DNS Lookup Explained: Querying Any Record Type
Use the DNS Lookup tool to query any DNS record type — A, AAAA, MX, TXT, CNAME, NS, PTR, SOA — and understand what each record type does.
What the DNS Lookup Tool Does
The mxio DNS Lookup tool queries any DNS record type for any domain. Where the specialized tools — SPF Checker, MX Lookup, DKIM Checker — analyze specific records with protocol-aware validation, the DNS Lookup tool is a general-purpose query interface. It shows you exactly what the DNS returns, for any record type, without interpretation.
This is the tool to reach for when you need to explore a domain's DNS configuration, verify a record was published correctly, or troubleshoot resolution issues that do not fit neatly into one protocol category.
DNS Record Types
Each record type serves a different purpose in the domain name system, with the core types defined in RFC 1034 and RFC 1035:
| Type | Purpose | Example Use |
|---|---|---|
| A | Maps a domain to an IPv4 address | example.com → 93.184.216.34 |
| AAAA | Maps a domain to an IPv6 address | example.com → 2606:2800:220:1:... |
| MX | Specifies mail servers for the domain, with priority | example.com → 10 mail.example.com |
| TXT | Stores arbitrary text — used for SPF, DKIM, DMARC, domain verification | v=spf1 include:_spf.google.com -all |
| CNAME | Aliases one domain name to another | www.example.com → example.com |
| NS | Lists the authoritative nameservers for the zone | example.com → ns1.dnshost.com |
| PTR | Reverse lookup — maps an IP address back to a domain name | 34.216.184.93 → example.com |
| SOA | Start of Authority — zone metadata including serial, refresh, retry, and expiry timers | Primary nameserver, admin contact, zone serial |
For email administrators, TXT records are the most frequently queried type — SPF, DKIM public keys, and DMARC policies all live in TXT records. Use the TXT Lookup tool when you need to see all TXT records on a domain at once.
When to Use General DNS Lookup vs. Specialized Tools
The general DNS Lookup returns raw DNS answers. The specialized tools parse those answers and apply protocol-specific validation. Use each for its strength:
Use DNS Lookup when:
- You need to check a record type that does not have a dedicated tool (SOA, PTR, CNAME)
- You want to see the raw DNS response without any interpretation layer
- You are exploring an unfamiliar domain's configuration
- You need to verify a record was published before running a protocol-specific check
Use specialized tools when:
- You need validation and analysis, not just the raw record — the SPF Checker counts lookups, the DMARC Checker validates policy tags, the DKIM Checker verifies key strength
- You are troubleshooting a specific protocol failure
- You want actionable guidance alongside the data
The general tool shows you what is there. The specialized tools tell you whether what is there is correct.
Understanding TTL Values
Every DNS record includes a TTL (Time To Live) value, measured in seconds, as specified in RFC 1035 Section 3.2.1. The TTL tells resolvers how long to cache the record before querying the authoritative server again. Common values:
- 300 (5 minutes) — Typical for records that change frequently or during migrations
- 3600 (1 hour) — Standard default for most records
- 86400 (24 hours) — Common for stable records like NS and MX that rarely change
When you make a DNS change, the old record remains cached by resolvers worldwide until the previous TTL expires. If your TTL was 86400 and you change a record, some resolvers will serve the old value for up to 24 hours. Before planned changes, lower the TTL in advance (at least one full TTL period ahead) so the transition propagates faster.
Authoritative vs. Recursive Answers
DNS responses come from two types of servers. Authoritative nameservers hold the actual zone data — they are the source of truth, established through the delegation model in RFC 1034 Section 4.2. Recursive resolvers (like 8.8.8.8 or 1.1.1.1) query authoritative servers on behalf of clients and cache the results.
When troubleshooting propagation issues, query both: the authoritative server shows what is published, and public recursive resolvers show what the rest of the internet sees. A mismatch means the change has been published but has not propagated through caches yet. The Delegation Health tool checks whether your authoritative nameservers are consistent with each other and with the parent zone.
Related Articles
Understand how SPF, DKIM, and DMARC work together to protect your domain from spoofing and improve email deliverability. A practical guide for email administrators.
Check DNS delegation chain integrity, nameserver consistency, SOA records, and DNSSEC configuration. Diagnose why DNS changes might not be propagating.