We hope you find this tutorial helpful. In addition to guides like this one, we provide simple cloud infrastructure for developers. Learn more →

An Introduction To DigitalOcean DNS

UpdatedMarch 25, 2018 2m views DNS DigitalOcean Product Documentation

This article will explain how to manage your DNS records using the DigitalOcean Control Panel and can help you decide if DigitalOcean's DNS management tools are right for your situation.

A Brief Overview of DNS

If you're not familiar with DNS, you may find it helpful to read An Introduction to DNS Terminology, Components, and Concepts before setting up your own domain, but a brief overview follows.

An IP (Internet Protocol) address is a numerical string, like 203.0.113.0, that is used to identify computers connected to a network, like the Internet. However, while computers can organize and process numbers like IP addresses very quickly, most people find it easier to remember words or phrases.

DNS (Domain Name System) allows us to reference computers by easy-to-remember domain names, like example.com, instead of IP addresses. DNS records define which IP addresses map to which domain names and how to handle other kinds of requests a domain might receive.

To set up a domain name, you need to do two things. First, you need to purchase a domain name from a domain name registrar. Second, you need to set up DNS records for your domain by using a DNS hosting service. DigitalOcean is not a domain name registrar, but does provide a DNS hosting service.

When Should I Use DigitalOcean DNS?

When you manage your infrastructure on DigitalOcean, you may find it more convenient to manage your domains here as well. DigitalOcean's DNS tools allow you to manage your servers, load balancers, and DNS in the same place. These resources are integrated into the interface so they can be located more easily.

You can also manage non-DigitalOcean resources using DigitalOcean DNS.

If you have your own name servers or are satisfied with the DNS management tools provided by your domain registrar, you don't need to use DigitalOcean DNS.

DigitalOcean DNS at a Glance

Price: Free.

Maximum number of domains: 50 by default. This limit can be raised by opening a support ticket and explaining why you need the increase.

API support: Yes. See the Domain Records section of DigitalOcean's APIv2 documentation.

DNS record support: DigitalOcean currently supports A, AAAA, CAA, CNAME, MX, NS, TXT, and SRV records.

DigitalOcean name servers:

ns1.digitalocean.com

ns2.digitalocean.com

ns3.digitalocean.com

Limitations: DigitalOcean does not currently provide domain registration services. To use DigitalOcean DNS, you need to register a domain name with a registrar and update your domain's NS records to point to DigitalOcean's name servers.

Adding a Domain

To add a domain, follow the Networking link in the Control Panel, which leads to the default Domains tab. You can also add a domain from wherever you are in the Control Panel by opening the Create menu in the top right and selecting Domains/DNS from the pull-down menu.

When you first access the Domains tab, if you have no domains entered, the page will say Looks like there are no domains here.

Screenshot of Empty Domains tag

Enter your domain in the Enter domain field and click Add Domain.

When you do, the system will perform a DNS lookup to see if the domain has already been added to DigitalOcean. If it has, you'll receive a message that says Data domain example.com: Name already exists.

As domains are added, they will be listed on the page.

Screenshot of a single domain listed

To manage a domain's DNS records, click its name. This will take you to a page with all of your domain's current DNS records as well as a section to create new records.

Screenshot of DNS records with NS records only

Once you've added a domain, you can add and modify its DNS records.

Adding DNS Records

DigitalOcean currently supports A, AAAA, CAA, CNAME, MX, NS, TXT, and SRV records. Each type of DNS record has its own values and settings, and the sections below explain what each of these records are used for and what goes into the fields they contain.

However, all DNS records all have one value in common:

  • TTL, or time to live, which determines how long the record will live in a visitor's local cache.

Because loading data from a local cache is fast, high TTL values make a visitor's experience faster. However, until their local cache expires and is updated by a new DNS lookup, visitors won't see any DNS changes you've made. As a result, higher TTL values give visitors better performance while lower TTL values ensure that DNS changes are picked up quickly.

A Records

An A record maps an IPv4 address to a domain name. This determines where to direct any requests for a domain name.

On DigitalOcean, A records have the following fields.

  • HOSTNAME, which can be set to:
    • The root domain (@). To map a root domain, like example.com, to an IPv4 address, enter the @ symbol.
    • A subdomain prefix (e.g. www). To create a subdomain, enter the subdomain prefix. For example, to create www.example.com, you would enter www.
    • A wildcard (*). To direct requests for a non-existent subdomain to a server or load balancer, enter *. However, if any kind of DNS record exists for a hostname, the wildcard will not apply; you will need to explicitly create an A record for it.
  • WILL DIRECT TO, which can be set to:
    • A DigitalOcean Droplet or Load Balancer by typing its name and selecting it from the menu.
    • A non-DigitalOcean resource by entering its IP address.

