can be the same company, or you can separate them — buying a domain at one registrar and using Cloudflare for DNS.

DNS (Domain Name System) is the internet's "phone book" — it translates domain names into IP addresses. Each record type has a different role: A records (IPv4), CNAME (domain alias), MX (email routing), TXT (ownership verification). Check your current records with the DNS Lookup tool before making changes.

Key Summary
DNS (Domain Name System) is the internet's "phone book" — it translates domain names into IP addresses.
Each record type has a distinct role: A record (IPv4 address), AAAA record (IPv6), CNAME (domain alias), MX (email routing), TXT (ownership verification, SPF, etc.).
Nameserver (NS) changes are made at your domain registrar; record editing is done in your DNS provider's panel (Cloudflare, Route 53, etc.).
Lower TTL means faster propagation of changes, but increases server load.
DNS propagation can take up to 48 hours to reach all servers worldwide.
Before making changes, verify your current records with the DNS Lookup Tool.

What Is DNS and Why Is It Needed?

When you type www.example.com into a browser, your computer needs to find the actual IP address (e.g., 93.184.216.34) behind that name. Since humans find numeric IPs difficult to remember, a system is needed to translate domain names into IP addresses. That system is DNS (Domain Name System).

DNS is made up of thousands of distributed servers around the world, organized in a hierarchy:

1Root DNS Servers — The top level. 13 server clusters operate worldwide.
2TLD (Top-Level Domain) Servers — Servers for each domain type: .com, .org, .io, etc.
3Authoritative DNS Servers — The servers that actually store the records for a specific domain. Cloudflare, Route 53, and registrar DNS services fall into this category.
4Recursive DNS Resolvers — Intermediate servers provided by your ISP or public services like Google (8.8.8.8) and Cloudflare (1.1.1.1). They navigate the hierarchy on your behalf and cache results.

This structure enables billions of domain queries worldwide to be resolved quickly.

A Complete Breakdown of DNS Record Types

DNS records store various types of information about a domain. Each type has a completely different role — let's go through them one by one.

A Record (Address Record)

The most fundamental record type. Connects a domain to an IPv4 address.

Name	Type	Value	TTL
`example.com`	A	`93.184.216.34`	3600
`www.example.com`	A	`93.184.216.34`	3600

Can be set for both the root domain (example.com) and subdomains (www, blog, api, etc.)
Registering multiple A records for one domain enables round-robin load balancing

AAAA Record

Identical to an A record but points to an IPv6 address. IPv6 addresses look like 2606:2800:220:1:248:1893:25c8:1946 — long and complex. Services that need IPv6 support should configure AAAA records alongside A records.

CNAME Record (Canonical Name)

An alias record that connects a domain to another domain name — not an IP address, but another domain.

Name	Type	Value	TTL
`www.example.com`	CNAME	`example.com`	3600
`blog.example.com`	CNAME	`myblog.github.io`	3600
`shop.example.com`	CNAME	`mystore.myshopify.com`	3600

Key CNAME restriction: You cannot use a CNAME on the root domain (example.com, @). Root domains must use A or AAAA records. However, services like Cloudflare offer CNAME Flattening to work around this internally.

MX Record (Mail Exchange)

Specifies the mail server that receives email for a domain. Lower priority numbers are tried first.

Name	Type	Priority	Value	TTL
`example.com`	MX	1	`aspmx.l.google.com`	3600
`example.com`	MX	5	`alt1.aspmx.l.google.com`	3600

Must be configured when connecting email services like Google Workspace or Microsoft 365.

TXT Record (Text Record)

Stores text-based information about a domain. Commonly used for:

Domain ownership verification: Required by Google Search Console, GitHub Pages, etc.
SPF (Sender Policy Framework): Specifies authorized email sending servers to block spam.

- Example: v=spf1 include:_spf.google.com ~all

DKIM: Registers digital signature keys for email authentication.
DMARC: Declares the email authentication policy for the domain.

NS Record (Name Server)

Tells the world which servers manage the DNS for a domain. Changed at the domain registrar. Once NS records are updated, all future DNS queries for that domain go to the new nameservers.

Common nameserver providers:

Cloudflare: noah.ns.cloudflare.com, pita.ns.cloudflare.com
AWS Route 53: ns-XXX.awsdns-XX.com (4 records)
Google Cloud DNS: ns-cloud-XX.googledomains.com

SOA Record (Start of Authority)

A technical record automatically managed by the DNS provider. Contains the primary nameserver, administrator email, and serial number used for zone transfers. Users generally do not need to edit this manually.

