[Common Issue] How do I migrate a domain to Netlify Managed DNS with zero downtime?

What is this topic about?

This topic covers copying your existing DNS records from your current DNS service to Netlify.

Netlify offers a Managed DNS service which allows you to manage DNS records for domains using our web UI (even for domains registered elsewhere).

IMPORTANT: You must copy any/all required DNS records to the Managed DNS service before changing the domain’s name servers to the Managed DNS server to avoid possible interruption of services.

For this reason, we recommend you check your existing DNS configuration at your current DNS service to make sure you have the same configuration at Netlify before you make the name server switch to Managed DNS.

What might happen if I don’t do this?

If you don’t copy required DNS records to Netlify when you switch, those records will stop working. These might be records for: subdomains hosted outside of Netlify, email service, TXT verification records for Google or other services.

The most common issue is that email stops working and any email sent to your domain is rejected and returned to the sender.

Clearly, any service interruption of any kind is something to prevent. Please keep reading to learn how to confidently make the DNS service change with zero downtime or impact to your other services.

What is DNS?

DNS stands for domain name system. If you don’t know what DNS is, please take time to learn more about it as this topic assumes you have a basic understanding of what DNS is. It also assumes that you know how to create DNS records with both your current DNS service and with Managed DNS.

To simplify (probably over-simplify) DNS, it is the mapping of IP addresses (which are actually 32 bit or 128 bit binary numbers) to domain names - which are human friendly strings.

DNS is what turns www.netlify.com into 2604:a880:2:d0::ddf:c001 (or some other IP address).

I’m not going to try to cover even the basics of DNS here. It is an interesting technology which is integral to how the internet functions and I do recommend learning more about it if you are responsible for managing DNS records.

If you do want to learn more about DNS here are a couple of articles to help you get started:

https://ns1.com/resources/dns-records-explained

https://www.digitalocean.com/community/tutorials/an-introduction-to-dns-terminology-components-and-concepts

These are just basic introductions. There are entire books about DNS and let’s not forget the RFCs.

What do you mean by “copy any/all required DNS records to the Managed DNS service”? Which records do I copy?

The answer is normally: “any/all required DNS records” = “all DNS records”. It might be simpler to ask: “which records don’t I copy”?

You should be able to see your current DNS records in the web UI of your current DNS service. Usually (almost always) this is somewhere in the web UI of the domain registrar where you registered the domain name. Some domain registrars do use third-party DNS services or you might have already moved the DNS service for your domain to another third-party DNS service (like AWS Route 53).

When you do find the records with your current DNS service, the only records you do not want to copy are records which will be different once the domain has been moved to Netlify.

For example, if you are using our manual configuration method (instead of Managed DNS) to connect your domain to your Netlify site, you likely added A, CNAME and possibly other DNS records to your existing DNS service. Because those records will be handled differently with the Managed DNS, do not copy those records over to Managed DNS.

If you are migrating from manual configuration to Managed DNS, you will need to add those domain names to the domain settings page for the site in the Netlify UI. Do not just copy those DNS records to Netlify.

Besides those Netlify specific DNS records, you should examine your DNS records to make sure there isn’t anything unwanted or out of date. Sometimes a spot check of records will reveal one which you are no longer using. Obviously, if a record should be deleted because it is unneeded - you wouldn’t want to copy it to Netlify.

These are the only exceptions when copying records (the only records not to copy):

  • unused or out of date DNS records (meaning records which should be deleted anyway)
  • Netlify specific DNS records (A or CNAME records pointing to Netlify sites)

Every other record should be copied to Managed DNS before making the final name server switch to activate it.

Are there important record types I should be on the lookout for?

Again, in most cases, all but a few records will need to be copied to Netlify. I did mention the potential for disruption of email service, though, so let’s focus on that as an example.

Email records types: MX and TXT

Without a doubt, if you have emails being delivered for addresses at your domain - you have MX records. So all MX records should be copied to Netlify.

It is also quite common for TXT records to be required for the sending of emails, for example for SPF and DKIM. Please copy all your TXT records as well.

If you copied all the MX and TXT records to Netlify, your email service will continue working with zero downtime. People emailing you won’t even know the change happened.

Other record types: A, AAAA, CNAME

You will also want to copy almost all the other records you have in your existing DNS configuration. (Again, the only exception being A and CNAME records for our manual configuration method.) You might have A, AAAA, and/or CNAME records which point various subdomains of your site to other services or APIs. It will be important to copy those records to Netlify.

What do these record types do?

  • A - link a domain name to an IPv4 address
  • AAAA - link a domain name to an IPv6 address
  • CNAME - link a domain name to another domain name

These other records (if they exist at all) are likely important for other services relating to your domain and, if they are not copied, your services for this domain will probably be disrupted.

