<p><strong>DNS configuration best practices</strong></p>

<hr />

<p><strong>Recommended basic configuration</strong></p>

<p>A correct DNS configuration is essential for your website and services to work correctly. These are the recommended best practices.</p>

<hr />

<p><strong>1. Essential records</strong></p>

<p><strong>A record for main domain:</strong></p>

<ul>
<li>✅ Always configure an A record for <code>@</code> (root domain)</li>
<li>✅ Verify that the IP is correct</li>
<li>✅ Use TTL of 3600 seconds for production</li>
</ul>

<p><strong>Record for www:</strong></p>

<ul>
<li>✅ Configure a CNAME record for <code>www</code> pointing to main domain</li>
<li>✅ Or a direct A record if you prefer</li>
<li>✅ This allows both versions (with and without www) to work</li>
</ul>

<p><strong>MX records (if using email):</strong></p>

<ul>
<li>✅ Configure at least 2 MX servers with different priorities</li>
<li>✅ Use hostnames, never direct IPs</li>
<li>✅ Verify that MX servers are accessible</li>
</ul>

<hr />

<p><strong>2. TTL configuration</strong></p>

<p><strong>TTL for production:</strong></p>

<ul>
<li>Use TTL of 3600 seconds (1 hour) or more</li>
<li>Reduces load on DNS servers</li>
<li>Improves performance</li>
</ul>

<p><strong>TTL during changes:</strong></p>

<ul>
<li>Reduce TTL to 300-600 seconds before making changes</li>
<li>This speeds up change propagation</li>
<li>Increase TTL again after changes</li>
</ul>

<hr />

<p><strong>3. Email security</strong></p>

<p><strong>SPF record:</strong></p>

<ul>
<li>✅ Always configure SPF for your domain</li>
<li>✅ Include all servers that send email</li>
<li>✅ Use <code>~all</code> or <code>-all</code> according to your security level</li>
</ul>

<p><strong>DKIM record:</strong></p>

<ul>
<li>✅ Configure DKIM if your email provider supports it</li>
<li>✅ Significantly improves deliverability</li>
<li>✅ Helps prevent spoofing</li>
</ul>

<p><strong>DMARC record:</strong></p>

<ul>
<li>✅ Start with <code>p=none</code> policy to monitor</li>
<li>✅ Gradually increase to <code>p=quarantine</code> and then <code>p=reject</code></li>
<li>✅ Review reports regularly</li>
</ul>

<hr />

<p><strong>4. Redundancy and reliability</strong></p>

<p><strong>Multiple nameservers:</strong></p>

<ul>
<li>✅ Use at least 2 different nameservers</li>
<li>✅ Make sure they are in different locations if possible</li>
<li>✅ Verify that both are working</li>
</ul>

<p><strong>Multiple MX servers:</strong></p>

<ul>
<li>✅ Configure secondary MX servers with higher priority</li>
<li>✅ This ensures email works if the primary server fails</li>
</ul>

<hr />

<p><strong>5. Documentation</strong></p>

<p><strong>Keep record of changes:</strong></p>

<ul>
<li>✅ Document all DNS changes</li>
<li>✅ Backup configuration before important changes</li>
<li>✅ Note dates and reasons for changes</li>
</ul>

<hr />

<p><strong>6. Regular verification</strong></p>

<p><strong>Monitoring:</strong></p>

<ul>
<li>✅ Regularly verify your DNS configuration</li>
<li>✅ Use monitoring tools if possible</li>
<li>✅ Review DMARC reports if you have them configured</li>
</ul>

<p><strong>Useful tools:</strong></p>

<ul>
<li>intoDNS.com - Complete analysis</li>
<li>mxtoolbox.com - Email verification</li>
<li>whatsmydns.net - DNS propagation</li>
</ul>

<hr />

<p><strong>7. Performance optimization</strong></p>

<p><strong>Use fast DNS services:</strong></p>

<ul>
<li>✅ Consider using Cloudflare for fast and free DNS</li>
<li>✅ Check response time of your nameservers</li>
<li>✅ Use appropriate TTL to balance performance and flexibility</li>
</ul>

