Doc Summary
Introduction #
Domains and DNS records are another core part of your subscription. Without a domain or the correct DNS records, your website, email, etcetera will not work as the internet and systems simply don’t know or see you. In this doc you will learn some basics regarding domains and DNS records.
How a Domain Can Be Used #
A domain name can be used in different ways depending on what you want it to do. In practice, a domain is not automatically the same thing as a website or an email service. Instead, the domain acts as the address, while DNS and hosting settings determine where that address points and how it behaves.
This is why it is important to understand that a domain can be connected to different services in different ways. For example, a domain can be used only for DNS management, it can point to an existing website, or it can be connected to a separate website of its own.
Standalone Use #
A domain can be used on its own without being linked directly to a website hosting service. In that case, the domain is mainly used for DNS management. This is useful when the website, email, or other services are hosted somewhere else, or when the domain is being reserved for later use.
With this type of setup, the domain itself remains active and DNS records such as A, AAAA, MX, TXT, or CNAME records can be managed as needed.
Pointing to an Existing Website #
A domain can also be used as an additional address for an existing website. In that situation, multiple domains may lead to the same website instead of each domain having its own separate content.
This is often used for alternative domain extensions, regional domains, brand protection, or secondary domains that should show the same website as the main domain.
Using a Domain for a Separate Website #
A domain can also be connected to its own separate website within a hosting environment that supports multiple websites. In that case, the domain points to its own website files and can function independently from other domains in the same account.
This is commonly used when one hosting account is used for more than one website or project.
Why This Matters #
The way a domain is used affects the technical setup behind it. It determines whether the domain only manages DNS, points to an existing website, or serves its own separate website. It can also affect how DNS records, website files, and related services such as email are configured.
The domain itself remains the address, but the actual behaviour depends on how it is connected to DNS and hosting.
Important Note #
A domain and a hosting service are not automatically the same thing. A domain can exist without website hosting, and website hosting can involve one or more domains depending on the setup.
Common DNS Record Types #
DNS records control how a domain connects to services such as websites, email platforms, and external providers. Each record type has a specific role, and the correct combination of records determines how your domain behaves.
Because DNS records directly affect routing and verification, incorrect values can cause websites, email, or connected services to stop working or behave unexpectedly.
Where DNS Records Are Managed #
DNS records are managed in the DNS Zone Editor (or another DNS management interface linked to the domain if applicable).
When records are changed, the update does not always become visible everywhere immediately. DNS changes need time to propagate, and full propagation can take up to 24 to 48 hours in some cases. More on that subject below.
A Record #
An A record points a domain or subdomain to an IPv4 address.
This is one of the most common DNS record types and is typically used to connect a domain to a web server or another service that is reached by IPv4.
For example:
example.com→203.0.113.10
Most websites need at least one A record in order to load correctly.
AAAA Record #
An AAAA record works in the same way as an A record, but it points to an IPv6 address instead of IPv4.
For example:
example.com→2001:db8::1
Some hosting setups use both A and AAAA records so the domain can be reached over both IPv4 and IPv6.
MX Record #
An MX record defines which mail server is responsible for receiving email for your domain.
If a domain uses email, correct MX records are essential. These records can also include priority values, which tell receiving systems which mail server should be preferred first.
If MX records are missing or incorrect, email delivery to the domain may fail.
TXT Record #
A TXT record stores text-based information in DNS. Although it can be used for different purposes, it is especially important for verification and email authentication.
Common uses include:
- SPF records
- DKIM-related values
- DMARC policies
- domain ownership verification
TXT records are often critical for email deliverability and for proving that a domain is authorised to use a service.
CNAME Record #
A CNAME record points one domain name to another domain name instead of pointing directly to an IP address.
This is commonly used for subdomains or service connections where the target is another hostname rather than a server IP.
For example:
www.example.com→example.com
CNAME records are useful when you want one name to follow another, but they should be configured carefully because they do not behave the same way as A or AAAA records.
Why This Matters #
Each DNS record type has a different job. A and AAAA records handle website or service routing to IP addresses, MX records control incoming email delivery, TXT records help with authentication and verification, and CNAME records point one hostname to another.
