In this article, DNS propagation: the definitive guide, we will look at DNS propagation, what it means when it takes place and the time it takes for changes to take effect on the entire network.
We'll see how DNS resolution works and what types of DNS records exist. Then we'll focus on DNS propagation by examining the factors that affect propagation times, how you can modify a domain, and what tools you can use to verify DNS propagation.
Let's start with how DNS works and look at how address resolution works.
Table of Contents
What is DNS resolution
Computers don't understand names; they use numbers. Every networked computer has an IP address, which is a set of numbers, or a set of numbers and letters in the case of the new IPv6.
We as human beings, on the other hand, don't (usually) do very well with numbers, especially when we have to store strings like these:
The same happens with phone numbers, that's why phone books exist.
The DNS, Domain Name System, is nothing more than a phone book.
When you enter the name of an internet domain in your browser, the domain name is converted into an IP address so that you can contact the server and show the content of the page you want to visit.
In some cases, if there is no response from the DNS server, an error message may appear telling you that the DNS server is not responding. In others, when something goes wrong in the domain name resolution process you may be faced with a DNS_PROBE_FINISHED_NXDOMAIN. Let's take a look at how resolution works.
How resolution works
Firstly the computer checks if there is a record in the hosts file. As explained in a previous post, this file contains directives that tell our computer when we visit a certain domain we want to view it from a server of our choice instead of the server the domain actually points to.
Unless you've entered the record by hand, for example, because you're developing that site on a new server, that record won't be there, but you should know that this is the first step in DNS resolution.
The first real step in DNS resolution is a check in the browser cache. Every time we visit a site, the browser caches its IP address, so it can retrieve it faster, skipping all the steps I'm about to list.
If the address is not found in the cache, the browser requests DNS information from the ISP (Internet Service Provider), that is, the provider that provides you with the connection. The server in your ISP that stores this cached data is called a resolver. If your ISP has this cached data it provides it to you, otherwise, it has to ask the root server.
There are 13 groups of root servers in the world, run by 12 different organizations. The root server does not know the IP address of the site you are looking for, but it knows the IP address of the TLD (top-level domain) server.
At this point, the resolver (our ISP) knows the IP of the TLD server. There is a TLD server for each domain extension, so there is a server for .com, a server for .it, etc...
The resolver asks the TLD server for this information, but the TLD server doesn't know the IP of the domain we are looking for, but it knows the IP address of the Authoritative Name Server.
The Authoritative Name Server is what knows all the information about the domain, this information includes the IP. At this point, the IP address of the site you are trying to visit is sent to the resolver, which saves it in its cache and sends it to the browser.
The browser saves this data in its cache and sends the request to the server that hosts the website.
Note that every request that is executed by the resolver and the browser is saved in the cache. This is an important point to keep in mind because it will allow us to understand what the DNS propagation times depend on.
By saving the data in the cache, we can reduce the number of steps and speed up the operation, which only takes a few milliseconds.
For example, if the browser or the resolver know the IP address of the site we can skip all these steps and contact the server directly.
If the resolver does not know the IP address (A record) but knows the NS records for the authoritative nameservers then it can directly query the Authoritative Name Server skipping some steps.
Before understanding what DNS propagation times depend on, let's look at the various types of records in a domain to get a clearer idea.
Different types of records in a domain
DNS records contain different types of information depending on the record type. A and AAAA records enable domain resolution based on IPs, but there are also other functions performed by other record types.
A Record, also known as Record Address or Record Host, is used to create a correspondence between the domain and the IP address. In particular, this record returns an IPv4 address.
An AAAA record is like an A record, it is used to associate a domain with an IP address. In this case, however, it is used for IPv6 addresses.
CNAME records are used to manage correspondences between subdomains (or aliases) and the main domain, in this way several domain names can be linked to the same IP address.
In practice the CNAME record allows us to associate an alias to a domain name. In order for the address resolution to be completed, either the A or AAAA record of the target domain must be specified. In this way, several addresses can point to a single server.
www.example.net. CNAME www.example.com.
www.example.com. A 22.214.171.124
The MX (Mail Exchange) record links the domain name to the mail server. A domain can have more than one mail server, in this case, you have to specify the priority of the different servers.
A PTR record (pointer) allows reverse address resolution (reverse lookup). Starting from an IP address you go back to all domain names associated with it.
SRV records (services) can be used to use additional services (e.g. LDAP). For each record, you have to specify, in addition to the name of the service, the port and the protocol used.
In a TXT record, it is possible to store text intended to be read by humans or machines. For example, it can be used for Google Analytics authentication keys to confirm domain ownership or other similar services. TXT records can also be used to secure emails.
