Tag: DNS record

CNAME record explained

CNAME record

The CNAME record is one of the first DNS records that you will read about when you are starting with DNS management. It has a very important task to do, showing the true domain name for the subdomains, making it really an essential DNS record. It saves time and makes it easier to manage the DNS.

CNAME explained completely

There are two parts in the CNAME’s name. C stands for canonical, and it wants to show which is the true domain name for the one that you are trying to resolve. The NAME is obvious. It stands for name, as in hostname.

The purpose of the CNAME record is to point one hostname to another. You can point different subdomains to the domain name. That way, you don’t need to add any other records for the subdomain because it will automatically redirect to the domain name.

If you have just a single DNS record for each subdomain, you will have far fewer DNS records, and the administration of your domain will be a lot easier.

CNAME records can be used to point:

www.domain.com to domain.com

blog.domain.com to domain.com

mail.domain.com to domain.com

newyork.domain.com to domain.com

Because of the way the CNAME record works, if the host (subdomain) already has other DNS records like A, MX, etc., you can’t create a CNAME record. And if you first create a CNAME record in the zone, you can’t create any other type of record in that zone.

Inside a CNAME record, you will see:

Host – the name of the subdomain that you want to point to the main domain name.

Type – CNAME.

Points to – the domain name. All of the CNAME records will point to this one.

TTL – time to live for that DNS record.

How to lookup a CNAME record?

If you are on Windows, the easiest and the safest way to check a CNAME record is to use the nslookup command. Go to the cmd (Command Prompt). Type “nslookup”, and press Enter. Now type “set type=cname”, and press Enter. The last pass is to write down the hostname, which you want to check. See this example, “mail.bing.com” and you will see the canonical name “star-bing-com.a-0001.a-msedge.net”.

If you are using Linux, go for the dig command. Open the Terminal and type “dig cname mail.bing.com,” and you will see the same “star-bing-com.a-0001.a-msedge.net” plus additional information. Dig command has very rich answers.


There is a newer type of DNS record called ALIAS that also points one hostname to another. It can do almost all that the CNAME can, but it can coexist with other records and can be added to the apex zone.

CNAME vs A record

The CNAME and the A records are very different. CNAME point one hostname to another while the A record points the domain name to an IP address. Also, if you want to resolve a domain, and first you get a CNAME, then you will need the A record too. So, the CNAME will take 2 queries instead of 1.

If you are interested in DNS records, check our article about the DNS CAA record!

CAA record explained 

CAA record explained

CAA record is a DNS record that shows who can be the Certification Authority for a particular domain and issue certificates.

What is Certificate Authority (CA)?

The CA is the entity that has the right to issue certificates like SSL certificates or TLS certificates. You can easily identify the CA, based on their name and their certificate revocation list (CRL). The Certificate Authority must provide a public key or a certificate from their CA if it is subordinate.

What is the CAA record?

The CAA record (Certification Authority Authorization) is a DNS record that a domain name owner can use to specify the certificate authority which can issue for their domain name. Inside the CAA, the domain owner can adjust the settings that cover the whole domain or just particular subdomains.

If you manage the CAA on a domain level, it will automatically apply on the subdomain level, too, unless you set it inside the record.

The CAA work with both wildcard certificates and single-name certificates. Separate and together too.

Why do you need to use DNS CAA record?

Continue reading