<hr />

<p><strong>8. Common errors to avoid</strong></p>

<p><strong>Don't do:</strong></p>

<ul>
<li>❌ Don't configure multiple SPF records (only one allowed)</li>
<li>❌ Don't use IPs in MX records (only hostnames)</li>
<li>❌ Don't configure CNAME and A for the same name</li>
<li>❌ Don't forget to update SPF when changing mail server</li>
<li>❌ Don't use very low TTL permanently (increases load)</li>
</ul>

<hr />

<p><strong>9. DNS configuration checklist</strong></p>

<p>Use this checklist when configuring DNS:</p>

<ul>
<li>☐ A record for @ configured</li>
<li>☐ Record for www configured (A or CNAME)</li>
<li>☐ MX records configured (if using email)</li>
<li>☐ SPF record configured (if using email)</li>
<li>☐ DKIM records configured (if applicable)</li>
<li>☐ DMARC record configured (if using email)</li>
<li>☐ Nameservers correct and active</li>
<li>☐ TTL configured appropriately</li>
<li>☐ No syntax errors</li>
<li>☐ Configuration verified and working</li>
</ul>

<hr />

<p><strong>10. Updates and maintenance</strong></p>

<p><strong>When to update:</strong></p>

<ul>
<li>✅ When changing hosting or server</li>
<li>✅ When adding new services</li>
<li>✅ When changing email provider</li>
<li>✅ When you need to add new subdomains</li>
</ul>

<p><strong>Recommended process:</strong></p>

<ol>
<li>Reduce TTL before changes (300-600 seconds)</li>
<li>Backup current configuration</li>
<li>Make the changes</li>
<li>Verify they work correctly</li>
<li>Increase TTL again (3600+ seconds)</li>
<li>Document the changes</li>
</ol>

<hr />

<p><strong>Additional tips</strong></p>

<ul>
<li>✅ Keep your contact email updated</li>
<li>✅ Configure automatic domain renewal</li>
<li>✅ Regularly review that DNS services are active</li>
<li>✅ Consider using professional DNS services (Cloudflare, etc.)</li>
<li>✅ Monitor your domain expiration</li>
<li>✅ Verify DNS records are correct after migrations</li>
</ul>

<hr />

<p><strong>Need help?</strong></p>

<p>If you have questions about DNS configuration or need help optimizing it, open a ticket from the <a href="https://billing.baires.host/submitticket.php?step=2&amp;deptid=1" target="_blank" rel="noopener"><strong>billing.baires.host</strong></a> panel or contact us for support.</p>

<p><strong>You can also reach us through our social media:</strong></p>

<ul>
<li><strong>Instagram:</strong> <a href="https://instagram.com/baires_host" target="_blank" rel="noopener">@baires_host</a></li>
<li><strong>Discord (active support):</strong> <a href="https://discord.gg/dzjauatAFN" target="_blank" rel="noopener">https://discord.gg/dzjauatAFN</a></li>
<li><strong>Linktree:</strong> <a href="https://linktr.ee/baires.host" target="_blank" rel="noopener">https://linktr.ee/baires.host</a></li>
</ul>


Was this answer helpful? 0 Users Found This Useful (0 Votes)

Most Popular Articles

How to point a domain to your server

How to point a domain to your server What does pointing a domain mean? Pointing a domain to...
Configure DNS A, AAAA, and CNAME records

Configure DNS records A, AAAA, CNAME What are DNS records? DNS records are instructions that...
Configure MX records for email

Configure MX records for email What are MX records? MX (Mail Exchange) records are DNS...
Configurar registros TXT (SPF, DKIM, DMARC)

Configurar registros TXT (SPF, DKIM, DMARC) ¿Por qué son importantes estos registros? Los...
Verify DNS propagation

Verify DNS propagation What is DNS propagation? DNS propagation is the time it takes for DNS...