You’ve registered a domain. You’re setting up hosting. Somewhere in the process, someone tells you to “update your nameservers” or “add a DNS record” — and if you’re not sure what either of those means, or how they relate to each other, you’re not alone. This is one of the most common points of confusion in all of web hosting.

The problem is that nameservers and DNS records are part of the same system but operate at different levels of it. Mixing them up leads to broken websites, missing email, failed SSL verifications, and hours of frustrated troubleshooting.

This guide untangles them completely. By the end, you’ll understand exactly what each one does, how they work together, where to change them, and how to fix the most common problems that come up when things go wrong.

1. How the DNS System Works (The Big Picture)

Before diving into nameservers and DNS records individually, it helps to understand the system they both belong to: the Domain Name System (DNS).

The DNS is essentially the internet’s phone book. Humans navigate the web using domain names like yourwebsite.com. Computers navigate it using IP addresses like 104.21.45.32. The DNS translates one into the other — automatically, invisibly, millions of times per second across the internet.

When someone types your domain name into a browser, a remarkable chain of lookups happens in under 100 milliseconds:

In this chain, nameservers are the directory — they tell the internet where to look for your domain’s information. DNS records are the actual entries inside that directory — specific instructions like “the website lives at this IP address” or “email for this domain goes to that mail server.”

They’re part of the same system, but they do different jobs at different levels. That’s the core of the distinction this guide will make crystal clear.

2. What Are Nameservers?

Nameservers are specialized servers that store the DNS records for your domain and answer DNS queries about it. When the internet wants to know anything about your domain — where the website is, where to send email, whether the domain is verified for a particular service — it asks your nameservers.

Think of nameservers as the filing cabinet for your domain. The DNS records inside them are the individual files. Before anyone can look at the files, they first need to know which filing cabinet to open. That’s what nameservers determine.

What Nameservers Look Like

Nameservers are identified by domain names themselves, typically something like:

• ns1.yourhostingprovider.com
• ns2.yourhostingprovider.com

You’ll always have at least two nameservers — a primary and a secondary — for redundancy. If one goes down, the other can still answer queries for your domain.

Where Nameservers Are Set

Nameservers are configured at your domain registrar — the company where you registered your domain (GoDaddy, Namecheap, Google Domains, etc.). This is a critically important distinction: nameservers are set at your registrar, not at your host.

When you point your domain to a hosting provider, what you’re actually doing is logging into your registrar and changing your nameservers to point to the ones your host gives you. Once you do that, your hosting provider’s nameservers become the authoritative source for your domain’s DNS records.

Who Provides Nameservers?

Your nameservers are typically provided by whoever manages your DNS. This is usually:

• Your web hosting provider — most common for beginners. When you sign up with a host, they give you their nameservers to use.
• Your domain registrar — many registrars like Namecheap and GoDaddy also offer free DNS management, so you can keep your nameservers there.
• A dedicated DNS provider — services like Cloudflare, Amazon Route 53, or NS1 offer advanced DNS management with performance and security benefits.

3. What Are DNS Records?

DNS records are the individual instructions stored inside your nameservers. Each record answers a specific question about your domain: Where is the website? Where does email go? Is this domain verified for Google Search Console?

A DNS zone — the complete collection of DNS records for your domain — is essentially a configuration file that maps your domain name to various services and IP addresses. You manage this zone through whatever interface your nameserver provider offers (your host’s control panel, Cloudflare’s dashboard, your registrar’s DNS settings, etc.).

The Key Insight: Records Are Specific Instructions

Where nameservers are broad — “this is where all information about this domain lives” — DNS records are precise. Each record has a type, a name, a value, and a TTL (time to live). Together these four elements tell the internet exactly what to do with a specific aspect of your domain.

4. Nameservers vs DNS Records: The Difference

Here’s the clearest way to understand the relationship:

The Most Common Source of Confusion

The confusion usually happens because people try to add DNS records in the wrong place. Here’s the scenario: you sign up with a hosting provider, then you go back to your registrar to try to add DNS records there. But nothing works — because your nameservers now point to your hosting provider, which means your registrar’s DNS records are being completely ignored.