Setting an A record using DigitalOcean DNS looks like this:

Add an A record

In this example, we entered the subdomain prefix test for the hostname. This will make DNS lookups for test.digitalocean.love will redirect to the Droplet we've chosen named ubuntu-1gb-sfo2-01 with the IP address 203.0.113.5.

Note: It is possible to add multiple records for the same DNS entry, each pointing to a different IP address. This supports a load distribution and balancing strategy known as Round Robin DNS.

AAAA Records

An AAAA record, also called a Quad A record, maps an IPv6 address to a domain name. This determines where to direct requests for a domain name in the same way that an A record does for IPv4 addresses.

On DigitalOcean, AAAA records have the following fields.

  • HOSTNAME, which can be set to:
    • The root domain (@). To map a root domain, like example.com, to an IPv6 address, enter the @ symbol.
    • A subdomain prefix (e.g. www). To create a subdomain, enter the subdomain prefix. For example, to create www.example.com, you would enter www.
    • A wildcard (*). To direct requests for a non-existent subdomain to a server or load balancer, enter *. However, if any kind of DNS record exists for a hostname, the wildcard will not apply; you will need to explicitly create an AAAA record for it.
  • WILL DIRECT TO, which can be set to:
    • A DigitalOcean Droplet by typing its name and selecting it from the menu. All Droplets will be displayed on the list, but only those with IPv6 addresses can be selected.
    • A non-DigitalOcean resource by entering its IPv6 address.

Note that DigitalOcean Load Balancers do not currently support IPv6.

Setting an AAAA record using DigitalOcean DNS looks like this:

Add an AAAA record

In this example, we entered the subdomain prefix test for the same hostname from the A record example, digitalocean.love. This will make DNS lookups for test.digitalocean.love will redirect to the Droplet we've chosen named ubuntu-1gb-sfo2-01 with the IP address 2001:0d8:2:d0::24:9001.

CNAME Records

A CNAME record defines an alias for an A record; it points one domain to another domain instead of to an IP address. When the associated A record’s IP address changes, the CNAME will follow to the new address.

On DigitalOcean, CNAME records have the following fields.

  • HOSTNAME, which should be set to the subdomain prefix for the new alias you want to create.
  • IS AN ALIAS OF, which should be set to the hostname where the alias should point. For the alias to work, the hostname must have an A record or be handled by a wildcard A record.

This can be:

  • The root domain (@). To map a root domain, like example.com, enter the @ symbol.
  • A subdomain (e.g. site.example.com).

Setting an CNAME record using DigitalOcean DNS looks like this:

Screenshot with the CNAME record filled out using the information below.

In this example, we entered the subdomain prefix staging for the hostname and @ for the hostname to redirect to. This will make DNS lookups for staging.digitalocean.love will redirect to the root domain, digitalocean.love.

MX Records

An MX record specifies the mail servers responsible for accepting email on behalf of your domain. Providers often make multiple name servers available so that if one is offline, another can respond. Each server needs its own MX record.

On DigitalOcean, MX records have the following fields.

  • HOSTNAME, which determines which host should accept email. In most cases, the hostname field should be set to @ so that it applies to the base domain.
  • MAIL PROVIDERS MAIL SERVER, which points to the hostname with the A record for the mail server.
  • PRIORITY, which indicates the order in which the mail servers should contacted. This field takes a positive whole number where 1 is the highest priority.

Setting an MX record using DigitalOcean DNS looks like this:

Screenshot of the MX record form

The Add Gmail MX Records will add records for each of Google's mail servers automatically for use with G Suite.

Screenshot with automatically configured Gmail MX records aspmx.l.google.com and alt1-alt4 records defined.

TXT Records

A TXT record is used to associate a string of text with a hostname. These are primarily used to verify that you own a domain.

On DigitalOcean, TXT records have the following fields.

  • VALUE (e.g. example_name=example_value), which is a name-value pair separated by an equal sign, =.

  • HOSTNAME, which can be set to:

    • The root domain (@). To map a root domain, like example.com, to an IPv4 address, enter the @ symbol.
    • A subdomain prefix (e.g. www). To create a subdomain, enter the subdomain prefix. For example, to create www.example.com, you would enter www.

Setting a TXT record using DigitalOcean DNS looks like this:

Screenshot of TXT record with google-site-verification token entered

In this example, we added the verification token google-site-verification=EXAMPLEV0vtDHmdYgP4H4eHxjgoM8LHtkfRcKmt_5Rt to our root domain to prove domain ownership for G Suite.

NS Records

An NS record specifies the name servers, or servers that provide DNS services, for a domain or subdomain. You can use these to direct part of your traffic to another DNS service or to delegate DNS administration for a subdomain.

On DigitalOcean, NS records have the following fields.

  • HOSTNAME, which can be set to:
    • The root domain (@). To map a root domain, like example.com, to an IPv4 address, enter the @ symbol.
    • A subdomain prefix (e.g. www). To create a subdomain, enter the subdomain prefix. For example, to create www.example.com, you would enter www.
    • A wildcard (*). To direct requests for a non-existent subdomain to a server or load balancer, enter *. However, if any kind of DNS record exists for a hostname, the wildcard will not apply; you will need to explicitly create an A record for it.
  • WILL DIRECT TO, which should be set to the name server.