On the other hand, if you follow the advice here and those records are copied to Managed DNS before you switch, then they will continue to work during and after the switch. There will be no interruption of service of any kind - zero downtime.

I did not copy my records before switching name servers and my email (or other service) stopped working. How do I fix this?

Solution #1: Copy the records using a web UI

First, try logging into your previous DNS service (usually the website where you registered your domain) and looking for the missing records. Then copy them to Managed DNS in our web UI and they should start working the moment they are created at Netlify. This is the fastest way to resolve the issue in most cases.

Solution #2: Copy the records using other tools

If you cannot log into your old DNS service for some reason, there might still be other options available.

Personally, the tool I find the most valuable for doing any diagnostic work with DNS systems is the command line interface software called ‘dig’. You can install dig on Linux, MacOS, and Windows and I use it almost daily in my work at Netlify (often many times a day).

You can use dig to query the your previous DNS service (provided you didn’t delete the records there).

For example, say I have the domain example.com and I moved it to Managed DNS, but I forgot to copy my MX records. Let’s say also in this example that the name servers I used before were ns1.example.com and ns2.example.com (this is a terrible example, but let’s pretend).

I could then query one of those servers to find my missing MX records so I could copy them to Netlify using the following dig command:

$ dig @ns1.example.com example.com MX +noall +answer

; <<>> DiG 9.10.6 <<>> @ns1.example.com example.com MX +noall +answer
; (1 server found)
;; global options: +cmd
example.com.		900	IN	MX	20 emailserver2.example.com.
example.com.		900	IN	MX	10 emailserver1.example.com.

I would now be able to copy these records to Netlify.

There is a key limitation when using dig (and all other DNS tools). Outside of a very limited case (one which will never occur at Netlify), it is impossible to definitively query all DNS records for a domain. (Zone transfers being the exception but zone transfers don’t apply to Netlify.) In other words, dig cannot automatically list all DNS records for a domain. That just isn’t how DNS works.

If you have a record for a subdomain like super-secret-subdomain-no-one-knows-about.example.com, there is no way to search for it. I would have to know that this subdomain existed and manually ask for record. There is no way to say “give me all DNS records for example.com” using standard DNS tools under normal circumstances.

This is why logging into the web UI of your previous DNS service is recommended; it is the best way to guarantee you will find all the DNS records.

Solution #3: Change back to your previous DNS provider

You can also revert the switch and move back to your previous DNS service. This can be done by changing the name servers for your domain back to the original ones.

Note, this may actually take longer to fix any issues though.

This is due to time to live (TTL) values in the DNS records themselves. DNS records are cached and if you move the name servers back it can be hours or days before those changes take effect. This caching is part of DNS itself and it isn’t something specific to Netlify. All DNS changes must take caching into account and because it applies to the entire DNS ecosystem as a whole - not just our Managed DNS.

The caching/TTL applies to any existing records, but not to newly added records. If you add the missing records at Netlify instead, they will begin working immediately.

Summary

The key to a smooth migration to Managed DNS with zero downtime is to copy your existing DNS records to Netlify before switching to our name servers.

If this step wasn’t done and there is an interruption of service, then copying the missing records to Netlify will resolve the issue the fastest (in most cases).

If there are any questions about this please let us know and we’ll be happy to answer.

Excellent explanation, but even though this method eliminates downtime, that does not mean that changing DNS servers is instantaneous. Even assuming that all records from the previous DNS provider have been recreated on the Netlify DNS page, once you switch from the previous DNS host to the Netlify DNS name servers, it can take up to several hours before these changes propagate through the worldwide DNS system. During this transition time, some visitors will be seeing the website content on your old host, and some will be seeing content on Netlify. Therefore, should you change content on Netlify, it may not appear to any or all visitors until after the DNS propagation is complete. Technically, this is not downtime, but it can feel that way – you are making changes but are not able to see them. As the developer, you can always visit your website at example.netlify.com (where “example” is the name assigned to this website on Netlify) to verify that content changes have gone live, but for very active sites, you might want to make the DNS switch during a relatively slow time for visitors, such as early Sunday morning.

Good point, @gregraven. DNS changes are not instantaneous. If you are making changes to an existing configuration, we have another guide for how to make those changes with minimal downtime:

This topic (not the one linked above) discusses copying an existing configuration only - not making changes during the move. The recommendation is to have identical (or functionally equivalent) configurations at the previous DNS service and Managed DNS during the migration.

If both configurations are identical, there will be no interruption of service during the time window the changes were occurring. Regardless of whether visitors were getting cached DNS responses from the old service or answers from new Managed DNS service - they should still be getting the same DNS responses.