SRV Record (Service)

Specifies which server handles a particular service — commonly used for VoIP, game servers, and communication protocols.

Format: _service._protocol.domain Example: _minecraft._tcp.example.com → points to a Minecraft server

PTR Record (Pointer)

The reverse of an A record — translates an IP address back to a domain name. Used for reverse DNS (rDNS) lookup. Email servers use PTR records to verify whether the sending IP is legitimate.

Understanding TTL (Time To Live)

TTL is the number of seconds that DNS resolvers cache a record before checking again.

TTL Value	Propagation	Best Use Case
60 (1 min)	Very fast	During migration or when changes are expected
300 (5 min)	Fast	Normal operation with frequent updates
3600 (1 hr)	Standard	Most production websites
86400 (24 hr)	Slow	Stable records that rarely change

Best practice: Lower TTL to 300–600 seconds 24–48 hours before a planned DNS change. After confirming the change is working, restore TTL to 3600.

How to Change Nameservers (Step by Step)

Changing nameservers moves DNS management from your registrar to a different provider (e.g., Cloudflare).

Step 1. Add your domain to Cloudflare (or your new DNS provider) and note the nameserver addresses provided.

Step 2. Log into your domain registrar (Namecheap, GoDaddy, Gabia, etc.) and find the nameserver settings.

Step 3. Replace the existing nameservers with the new ones (e.g., Cloudflare's noah.ns.cloudflare.com).

Step 4. Wait for propagation — changes take 24–48 hours to reach all DNS resolvers worldwide.

Step 5. Verify with a DNS Lookup tool: Check your DNS records now →

Common DNS Error Types and Solutions

ERR_NAME_NOT_RESOLVED

The domain name could not be resolved. Possible causes:

A record not yet created or pointing to wrong IP
DNS propagation still in progress (wait 24–48 hours)
Typo in domain name

Website Not Loading After Nameserver Change

Check whether the A record exists in the new DNS provider's panel. When switching to Cloudflare, you must re-create all existing records in Cloudflare's dashboard — they are not transferred automatically.

Email Not Being Received

Verify MX records are correctly set. For Google Workspace, the correct MX value is aspmx.l.google.com with priority 1.

Cloudflare Proxy Mode (Orange Cloud) Caution

With Cloudflare proxy enabled (orange cloud icon), DNS queries return Cloudflare's IP, not your server's actual IP. This can cause issues with services that require the real server IP (some mail servers, VPNs, etc.). For those records, switch to DNS Only (gray cloud) mode.

Frequently Asked Questions (FAQ)

Q1. What is the difference between a domain registrar and a DNS provider?

A domain registrar is where you purchase and own your domain (Namecheap, GoDaddy, Gabia, etc.). A DNS provider manages the DNS records for your domain (Cloudflare, Route 53, etc.). They can be the same company, or you can separate them — buying a domain at one registrar and using Cloudflare for DNS.

Q2. Why can't I use CNAME on the root domain?

The DNS standard (RFC 1034) prohibits CNAME records at a zone apex (root domain). This is because the root domain must have SOA and NS records, and a CNAME at the root would conflict with those. Cloudflare's CNAME Flattening is a proprietary extension that works around this at the DNS resolution level.

Q3. How can I speed up DNS propagation?

You cannot force global propagation, but lowering TTL to 300–600 seconds at least 24 hours before your planned change helps. After the change, DNS resolvers will check for updates more frequently.

Q4. What is an SPF record and why is it needed?

SPF (Sender Policy Framework) is a TXT record that tells receiving mail servers which servers are authorized to send email from your domain. Without SPF, emails from your domain are more likely to be marked as spam or rejected by recipients.

Q5. What is Cloudflare's proxy (orange cloud)?

When Cloudflare's proxy is active, all traffic to your domain passes through Cloudflare's servers. Benefits include DDoS protection, caching, and performance optimization. The downside is that your server's real IP is hidden — which can cause issues for certain services.

Q6. What records do I need for a basic website setup?

The minimum requirements for a typical website are:

A record (or CNAME): point the domain to your hosting server
MX records: if you need email for the domain
TXT record: SPF (for email authentication) and ownership verification for tools like Google Search Console