Free DNS Tool
DNS Propagation & Health Checker
Check DNS records across Google DNS and Cloudflare DNS in real time. Look up A, AAAA, MX, NS, TXT, CNAME, and SOA records with TTL values using DNS-over-HTTPS.
DNS Record Types
Understanding DNS Records
Each record type serves a different purpose in the DNS system
Address Record
Maps a domain to an IPv4 address. The most fundamental DNS record. When you visit a website, your browser looks up the A record first to find the server's IP address.
IPv6 Address Record
Maps a domain to an IPv6 address. The IPv6 equivalent of an A record. As IPv6 adoption grows, AAAA records become increasingly important for accessibility.
Mail Exchange
Specifies which mail servers accept email for the domain, with priority values. Lower priority numbers are preferred. Essential for email delivery.
Name Server
Identifies the authoritative DNS servers for the domain. These servers hold the definitive DNS records. Usually set at the registrar level.
Text Record
Holds arbitrary text data. Commonly used for SPF email validation, DKIM signatures, DMARC policies, domain ownership verification, and SSL certificate validation.
Canonical Name
Creates an alias from one domain to another. Often used for subdomains (www.example.com → example.com) or CDN integration. Cannot coexist with other record types.
TTL Guide
Understanding TTL (Time To Live)
TTL determines how long DNS resolvers cache a record before querying again. Lower TTL means faster propagation but more DNS queries.
| TTL Value | Duration | Use Case | Propagation Time |
|---|---|---|---|
300 | 5 minutes | During DNS migrations, failover, active changes | ~5 min |
900 | 15 minutes | Frequently changing records, load-balanced services | ~15 min |
3600 | 1 hour | Standard websites, default for most records | ~1 hour |
14400 | 4 hours | Stable records that rarely change | ~4 hours |
86400 | 24 hours | NS records, very stable infrastructure | ~24 hours |
DNS Health Report
A complete DNS health assessment beyond just propagation status.
A/AAAA records: Use 300s (5 min) for services behind load balancers or failover systems. Use 3600s (1 hour) for static infrastructure.
MX records: 3600s is standard. Lower TTLs cause unnecessary lookups without benefit.
NS records: 86400s (24 hours) is best practice. NS changes are rare and should propagate slowly to avoid split-brain.
You should have at least 2 NS records hosted on different networks. If both nameservers are on the same provider, a single outage takes down all DNS resolution for your domain. Consider a secondary DNS provider (e.g., Cloudflare + Route53) for critical domains.
DNS is a common DDoS amplification vector. If your domain uses authoritative nameservers you control, ensure they have rate limiting enabled and are not open resolvers. Use dig +short @your-ns-server example.com to verify.
DNSSEC protects against DNS spoofing attacks. Check if your domain has DNSSEC enabled with dig +dnssec your-domain.com. Look for the ad flag in the response header.
FAQ