The rule is simple: DNS records only matter if they’re stored in the nameservers your domain is currently pointed at. If your domain’s nameservers point to Cloudflare, you manage DNS records in Cloudflare — not at your registrar, not at your host.

5. DNS Record Types Explained

There are many types of DNS records, each serving a distinct purpose. These are the ones you’ll actually encounter in the real world.

Less Common But Worth Knowing

• SRV Record — specifies a host and port for a specific service (used by apps like Microsoft Teams, SIP phones, and game servers)
• CAA Record — specifies which Certificate Authorities are allowed to issue SSL certificates for your domain — a security measure
• PTR Record — reverse DNS, maps an IP address back to a domain name. Used by mail servers to verify email senders.
• DKIM Record — stored as a TXT record, contains a public key that mail servers use to verify your outgoing email hasn’t been tampered with
• DMARC Record — also a TXT record, tells receiving mail servers what to do if an email fails SPF or DKIM checks (reject, quarantine, or do nothing)

6. TTL: The Timing Factor Everyone Ignores

TTL (Time to Live) is the most overlooked DNS setting, and misunderstanding it causes a lot of unnecessary frustration when making DNS changes.

When a DNS resolver (your ISP’s DNS server, Google’s 8.8.8.8, Cloudflare’s 1.1.1.1) looks up a DNS record, it caches the result for the duration of the TTL. During that time, it won’t check for updates — it just serves the cached version. This is why DNS changes don’t take effect instantly even though you saved them immediately.

Common TTL Values and What They Mean

7. Where to Manage Each One

One of the most practical things to understand is which dashboard to open when you need to make a DNS change. The answer depends entirely on where your nameservers point.

To Change Your Nameservers

Always done at your domain registrar — the company you bought the domain from. Log into your registrar’s dashboard, find your domain, look for “Nameservers” or “DNS” settings, and update the nameserver fields. Common registrars and where to find this:

• Namecheap: Domain List → Manage → Nameservers
• GoDaddy: My Products → DNS → Nameservers
• Google Domains / Squarespace Domains: DNS → Nameservers
• Cloudflare Registrar: DNS → Nameservers (tab)

To Add or Edit DNS Records

Done wherever your nameservers currently point. This is the variable part — it depends on your setup:

8. Common Real-World Scenarios

Let’s walk through the most common situations people encounter, and exactly what to do in each one.

Scenario 1: Pointing a New Domain to Your Hosting Provider

What you need to do: Change nameservers at your registrar to the ones your hosting provider gives you.

1. Log into your hosting account and find the nameservers they provide (usually in the welcome email or account dashboard — typically two addresses like ns1.hostname.com and ns2.hostname.com)
2. Log into your domain registrar
3. Find your domain → Nameservers → switch to “Custom nameservers”
4. Enter the nameservers from your hosting provider
5. Save and wait up to 48 hours for propagation

DNS records: Once propagation completes, your host will typically have already set up the basic A record pointing to your server. Check your hosting control panel’s DNS/Zone Editor to confirm.

Scenario 2: Adding Google Workspace Email to Your Domain

What you need to do: Add MX records and TXT records — but in the right place.

1. Find out where your nameservers point (your registrar or your host)
2. Log into that dashboard (registrar DNS management, cPanel Zone Editor, or Cloudflare)
3. Delete any existing MX records for your domain
4. Add the five Google Workspace MX records Google provides
5. Add the TXT record for SPF authentication Google provides
6. Add the DKIM TXT record after completing Google Workspace setup

Scenario 3: Connecting a Custom Domain to a Third-Party Service (Shopify, Webflow, etc.)

What you need to do: Usually add a CNAME record or change the A record, following the service’s exact instructions.

• Shopify: Add an A record pointing @ to Shopify’s IP, and a CNAME for www pointing to shops.myshopify.com
• Webflow: Add two A records for the root domain and a CNAME for www
• Squarespace: Uses CNAME and A record combination — follow their specific setup wizard

Always follow the exact instructions from the third-party service — don’t guess at record types or values. They know what their infrastructure requires.

