ZenovayTools

DNS Record Generator

Generate DNS record syntax for A, AAAA, CNAME, MX, TXT, SPF, DKIM, DMARC, CAA, and SRV records in RFC and common panel formats.

Tab-delimited format: NAME TTL CLASS TYPE RDATA

How to Use DNS Record Generator

  1. 1Select the DNS record type you need to create.
  2. 2Fill in the record-specific fields.
  3. 3See the formatted DNS record syntax.
  4. 4Copy the record to paste into your DNS provider.
Zenovay

Privacy-first analytics for your website

Understand your visitors without invasive tracking. GDPR compliant, lightweight, and powerful.

Explore Zenovay

Related Tools

JSON Formatter & ValidatorFormat, validate, and beautify JSON data with syntax highlighting and error detection.
JWT DecoderDecode and inspect JWT tokens. View header, payload, and verify signatures.
Base64 Encode/DecodeEncode text to Base64 or decode Base64 back to text. Supports UTF-8 and binary data.
URL Encode/DecodeEncode or decode URL components. Handle special characters, query strings, and full URLs.

Frequently Asked Questions

What DNS record types are most important?
A (IPv4 address) — maps domain to an IP. AAAA (IPv6 address) — maps to an IPv6 IP. CNAME (alias) — maps one domain to another. MX (mail exchanger) — routes email to mail servers. TXT — stores text data (SPF, DKIM, DMARC, site verification). NS — specifies authoritative nameservers. CAA — restricts which CAs can issue SSL certificates. SRV — service location (VoIP, SIP, XMPP). SOA — start of authority, defines zone metadata.
What is TTL in DNS records?
TTL (Time To Live) is the number of seconds a DNS record can be cached by resolvers before re-querying. A TTL of 3600 means the record is cached for 1 hour. Common values: 300 (5 min, used before planned DNS changes), 3600 (1 hour, standard), 86400 (24 hours, stable records). Lower TTL = faster propagation of changes but more DNS queries. Higher TTL = fewer queries but slower changes. Best practice: lower TTL 24 hours before making changes.
What is an SPF record?
SPF (Sender Policy Framework) is a TXT record that lists IP addresses and servers authorized to send email for your domain. Format: v=spf1 include:_spf.google.com ip4:203.0.113.1 ~all. Mechanisms: ip4/ip6 (specific IPs), include (another domain's SPF), a (the domain's A record), mx (the domain's MX servers). Qualifiers: + (pass, default), ~ (softfail), - (fail), ? (neutral). Keep SPF records under 10 DNS lookups to avoid "too many lookups" errors.
What is DMARC?
DMARC (Domain-based Message Authentication, Reporting & Conformance) is a TXT record at _dmarc.yourdomain.com that tells receiving mail servers what to do when SPF and/or DKIM fail: p=none (monitor only), p=quarantine (send to spam), p=reject (reject the email). It also specifies reporting email addresses (rua for aggregate reports, ruf for forensic reports). DMARC requires both SPF and DKIM to be set up first.
What is a CAA record?
CAA (Certification Authority Authorization) records restrict which Certificate Authorities can issue SSL/TLS certificates for your domain. Example: "0 issue letsencrypt.org" allows only Let's Encrypt to issue certificates. "0 issuewild letsencrypt.org" allows wildcard certificates. "0 iodef mailto:security@example.com" sends violation reports. Without a CAA record, any CA can issue certificates for your domain. CAA records help prevent mis-issuance and are checked by compliant CAs.