Setting an NS record using DigitalOcean DNS looks like this:

Screenshot of NS record with an example nameserver, dns1.example.com entered.

In the example, we entered ocean as the hostname and dns1.example.com as the name server. This means that DNS lookups for ocean.digitalocean.love will be directed to dns1.example.com.

Note: When you add a domain to DigitalOcean DNS, NS records pointing at DigitalOcean's name servers are automatically created for it.

SRV Records

A SRV record specifies a hostname and port number for a specific service to direct certain types of traffic to particular servers. Some services, like SIP (Session Initiation Protocol) and [XMPP/Jabber](XMPP/Jabber) (Extensible Messaging and Presence Protocol), require SRV records.

On DigitalOcean, SRV records have the following fields.

  • HOSTNAME (e.g. _service._protocol), which should be set to the service, like SIP, and protocol, like TCP or UDP. This field needs to begin with an underscore, _, and the service and protocol must be separated by a period and underscore, ._, resulting in an entry like _sip._udp.
  • WILL DIRECT TO, which can be set to:
    • The root domain (@). To map a root domain, like example.com, to an IPv4 address, enter the @ symbol.
    • A subdomain prefix (e.g. www). To create a subdomain, enter the subdomain prefix. For example, to create www.example.com, you would enter www.
    • A fully qualified domain name, or FQDN (e.g. fqdn.example.com.). To use an FQDN, enter the FQDN with a period (.) at the end. This distinguishes it from a subdomain prefix.
  • PORT (e.g. 5060), which should be set to the port that the service listens on.
  • PRIORITY (e.g. 10), which indicates the importance of the host. This field takes a positive whole number where 1 is the highest priority.
  • WEIGHT (e.g. 100), which indicates the relative importance of the host between multiple records with the same priority. This field takes a positive whole number where the higher the number is, the more preference the record is given.

Setting a SRV record using DigitalOcean DNS looks like this:

Screenshot of SIP configuration described below

In the example, we specified that our service uses SIP over UDP on port 5060, and we entered a subdomain prefix sip. This means that SIP requests will be directed to sip.digitalocean.love.

CAA Records

A CAA record specifies which certificate authorities are permitted to issue certificates for a domain. You can use them to reduce the risk of unintended certificate mis-issue.

How To Create and Manage CAA Records Using DigitalOcean DNS provides detailed guidance on using CAA records. This section is only a brief overview.

On DigitalOcean, CAA records have the following fields.

  • HOSTNAME, which can be set to:
    • The root domain (@). To map a root domain, like example.com, to an IPv4 address, enter the @ symbol.
    • A subdomain prefix (e.g. www). To create a subdomain, enter the subdomain prefix. For example, to create www.example.com, you would enter www.
    • A wildcard (*). To direct requests for a non-existent subdomain to a server or load balancer, enter *. However, if any kind of DNS record exists for a hostname, the wildcard will not apply; you will need to explicitly create an A record for it.
  • AUTHORITY GRANTED FOR, which can be set to:
    • The domain name for the certificate authority (e.g. letsencrypt.org).
    • A valid URI with contact information (e.g. https://contact.example.com or mailto:contact@example.com) as either the web address of a contact from or an email address. The iodef flag must be chosen to use this option.
  • TAG, which can be set to:
    • One of the three defined CAA tags, which are issue, issuewild, and iodef.
    • Custom tags defined by the certificate authority.
  • FLAGS, which is currently used to set an Issuer Critical flag. This is is an unsigned integer between 0 and 255 that specifies how a CA should behave when it encounters a tag it doesn't understand. For example, a zero (0) tells the CA to issue a certificate anyway, and a one (1) tells the CA to refuse.

Setting a CAA record using DigitalOcean DNS looks like this.

Screenshot of a CAA record with the values below filled in:

In this example, we entered @ for so that a certificate can be issued for the root domain, digitalocean.love. In the example, we've entered letsencrypt.org as the CA to grant them authority to issue certs for the root domain (@), which is digitalocean.love.

Limitations:

The CAA standard supports:

  1. Blocking anyone from issuing certificates by sending a semicolon (;) in the value.
  2. Allowing name-value tags after the CA name, for example: letsencrypt.org; abc=cde.

At the time of this writing, these are not supported by DigitalOcean DNS. We are working on it, and we will support them soon.

Next Steps

In this article, we provided an overview of how to manage DNS in the DigitalOcean Control Panel. The following tutorials may be useful next steps for you.

For high-level overviews of related concepts:

For more detail on using DNS with DigitalOcean:

For step-by-step tutorials on what you can do with server(s) for your domain:

255 Comments

Creative Commons License