Creating DNS records is like giving your domain an address book filled with all the places people might want to visit. Whether you're setting up a website, email, or connecting to special services, DNS records are how you tell the internet where to find everything.

In this topic on DNS server, we'll walk through creating DNS records step by step, covering everything from preparation to verification. Even if you've never touched DNS before, you'll be able to create and manage your own records by the end.

1. Understanding DNS Record Creation Context

When You Need to Create DNS Records

You'll need to create DNS records in several scenarios:

• Setting up a new website
• Configuring email services
• Connecting to third-party services
• Creating subdomains for different departments
• Implementing security measures
• Verifying domain ownership

Prerequisites for Record Creation

Before creating DNS records, ensure you have:

• Access to your DNS management interface (web-based or server access)
• Administrative privileges for DNS management
• Knowledge of your domain's IP addresses
• Understanding of the services you're configuring
• Backup of existing configuration (always important!)

Planning Your DNS Records

Effective DNS record creation starts with planning:

1. List all services that need DNS records
2. Determine appropriate record types for each service
3. Plan subdomain structure
4. Consider TTL values for different record types
5. Document your planned changes

2. Preparing Zone Files

Understanding File Structure

Before creating records, you need to understand where they go. DNS records live in zone files, which are like spreadsheets that list all the services your domain offers.

Each zone file has:

1. A header with basic settings (TTL, SOA record)
2. Nameserver records (NS)
3. Your actual service records (A, CNAME, MX, etc.)

Think of the zone file as your domain's instruction manual - it tells computers exactly what to do when someone visits your website or sends you email.

Checking Existing Records

Before making changes, check what's already there:

# View current zone file
cat /etc/bind/zones/db.example.com

# Or check with dig
dig @localhost example.com ANY

# Check specific record types
dig @localhost example.com A
dig @localhost example.com MX

This prevents accidentally deleting important records or creating conflicts.

Zone File Best Practices

When preparing to modify zone files:

• Always backup existing files before changes
• Use descriptive comments to explain record purposes
• Maintain consistent formatting and indentation
• Keep a change log of modifications
• Test syntax before applying changes

3. Comprehensive Guide to Adding Common Records

Let's go through the most common record types you'll need to create:

How to Create A Records

A records are the foundation - they connect domain names directly to IP addresses.

To create an A record:

1. Open your zone file in a text editor
2. Add a line like this:

www    IN    A    192.168.1.100

Breaking it down:

• www = the subdomain (www.example.com)
• IN = Internet class (always the same)
• A = record type
• 192.168.1.100 = the IP address

For your main domain, use @ instead of a subdomain name:

@    IN    A    192.168.1.100

Advanced A Record Techniques

Multiple A records for load balancing:

www    IN    A    192.168.1.100
www    IN    A    192.168.1.101
www    IN    A    192.168.1.102

Custom TTL for specific records:

critical    IN    300    A    192.168.1.100
standard    IN    3600   A    192.168.1.101

How to Create AAAA Records

AAAA records work like A records but for IPv6 addresses:

@    IN    AAAA    2001:0db8:85a3:0000:0000:8a2e:0370:7334
www  IN    AAAA    2001:0db8:85a3:0000:0000:8a2e:0370:7334

How to Create CNAME Records

CNAME records create aliases - they point one domain name to another.

To create a CNAME record:

shop    IN    CNAME    shops.myshopify.com.

Important: Always end external domain names with a dot (.).

Common uses:

• Pointing www to your main domain
• Connecting to hosted services (Shopify, WordPress, etc.)
• Creating shortcuts to long domain names
• Redirecting deprecated subdomains

CNAME Best Practices

• Don't use CNAME for the root domain (@)
• Avoid chaining CNAME records (CNAME pointing to CNAME)
• Use A records for critical services for better performance
• Document external service dependencies

How to Create MX Records

MX records tell the internet where to deliver your email.

To create an MX record:

@    IN    MX    10    mail.example.com.

The number (10) is the priority - lower numbers are tried first. You can have multiple MX records:

@    IN    MX    10    mail.example.com.
@    IN    MX    20    backupmail.example.com.
@    IN    MX    30    fallback.example.com.

