DevLift
All Tools

DNS Record Reference

Searchable reference of all DNS record types with descriptions, examples, and common use cases.

Showing 21 of 21 record types

A

Address Record

Common

Maps a domain name to an IPv4 address. This is the most fundamental DNS record type, used to point a domain to the server hosting its content.

example.com.  300  IN  A  93.184.216.34

AAAA

IPv6 Address Record

Common

Maps a domain name to an IPv6 address. Works identically to an A record but for the newer IPv6 protocol, supporting the larger address space.

example.com.  300  IN  AAAA  2606:2800:220:1:248:1893:25c8:1946

CNAME

Canonical Name Record

Common

Creates an alias from one domain name to another. The aliased domain inherits all DNS records of the target. Cannot coexist with other record types for the same name.

www.example.com.  300  IN  CNAME  example.com.

MX

Mail Exchange Record

Common

Specifies the mail server responsible for receiving email on behalf of a domain. Includes a priority value where lower numbers indicate higher priority.

example.com.  300  IN  MX  10 mail.example.com.

TXT

Text Record

Common

Stores arbitrary text data associated with a domain. Widely used for domain verification, email authentication (SPF, DKIM, DMARC), and other machine-readable metadata.

example.com.  300  IN  TXT  "v=spf1 include:_spf.google.com ~all"

NS

Name Server Record

Common

Delegates a DNS zone to the specified authoritative name servers. These records tell the internet which servers to query for DNS records in your domain.

example.com.  86400  IN  NS  ns1.exampledns.com.

SOA

Start of Authority Record

Common

Contains administrative information about a DNS zone including the primary nameserver, administrator email, serial number, and timing parameters for zone transfers.

example.com.  86400  IN  SOA  ns1.example.com. admin.example.com. 2024010101 3600 900 1209600 86400

PTR

Pointer Record

Common

Maps an IP address back to a domain name (reverse DNS). Used for reverse DNS lookups, which are essential for email deliverability and network diagnostics.

34.216.184.93.in-addr.arpa.  300  IN  PTR  example.com.

SPF

Sender Policy Framework (via TXT)

Mail

Published as a TXT record, SPF defines which mail servers are authorized to send email on behalf of your domain. Receiving servers check SPF to detect forged sender addresses.

example.com.  300  IN  TXT  "v=spf1 ip4:192.0.2.0/24 include:_spf.google.com -all"

DKIM

DomainKeys Identified Mail (via TXT)

Mail

Published as a TXT record under a selector subdomain, DKIM provides a public key that receiving servers use to verify the cryptographic signature on outgoing emails, ensuring the message was not altered in transit.

selector._domainkey.example.com.  300  IN  TXT  "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4..."

DMARC

Domain-based Message Authentication (via TXT)

Mail

Published as a TXT record at _dmarc.yourdomain.com, DMARC tells receiving servers how to handle emails that fail SPF and/or DKIM checks. It also enables reporting on authentication results.

_dmarc.example.com.  300  IN  TXT  "v=DMARC1; p=reject; rua=mailto:dmarc@example.com; pct=100"

CAA

Certificate Authority Authorization

Security

Specifies which Certificate Authorities are allowed to issue SSL/TLS certificates for your domain. Helps prevent unauthorized certificate issuance.

example.com.  300  IN  CAA  0 issue "letsencrypt.org"

TLSA

TLS Authentication Record

Security

Associates a TLS certificate or public key with a domain name, enabling DANE (DNS-based Authentication of Named Entities). Allows domain owners to pin certificates via DNS.

_443._tcp.example.com.  300  IN  TLSA  3 1 1 2bb183af2b8...

DNSKEY

DNS Key Record

Security

Holds the public key used to verify DNSSEC signatures. Part of the DNSSEC chain of trust that protects DNS responses from being tampered with.

example.com.  86400  IN  DNSKEY  257 3 13 mdsswUyr3DPW...

DS

Delegation Signer Record

Security

Contains a hash of a child zone's DNSKEY record, published in the parent zone. Links the DNSSEC chain of trust between parent and child zones.

example.com.  86400  IN  DS  12345 13 2 49FD46E6C4B4...

SSHFP

SSH Fingerprint Record

Security

Publishes SSH server key fingerprints in DNS so that SSH clients can verify host keys via DNSSEC, reducing the risk of man-in-the-middle attacks on first connection.

server.example.com.  300  IN  SSHFP  2 1 123456789abcdef...

SRV

Service Record

Advanced

Specifies the hostname and port for specific services. Allows clients to discover services like SIP, XMPP, or LDAP by querying DNS instead of hardcoding connection details.

_sip._tcp.example.com.  300  IN  SRV  10 5 5060 sipserver.example.com.

NAPTR

Naming Authority Pointer Record

Advanced

Supports rewriting and delegation of domain names using regular expressions. Used in ENUM (telephone number mapping) and SIP URI routing.

example.com.  300  IN  NAPTR  100 10 "u" "E2U+sip" "!^.*$!sip:info@example.com!" .

LOC

Location Record

Advanced

Stores geographic location information (latitude, longitude, altitude) for a domain name. Rarely used in practice but standardized in RFC 1876.

example.com.  300  IN  LOC  37 23 30.900 N 122 1 38.649 W 17.00m 100m 10m 10m

HINFO

Host Information Record

Advanced

Provides information about a host's hardware type and operating system. Largely deprecated due to security concerns about exposing system details publicly.

example.com.  300  IN  HINFO  "INTEL-386" "LINUX"

RP

Responsible Person Record

Advanced

Identifies the responsible person for a domain by specifying an email address (in DNS format) and an optional TXT record with additional contact information.

example.com.  300  IN  RP  admin.example.com. contact.example.com.