A and AAAA
A maps hostname to IPv4 (e.g., 192.0.2.42). AAAA does the same for IPv6 (2001:db8::1). Modern CDNs return both; browsers prefer IPv6 if latency is lower.
CNAME (Canonical Name)
Aliases one hostname to another. Cannot coexist with other records on same label. Root domain usually uses A/AAAA instead of CNAME because of email and SOA conflicts (CNAME flattening solves this).
MX – Mail Exchange
List of mail servers with preference (lower number = higher priority). Always points to hostnames, never bare IPs. Create corresponding A/AAAA records called “mail” to avoid dangling pointers.
TXT – Text
Swiss-army record: SPF (v=spf1 …), DKIM public key, Google-site-verification, DMARC policy. 255-char limit per string; longer values split with quotes.
NS – Nameserver
Delegates a subdomain to different authoritative servers. Used for split-horizon DNS or when you want internal.yourdomain.com managed by Active Directory servers.
SOA – Start of Authority
Mandatory for every zone; contains primary NS, admin email (encoded without @), serial number (YYYYMMDDnn), refresh/retry/expiry timers. Raise serial after every zone edit so slaves pick up changes.
SRV – Service Record
Specifies host and port for services like SIP, XMPP, LDAP. Format: _service._proto.name TTL IN SRV priority weight port target. Critical for Microsoft 365 autodiscovery.
CAA – Certificate Authority Authorization
Announces which CAs may issue SSL certificates for your domain. Example: yourdomain.com. CAA 0 issue "letsencrypt.org". Mandatory check by CAs since 2017; reduces mis-issuance risk.
PTR – Pointer (Reverse DNS)
Maps IP back to hostname. Needed for mail server legitimacy. Set by IP owner (hosting provider) not domain owner. Must match forward A record for best deliverability.
HTTPS – signals browser that site supports HTTPS-only (similar to HSTS preload). SVCB/Alias – modern CNAME-like for apex with SNI and ALPN hints. Still experimental but worth monitoring.