Understanding the purpose of these records makes it easier to troubleshoot domain issues and helps reduce the risk of incorrect DNS changes.
DNS Propagation #
DNS propagation is the time it takes for DNS changes to become visible across the internet. When a DNS record is changed, the update does not appear everywhere immediately. Instead, different systems begin picking up the new information over time.
This delay is normal and cannot be avoided completely, because DNS data is cached in many places before it refreshes.
Why Propagation Happens #
DNS information is stored temporarily by internet providers, public DNS resolvers, local networks, operating systems, and sometimes even browsers. These systems do not all refresh DNS data at the same moment.
As a result, some users or devices may still see older DNS information for a period of time, even though the record has already been changed at the source.
How Long It Can Take #
DNS propagation can be very fast in some cases, but it often takes longer for the change to become visible everywhere.
In practice, DNS updates may:
- appear within a few minutes in some locations
- take up to 24 hours in normal cases
- take up to 48 hours in some situations
The exact timing depends on external caching systems and is not something ProRedLine can directly control.
What You May Notice #
During propagation, different behaviour can appear at the same time depending on the device, network, or DNS resolver being used. For example, you may notice:
- a website working on one connection but not another
- old website content still appearing in some places
- email behaviour changing gradually after DNS updates
- SSL activation not appearing immediately
These effects are usually temporary and resolve automatically once propagation is complete.
What Triggers Propagation #
Any DNS change can start a new propagation period. This includes changes such as updating A or AAAA records, changing MX records, modifying TXT records, editing CNAME records, or switching to a different DNS provider.
Because of this, repeated DNS edits in a short period can keep extending the time before the final intended setup becomes visible everywhere.
TTL and Caching #
TTL stands for Time To Live. It defines how long a DNS record may be cached before a system checks for a newer version.
A lower TTL can allow future DNS changes to be picked up faster, while a higher TTL usually means the data is cached longer. However, a TTL change does not override existing cache entries immediately. The previous cached value must still expire first before the new TTL behaviour is fully reflected.
What You Should Do #
During DNS propagation, the most useful approach is usually to wait and avoid making unnecessary repeated changes. Testing from different devices or networks can help confirm whether the update has started spreading, but temporary inconsistency is expected during this period.
DNSSEC #
DNSSEC stands for Domain Name System Security Extensions. It adds an additional layer of protection to DNS by helping verify that DNS responses are authentic and have not been altered in transit.
In practical terms, DNSSEC helps reduce the risk of visitors being directed to the wrong destination because of manipulated or forged DNS responses.
What DNSSEC Does #
DNSSEC is designed to improve trust in DNS resolution. It helps:
- verify that DNS responses are authentic
- reduce the risk of DNS spoofing or cache poisoning
- protect against certain types of redirection attacks
This makes DNS resolution more trustworthy, especially when a domain is being used for important services such as websites or email.
It is important to note that DNSSEC does not encrypt website traffic. Encryption of website traffic is handled separately through SSL/TLS.
How DNSSEC Works #
At a high level, DNSSEC works by digitally signing DNS records and allowing DNS resolvers to verify those signatures. If a response cannot be validated correctly, it may be rejected instead of being trusted.
This validation process happens automatically in the background and is normally invisible to the visitor.
DNSSEC at ProRedLine #
At ProRedLine, DNSSEC is enabled and managed as part of the domain and DNS environment where applicable. It is not intended as a customer-managed day-to-day setting.
This is done to help maintain DNS integrity, avoid validation problems, and reduce the risk of misconfiguration. Incorrect DNSSEC changes can cause serious DNS resolution issues, including domains failing to resolve correctly.
When DNSSEC Applies #
DNSSEC is generally only active when the domain is using the DNS environment where DNSSEC is configured and supported. If the domain is moved to external nameservers or uses a different DNS provider, DNSSEC behaviour depends on that external setup rather than on ProRedLine.
In other words, DNSSEC protection only remains in effect when the domain continues using the DNS environment where it has been configured correctly.
DNSSEC is active by default on ProRedLine domains. Customers can request to disable this feature through support.
Still need help after reading this article?