MX Record Guidelines

• Always use fully qualified domain names (ending with a dot)
• Set appropriate priority values
• Include backup mail servers
• Point MX records to hostnames, not IP addresses
• Test email delivery after MX record changes

How to Create TXT Records

TXT records store text information, often for verification and security.

Common TXT records:

@    IN    TXT    "v=spf1 mx ~all"           ; SPF record
@    IN    TXT    "google-site-verification=abc123"  ; Verification
_dmarc  IN    TXT    "v=DMARC1; p=quarantine; rua=mailto:[email protected]"

TXT records are enclosed in quotation marks and can contain spaces.

TXT Record Types

• SPF Records: Prevent email spoofing
• DKIM Records: Email authentication
• DMARC Records: Email authentication reporting
• Verification Records: Prove domain ownership
• Challenge Records: SSL certificate validation

How to Create NS Records

NS records specify which nameservers are authoritative for your domain:

@    IN    NS    ns1.example.com.
@    IN    NS    ns2.example.com.
@    IN    NS    ns3.example.com.

NS Record Best Practices

• Always have at least two nameservers
• Distribute nameservers geographically
• Use fully qualified domain names
• Keep nameserver information up to date

How to Create PTR Records

PTR records enable reverse DNS lookups:

100    IN    PTR    example.com.
101    IN    PTR    mail.example.com.

PTR records are typically managed by your ISP or hosting provider.

How to Create SRV Records

SRV records specify locations for specific services:

_sip._tcp    IN    SRV    10 100 5060 sipserver.example.com.
_ldap._tcp   IN    SRV    10 100 389 ldap.example.com.

Format: _service._protocol.TTL.IN.SRV.priority.weight.port.target

### 4. Advanced DNS Record Types

CAA Records

CAA records specify which Certificate Authorities can issue certificates:

@    IN    CAA    0 issue "letsencrypt.org"
@    IN    CAA    0 issuewild ";"
@    IN    CAA    0 iodef "mailto:[email protected]"

SSHFP Records

SSHFP records publish SSH key fingerprints:

server    IN    SSHFP    1 1 123456789abcdef...

TLSA Records

TLSA records support DANE (DNS-based Authentication):

_443._tcp.www    IN    TLSA    3 1 1 123456789abcdef...

5. Reloading DNS Services

After creating records, you need to tell your DNS server about the changes.

Commands for Reload

For BIND DNS server:

# Reload configuration and zone files
sudo systemctl reload bind9

# Or use the traditional command
sudo rndc reload

# Reload specific zone only
sudo rndc reload example.com

# Check configuration syntax
sudo named-checkconf

# Check zone file syntax
sudo named-checkzone example.com /etc/bind/zones/db.example.com

Web-Based DNS Management

For hosted DNS services:

1. Save your changes in the web interface
2. Wait for automatic propagation
3. Check for confirmation messages
4. Verify changes with testing tools

Incrementing Serial Numbers

Always increment the serial number in your SOA record:

@   IN   SOA   ns1.example.com. admin.example.com. (
                   2023121001   ; Serial (YYYYMMDDNN)
                   3600         ; Refresh
                   1800         ; Retry
                   604800       ; Expire
                   86400 )      ; Minimum TTL

6. Comprehensive Testing Methods

Testing with dig

Always test your new records:

# Test A record
dig @localhost www.example.com

# Test AAAA record
dig @localhost example.com AAAA

# Test MX record
dig @localhost example.com MX

# Test TXT record
dig @localhost example.com TXT

# Test CNAME record
dig @localhost shop.example.com CNAME

# Test NS record
dig @localhost example.com NS

# Trace the lookup path
dig +trace example.com

Testing with nslookup

Alternative testing tool:

# Basic lookup
nslookup example.com

# Specify DNS server
nslookup example.com 8.8.8.8

# Query specific record type
nslookup -type=mx example.com

Testing with host

Simple DNS lookup tool:

# Basic lookup
host example.com

# Query specific record type
host -t mx example.com

# Reverse DNS lookup
host 192.168.1.100

7. Verifying Changes Globally

TTL and Propagation Check Tools

DNS changes don't happen instantly everywhere. Records have a TTL (Time To Live) that tells servers how long to cache information.