NS (nameserver) records indicate which DNS servers are authoritative for a given domain. Each domain may have multiple NS records indicating primary and secondary nameservers.
SOA (Start of Authority) records are used to manage DNS zones and contain information such as the DNS server, the administrator's email, and a serial number associated with the domain.
What DNS propagation times depend on
Now we have an overview of how DNS resolution works we can understand what it is, how it works and how long DNS propagation takes.
Generally, the time for DNS propagation varies from a few minutes to a few hours, but it can take up to 48 hours.
Each DNS record has a TTL setting, which stands for Time To Live. You can change this setting if you set the DNS records through the Zone Editor in cPanel.
The TTL tells the resolver how long to keep a domain's DNS information cached.
The default TTL is set to 14400. This is the time in seconds, which is 4 hours. You can reduce this time before you make a change to your domain's DNS, in order to speed up DNS propagation.
The problem, in this case, is that by not having this cached value the resolver has to perform all the requests I have mentioned before, losing valuable time. If you are interested in having a fast site after you have made the DNS change I suggest you reset the TTL value to 14400.
If we reduce the TTL before the modification (let's say at least 4 hours before) we reduce the time in which the information is kept in cache by the resolver and so we speed up the DNS propagation.
As explained, your ISP acts as a resolver. To save time and resources, the resolver saves the data in the cache so that it is available to you locally, the next time the site is visited.
This serves to speed up browsing and reduce traffic but slows down DNS propagation times.
Also, some Internet Service Providers ignore TTL and only clear the cache after 2-3 days, slowing this process down even further.
The domain Registry
Most registries apply the change in a timely manner, while others take longer. This affects DNS propagation times.
Change DNS of a domain
There are several ways to modify your domain's DNS.
First, you can change the nameservers by logging into the Customer Area and the domain management area. You can choose to use the default nameservers or use your own nameservers.
After the changes, you have to wait for the DNS propagation times.
Furthermore from the DNS Management you can also set up DNS records (e.g. A record, CNAME record or MX record) and set up a domain with the redirect.
From cPanel, you can also edit DNS records using the Zone Editor tool.
Remember that if you enter a wrong DNS record or make a wrong change you risk making the site unreachable. If you are not sure how to proceed please contact your provider for support.
When you change a record or set nameservers, the IT registry runs a series of checks to make sure everything is set correctly. If there is an error the domain is set to PendingUpdate status, and the pointing is not changed, leaving the old pointing. If the error is not corrected the domain is reset to Active with the old pointing after 3 days from the log.
If you set incorrect data from our customer area you will receive an email within 1-2 hours explaining the error.
If you want to make sure that the data are correct before entering them you can do it through the tool of nic.it.
When does DNS propagation start?
When we make changes to the DNS of the site, these changes are not applied instantly. We must, in fact, wait for what is called DNS propagation, which is the time necessary for the changes to be made throughout the network.
The DNS propagation starts from the moment in which the modifications have been done as:
- modification of the WHOIS information of the domain
- nameserver changes
- modifications to DNS records.
The procedure has a variable duration that can go from a few minutes or hours up to 48 hours at most.
As we have seen before, the time needed for DNS propagation depends on several factors such as the TTL, the ISP and the domain registry.
The Time To Live (TTL) of DNS records, i.e. the time interval needed for the updated information to be retrieved, can be reduced. In any case, however, we have to wait for the time needed by the ISP and the domain registry.
In this time frame needed for the changes to be replicated throughout the DNS, you can make sure that the DNS propagation is successful, let's see how.
If, on the other hand, you want to access the site immediately you can use the hosts file that, as we said before, allows you to view a domain from a different server than the one to which the domain points at that moment.
How to check DNS propagation
There are several online tools that allow you to check if the DNS propagation has been successful. Let's see the main sites that offer the service for free.
ViewDNS.info allows us to check if the DNS changes have been propagated completely. To do this, just connect to the site and enter the address in the DNS Propagation Checker box, then click on the GO button, as you see in this example.
After that, you'll see a report showing you the status of DNS propagation using different servers around the world.
WhatsmyDNS.net allows you to check DNS propagation globally and also provides you with the result via a map.
DNSChecker.org is similar to the previous one and this allows you to check DNS propagation obtaining a list of servers distributed globally and through a map.
In this article, DNS propagation: the definitive guide, we have seen how DNS resolution works, what types of DNS records exist and what information they give us. We then looked deeply on DNS propagation, we saw in which cases it starts and what the propagation times depend on. Finally, we looked at methods to verify DNS propagation.
Have you ever had to change nameservers or DNS records and had to wait for propagation times? Let me know in the comments below.