Skip to content
anssl

DNS Query Tool

The DNS Query Tool helps you quickly query various DNS records for domains, supports specifying custom nameservers, and is suitable for domain configuration verification, troubleshooting, and DNS propagation checks.

Access the Tool

Section titled “Access the Tool”

Visit the DNS Query Tool page.

Usage

Section titled “Usage”

  1. Enter Domain

    Enter the domain to query, for example: example.com

  2. Select Record Type

    Choose the DNS record type from the dropdown menu

  3. Optional: Specify Nameserver

    To use a specific DNS server, enter its address (e.g., 8.8.8.8)

  4. Start Query

    Click the “Query” button to retrieve results

Supported Record Types

Section titled “Supported Record Types”

A Record

Section titled “A Record”

Resolves domain to IPv4 address - the most common DNS record type for pointing domains to servers.

AAAA Record

Section titled “AAAA Record”

Resolves domain to IPv6 address for IPv6 network support and dual-stack configurations.

CNAME Record

Section titled “CNAME Record”

Creates domain alias, pointing one domain to another. Commonly used for subdomains, CDN configuration, and domain verification.

TXT Record

Section titled “TXT Record”

Stores text information, commonly used for domain verification and configuration such as SPF, DKIM, DMARC, and SSL certificate verification.

MX Record

Section titled “MX Record”

Specifies mail servers for receiving email, with priority values (lower numbers = higher priority).

NS Record

Section titled “NS Record”

Specifies authoritative nameservers for the domain, useful for checking DNS providers and domain delegation.

SOA Record

Section titled “SOA Record”

Start of Authority record containing domain management information including serial, refresh, retry, expire, and minimum TTL values.

SRV Record

Section titled “SRV Record”

Specifies service location information including priority, weight, port, and target host. Used for VoIP, instant messaging, and service discovery.

PTR Record

Section titled “PTR Record”

Reverse DNS lookup resolving IP addresses to domain names, commonly used for mail server verification and security audits.

CAA Record

Section titled “CAA Record”

Specifies which Certificate Authorities are allowed to issue certificates for the domain, enhancing security by preventing unauthorized certificate issuance.

Custom Nameservers

Section titled “Custom Nameservers”

Specify particular DNS servers for queries to check DNS propagation or troubleshoot resolution issues.

Popular Public DNS:

  • 8.8.8.8 / 8.8.4.4 (Google DNS)
  • 1.1.1.1 / 1.0.0.1 (Cloudflare DNS)
  • 208.67.222.222 (OpenDNS)

Understanding Results

Section titled “Understanding Results”

TTL (Time To Live)

Section titled “TTL (Time To Live)”

TTL indicates how long DNS records are cached (in seconds). Common values: 300 (5 min), 3600 (1 hour), 86400 (24 hours).

TTL Strategy:

  • Before migration: Lower TTL to 300
  • During migration: Execute changes
  • After migration: Observe 1-2 days
  • When stable: Increase TTL to 3600+

Use Cases

Section titled “Use Cases”

Certificate Application Verification

Section titled “Certificate Application Verification”

Verify TXT records for SSL certificate DNS validation using the tool before CA verification.

Domain Configuration Checks

Section titled “Domain Configuration Checks”

Before configuring websites or services, check A/AAAA, CNAME, MX, and TXT records to ensure correct configuration.

Troubleshooting

Section titled “Troubleshooting”

Query A records, NS records, and use multiple DNS servers to compare results when encountering domain access issues.

Security Checks

Section titled “Security Checks”

Regularly check CAA records, SPF/DKIM configurations, and DNSSEC status for domain security.

Best Practices

Section titled “Best Practices”

DNS Record Configuration

Section titled “DNS Record Configuration”
  • ✅ Configure multiple NS records (at least 2)
  • ✅ Set reasonable TTL values (3600 daily, 300 before migration)
  • ✅ Configure CAA records to restrict certificate issuance
  • ✅ Set up SPF, DKIM, DMARC for email services
  • ❌ Don’t use CNAME for root domains
  • ❌ Don’t set excessively low TTL values

Record Update Process

Section titled “Record Update Process”
  1. Preparation: Lower TTL to 300, wait for old TTL to expire
  2. Update: Modify DNS records, verify with tool
  3. Verification: Query multiple public DNS servers
  4. Stabilization: Observe 1-2 days, restore normal TTL

FAQ

Section titled “FAQ”

Why are query results inconsistent?

Section titled “Why are query results inconsistent?”

Possible reasons: DNS cache not updated, different cache times across servers, recent DNS record updates not fully propagated, or querying different nameservers.

How long until DNS records take effect?

Section titled “How long until DNS records take effect?”

Depends on TTL: 300s = 5-10 minutes, 3600s = 1-2 hours. Full global propagation typically takes 24-48 hours.

How to speed up DNS propagation?

Section titled “How to speed up DNS propagation?”

Lower TTL to 300 in advance, wait for old TTL to expire before updating, use multiple authoritative servers, and clear local DNS cache after updates.