Skip to main content
Illustration de l'article : DNS Management During Migration: Complete Guide | Dragnoc Blog
Transfer · 10 min read

DNS Management During Migration: Complete Guide | Dragnoc Blog

DNS, propagation, TTL, A records, CNAME, MX… Everything you need to know for smooth DNS management during migration.

DNS is the invisible infrastructure that makes the internet work. When a visitor types your domain name into their browser, it is DNS that translates that human-readable name into the IP address of the server hosting your site. During a migration, DNS management is the critical bridge between your old server and your new one. Get it wrong, and your site goes dark. Get it right, and the transition is seamless for your visitors.

Yet DNS remains one of the most misunderstood aspects of web migrations. The concepts of propagation, TTL, record types, and caching create confusion that leads to avoidable downtime. Transfer guides you through DNS changes during migration, but understanding how DNS works will give you the confidence to manage any migration scenario.

Understand how DNS works

Think of DNS as the internet's phone book. When you type example.com into your browser, the following chain of lookups happens in milliseconds:

1

Browser cache check

Your browser first checks its own cache. If you visited the site recently, the IP is already stored locally and the lookup ends here.

2

OS resolver cache

If not in the browser cache, the operating system checks its own DNS cache. On Windows, macOS, and Linux, the OS maintains a local cache of recent lookups.

3

Recursive resolver (ISP or public DNS)

The query goes to a recursive resolver (your ISP's DNS, or a public resolver like Cloudflare 1.1.1.1 or Google 8.8.8.8). This resolver checks its cache and, if needed, queries the authoritative DNS hierarchy.

4

Authoritative nameserver

The recursive resolver queries the root servers, then the TLD servers (.com, .fr), and finally your domain's authoritative nameserver, which returns the definitive IP address for your domain.

The critical concept here is caching. At every level of this chain, the result is cached for a duration specified by the TTL (Time To Live) value. When you change your DNS records during a migration, these cached values must expire before the change takes effect everywhere. This is what "DNS propagation" really means -- it is not the records "spreading" across the internet, but rather old cached values expiring at different rates across thousands of resolvers worldwide.

DNS propagation is not instant

Even with a low TTL, propagation can take up to 48 hours in worst-case scenarios because some resolvers do not strictly honor TTL values. Most propagation completes within 1 to 4 hours with properly configured TTL, but always plan for the possibility of a longer window.

DNS record types explained

During a migration, you will interact with several types of DNS records. Understanding each one is essential to making the right changes at the right time.

A

Address Record

Maps your domain to an IPv4 address. This is the primary record you change during a server migration. Example: example.com → 203.0.113.50. You will typically have an A record for both the root domain and the www subdomain.

AAAA

IPv6 Address Record

The IPv6 equivalent of the A record. If your new server supports IPv6, add an AAAA record alongside the A record. Example: example.com → 2001:db8::1.

CNAME

Canonical Name Record

Creates an alias from one domain to another. Commonly used to point www.example.com to example.com, or to point subdomains to cloud services. Cannot be used on the root domain with most providers.

MX

Mail Exchange Record

Directs email delivery to specific mail servers. Critical during migration: if your email is hosted separately from your website, do NOT change MX records when migrating the site. If email and web are on the same server, update MX to point to the new server.

TXT

Text Record

Stores arbitrary text data. Used for SPF records (email authentication), DKIM keys, DMARC policies, domain verification (Google Search Console, SSL certificates), and other service validations.

NS

Nameserver Record

Specifies which nameservers are authoritative for your domain. Changing NS records (e.g., moving DNS management from your registrar to Cloudflare) affects all other records. NS changes propagate the slowest -- allow 24 to 48 hours.

Prepare DNS for migration

Proper DNS preparation starts days before the actual migration. Here is a systematic approach that minimizes risk and downtime.

Document your current DNS zone

Before changing anything, export or screenshot your entire DNS zone. Record every A, AAAA, CNAME, MX, TXT, and SRV record currently configured. This serves as your rollback plan -- if anything goes wrong, you can restore the exact original configuration in minutes.

  • Log in to your DNS provider (registrar or DNS management service) and list all records
  • Pay special attention to records you might not have created yourself: hosting providers and third-party services often add records automatically
  • Note the current TTL values for each record -- you will need to restore them after migration
  • Identify which records need to change (typically A and possibly AAAA) and which must stay unchanged (MX if email is separate, TXT for SPF/DKIM/DMARC)

Identify email vs. web hosting

One of the most dangerous DNS mistakes during migration is accidentally disrupting email delivery. Before you change any records, clearly identify where your email is hosted:

  • Email on the same server as the website -- you need to update both A records (for the website) and MX records (for email) to point to the new server. Also update SPF and DKIM TXT records
  • Email on a separate service (Gmail Workspace, Microsoft 365, dedicated email hosting) -- only change the A record for the website. Do NOT touch MX, SPF, or DKIM records. These must continue pointing to your email provider
  • Email on the old hosting, website moving -- this is the trickiest scenario. You need to move email separately (using Sync) or set up email on the new server before switching DNS

Do not change MX records unless you are migrating email too

If your email is hosted on Gmail Workspace, Microsoft 365, or any dedicated email service, your MX records must stay exactly as they are. Changing them will silently break email delivery -- incoming emails will bounce or disappear into the void.