To check TTL:

dig example.com | grep "TTL"

To speed up propagation during changes:

1. Lower TTL to 300 seconds (5 minutes) 24 hours before making changes
2. Make your changes
3. Restore normal TTL afterward

Online Verification Tools

Several websites can check your DNS records from multiple locations:

• whatsmydns.net
• dnschecker.org
• viewdns.info
• mxtoolbox.com

These show you how your records appear globally, not just from your location.

Monitoring Propagation

Track propagation progress:

# Script to monitor changes
while true; do
    echo "$(date): $(dig +short example.com)"
    sleep 60
done

8. Common Issues & Fixes

Record Not Showing Up

If your new record isn't appearing:

1. Check for syntax errors in your zone file
2. Verify you increased the serial number in the SOA record
3. Confirm you reloaded the DNS service
4. Clear your local DNS cache
5. Wait for TTL expiration if record was previously cached

Syntax Errors

Common mistakes:

• Missing dots at the end of full domain names
• Incorrect spacing or tabbing
• Wrong record types
• Duplicate record names
• Incorrect parentheses in SOA records
• Missing semicolons

Always validate with:

sudo named-checkzone example.com /etc/bind/zones/db.example.com
sudo named-checkconf

Permission Problems

Zone files must be readable by the DNS service:

# Check ownership
ls -l /etc/bind/zones/

# Fix if needed
sudo chown root:bind /etc/bind/zones/db.example.com
sudo chmod 644 /etc/bind/zones/db.example.com

Network Connectivity Issues

Ensure DNS service is accessible:

# Check if service is listening
netstat -tulnp | grep :53

# Test local resolution
dig @127.0.0.1 example.com

# Check firewall rules
sudo iptables -L INPUT | grep 53

9. Best Practices for DNS Record Management

Change Management Process

1. Document all changes before implementation
2. Test in a staging environment when possible
3. Implement during low-traffic periods
4. Monitor after deployment
5. Maintain rollback procedures

Security Considerations

• Restrict zone transfers to authorized servers
• Use DNSSEC for cryptographic authentication
• Implement rate limiting to prevent abuse
• Regularly audit DNS records for unauthorized changes
• Keep DNS software updated

Performance Optimization

• Set appropriate TTL values for different record types
• Use multiple nameservers for redundancy
• Implement anycast for global DNS services
• Monitor DNS query performance
• Clean up obsolete records regularly

10. Automation and Scripting

Automated Record Creation

Script repetitive record creation:

#!/bin/bash
# Bulk create subdomain records
for i in {1..10}; do
    echo "server$i    IN    A    192.168.1.$((100 + $i))" >> zonefile
done

Configuration Management Integration

Integrate with tools like Ansible:

- name: Update DNS zone file
  lineinfile:
    path: /etc/bind/zones/db.example.com
    line: "{{ item.name }}    IN    A    {{ item.ip }}"
  loop:
    - { name: "www", ip: "192.168.1.100" }
    - { name: "mail", ip: "192.168.1.101" }

11. Troubleshooting Complex Scenarios

Multi-Record Dependencies

When records depend on each other:

1. Create foundational records first (A, AAAA)
2. Add dependent records (CNAME, MX)
3. Verify resolution chain works correctly
4. Test end-to-end functionality

Third-Party Service Integration

When integrating with external services:

1. Verify service provider requirements
2. Create required verification records
3. Test service connectivity
4. Monitor for changes in requirements

12. Summary & Key Takeaways

Creating DNS records is a fundamental skill for managing domains and online services. Here are the essential points to remember:

1. Planning First: Always plan your DNS records before implementing them
2. Syntax Matters: DNS records have strict formatting requirements
3. Testing is Critical: Always verify records work as expected
4. Serial Numbers: Increment SOA serial numbers with every change
5. Global Propagation: DNS changes take time to propagate worldwide
6. Security Awareness: Consider security implications of DNS records
7. Documentation: Keep detailed records of your DNS configuration

With practice, you'll be able to quickly add, modify, and troubleshoot DNS records for any situation. Remember to always test your changes and keep backups of working configurations.

Whether you're managing a single website or complex enterprise infrastructure, mastering DNS record creation is an essential skill that will serve you well throughout your career in IT and networking.