Scenario 4: Verifying Your Domain for Google Search Console

What you need to do: Add a TXT record with Google’s verification string.

1. In Search Console, choose “Domain” verification method
2. Copy the TXT record value Google gives you
3. Go to wherever your nameservers point
4. Add a new TXT record: Name = @ (root domain), Value = the Google string
5. Click verify in Search Console — it may take a few minutes to detect the record

9. Troubleshooting DNS Problems

When something DNS-related isn’t working, these are the steps that solve it in the vast majority of cases.

Website Not Loading After Changing Nameservers

• First check: How long ago did you change nameservers? If less than 48 hours, it may simply not have propagated yet. Use dnschecker.org to see propagation status across global DNS servers.
• Check if the A record exists: Log into your host’s DNS management and confirm an A record exists pointing your domain to your server’s IP address.
• Try a different DNS server: Flush your local DNS cache (ipconfig /flushdns on Windows, sudo dscacheutil -flushcache on Mac) or test with Google’s DNS (8.8.8.8) using a tool like nslookup.

Email Not Delivering After Setting Up Email Hosting

• Confirm MX records are in the right place: Check that your MX records are in the DNS zone your nameservers point to — not at your registrar if nameservers are elsewhere.
• Check for MX record conflicts: Old MX records from a previous email provider can conflict with new ones. Delete all existing MX records before adding new ones.
• Verify SPF and DKIM records exist: Email deliverability often fails silently if SPF/DKIM records are missing. Use mxtoolbox.com’s Email Health check to diagnose.

SSL Certificate Won’t Issue

• SSL verification often requires a specific TXT or CNAME record. Confirm it’s been added to the correct DNS zone (where your nameservers point).
• Wait for TTL to expire after adding the record — SSL verification checks can fail if they run before the record propagates.
• If using Cloudflare, ensure the record is in Cloudflare’s DNS — not at your registrar.

DNS Changes Not Taking Effect

• The most common cause: you edited records at your registrar, but your nameservers point to your host or Cloudflare. Those registrar records are invisible. Make the change in the right place.
• Second most common: TTL is set to 86400 (24 hours) and you’re not waiting long enough. Use a tool like whatsmydns.net to check real-time propagation globally.

10. DNS Propagation Explained

“Propagation” is the process by which DNS changes spread across the internet’s distributed network of DNS resolvers. When you update a DNS record, you’re updating it in one place — your nameserver. But the internet has thousands of DNS resolvers, and each one may have a cached copy of your old record that won’t expire until its TTL runs out.

Why Propagation Isn’t Instant

The internet has no central DNS server. It’s a distributed, hierarchical system where resolvers at ISPs, companies, and public providers (like Google’s 8.8.8.8 and Cloudflare’s 1.1.1.1) all maintain their own caches. When you change a DNS record, each resolver only gets the update when its cached version expires and it makes a fresh query to your nameservers.

Realistic Propagation Timelines

11. Quick Reference Cheat Sheet

Bookmark this section. It’s the fast-access summary of everything in this guide.

The Key Distinction

• Nameservers = the filing cabinet. Set at your registrar. Tell the internet where your domain’s DNS records live.
• DNS Records = the files inside. Set wherever your nameservers point. Tell the internet what to do with each part of your domain.
• If you change nameservers, you must manage DNS records at the new provider — old records at your registrar are ignored.
• Always confirm where your nameservers point before editing DNS records — use dnschecker.org (NS lookup) if unsure.

DNS Record Quick Reference

Before You Make Any DNS Change

• Look up your current nameservers using dnschecker.org (NS record type)
• Log into the dashboard for whoever those nameservers belong to
• If making a major change, lower TTL to 300 at least a few hours in advance
• Note down existing record values before changing them — easy rollback if needed
• After making changes, verify propagation using dnschecker.org or whatsmydns.net
• For email changes, run a full email health check on mxtoolbox.com after propagation