Reduce TTL before migration

This is the single most important preparatory step for DNS during a migration, and it must be done 48 hours before the planned switch.

Why TTL matters

TTL (Time To Live) tells DNS resolvers how long to cache a record before checking for updates. A typical default TTL is 3600 seconds (1 hour) or even 86400 seconds (24 hours). If your A record has a 24-hour TTL and you change the IP address, some visitors will continue reaching the old server for up to 24 hours while cached values expire.

TTL impact on propagation time

TTL 86400 (24h)
Up to 24h
TTL 3600 (1h)
Up to 1-2h
TTL 300 (5min)
5-15 min

How to reduce TTL

At least 48 hours before migration day, change the TTL of your A record (and AAAA if applicable) to 300 seconds (5 minutes). The reason you must do this 48 hours in advance is that the old TTL value is currently cached by resolvers worldwide. If the old TTL was 24 hours, it can take up to 24 hours for all resolvers to pick up the new, lower TTL. Only then will the lower TTL actually be in effect.

  • Log in to your DNS provider and change the TTL of the A record to 300
  • If you have a CNAME for www, reduce its TTL as well
  • Do NOT reduce TTL on MX records unless you are migrating email
  • Do NOT reduce TTL on NS records -- nameserver TTL changes have their own complexities
  • Wait a full 48 hours before proceeding with the migration

Switch DNS to the new server

Once your site is fully migrated and verified on the new server (using a hosts file override or temporary URL), it is time to update DNS.

The switch process

  • Verify the new server is ready -- the site must be fully functional on the new server before you touch DNS. Test all pages, forms, and functionality via the direct IP or a temporary domain
  • Update the A record -- change the IP address to your new server's IP. If you also have a www CNAME or A record, update it accordingly
  • Update AAAA record if the new server has a different IPv6 address
  • Generate SSL certificate -- if using Let's Encrypt, you need DNS to point to the new server before you can generate the certificate. Some hosts handle this automatically; others require manual action. During the brief gap, consider using a certificate from the old server or a temporary self-signed certificate
  • Do NOT change other records unless specifically needed for the migration

Keep both servers running during propagation

During DNS propagation, some visitors will reach the old server and some will reach the new one. Keep both servers running with the site accessible on both until propagation is complete. This ensures zero downtime for all visitors regardless of which server they reach.

After the switch

Once DNS propagation is complete (typically 5 to 30 minutes with a 300-second TTL), restore the TTL to a normal value. A TTL of 3600 (1 hour) is a good default -- it balances between fast updates when needed and reduced DNS query load. There is no benefit to keeping a 5-minute TTL permanently; it only increases DNS resolver traffic.

Verify DNS propagation

After updating your DNS records, you need to verify that the changes are propagating correctly across the global DNS infrastructure.

Online propagation tools

  • whatsmydns.net -- checks DNS resolution from dozens of servers worldwide. Enter your domain and select the record type (A, MX, etc.) to see the current value at each location. The most widely used propagation checker
  • dnschecker.org -- similar to whatsmydns, with a visual world map showing which servers have updated and which still return the old value
  • MXToolbox -- comprehensive DNS diagnostic that checks all record types, identifies configuration errors, and verifies MX record health

Command-line verification

For more precise diagnostics, use command-line tools to query specific DNS resolvers:

  • dig example.com A +short -- query your default resolver and show just the IP address
  • dig @8.8.8.8 example.com A -- query Google's DNS directly to see what they resolve
  • dig @1.1.1.1 example.com A -- query Cloudflare's DNS for a second opinion
  • nslookup example.com -- the Windows-friendly equivalent for basic DNS lookups

Compare the returned IP address against your new server's IP. When all major resolvers return the new IP, propagation is essentially complete.

Post-propagation checklist

DNS migration completion checks

A record resolves to the new server IP worldwide

Website loads correctly from multiple locations

SSL certificate valid and HTTPS working

Email delivery functioning (send test emails)

MX records unchanged (if email is separate)

SPF and DKIM records still valid

TTL restored to normal value (3600s)

Old server kept running for at least 2 weeks

Migrate your site with zero downtime

Transfer automates the entire migration process -- files, database, and configurations -- with guided DNS management for a seamless transition.

Start a migration Learn more

Related articles

TechnicalMarch 1, 2026

WordPress Security: 10 Most Common Mistakes

Weak passwords, outdated plugins, overly permissive file permissions... Discover the 10 most frequent WordPress security mistakes and how to fix them.

Read article
TechnicalMarch 16, 2026

How to Automate Your Website Backups

Forgotten manual backups? Learn how to automate complete backups of your files and databases with reliable solutions.

Read article
TechnicalMarch 31, 2026

Gmail to Pro Hosting: Email Migration Step by Step

Leaving Gmail for professional hosting? Complete guide to migrating all your emails, contacts and folders without losing a single one.

Read article