DNS Change Planner

Document DNS record changes, TTL timing, verification, and rollback steps before touching production DNS.

Change details

Readiness

Risk levelHigh

Add the required record values and host before making any DNS change.

Old TTL wait1 hr
Checks ready2/7
RecordA
Host is ready

The exact DNS name is documented.

Old value missing

Capture the current production value before changing DNS.

New value missing

Enter the value that will replace the current record.

Values look identical

Confirm whether this is a TTL-only change or update the new value.

TTL is lowered

A shorter TTL reduces rollback and propagation waiting time.

Change window missing

Add a scheduled time so stakeholders know when the change happens.

Owner missing

Add a team or person responsible for the change.

Checklist

Before change

  1. Lower the record TTL to 300 seconds ahead of the change.
  2. Wait at least one old TTL period: 1 hr.
  3. Capture the current DNS record and provider screen before editing.
  4. Confirm owner, monitoring, and communication channel.

During change

  1. Publish the new A record for www.example.com.
  2. Verify public resolvers return the new value.
  3. Monitor application, email, or certificate behavior after propagation.
  4. Raise TTL back to the normal value after the change is stable.

Rollback

  1. Restore the old DNS value exactly as captured.
  2. Flush provider cache if available and wait for the short TTL.
  3. Verify resolvers return the restored value.
  4. Notify stakeholders with final status and next steps.

Markdown memo

# DNS Change Plan

- Record type: A
- Host name: www.example.com
- Current TTL: 3600
- Planned TTL: 300
- Change window: -
- Owner: -
- Risk level: High

## Reason
-

## Old value
```
-
```

## New value
```
-
```

## Checklist
- [ ] Lower the record TTL to 300 seconds ahead of the change.
- [ ] Wait at least one old TTL period: 1 hr.
- [ ] Capture the current DNS record and provider screen before editing.
- [ ] Confirm owner, monitoring, and communication channel.
- [ ] Publish the new A record for www.example.com.
- [ ] Verify public resolvers return the new value.
- [ ] Monitor application, email, or certificate behavior after propagation.
- [ ] Raise TTL back to the normal value after the change is stable.
- [ ] Restore the old DNS value exactly as captured.
- [ ] Flush provider cache if available and wait for the short TTL.
- [ ] Verify resolvers return the restored value.
- [ ] Notify stakeholders with final status and next steps.

## Rollback
1. Restore the old DNS value exactly as captured.
2. Flush provider cache if available and wait for the short TTL.
3. Verify resolvers return the restored value.
4. Notify stakeholders with final status and next steps.

You might also like

Luck predicts what you like

🔢

IP Format Converter

IP address format conversion

🔎

WHOIS Lookup

Look up domain registration data through RDAP when available.

🔒

SSL Certificate Checker

Check HTTPS reachability and inspect pasted PEM certificate text.

🛡️

DMARC Record Generator

Build DMARC TXT records with policy, report, alignment, and rollout settings

🌍

DNS Propagation Checker

Check DNS records through public DNS-over-HTTPS resolvers.

📨

SPF Record Generator

Generate SPF TXT records from email providers, IP addresses, and DNS mechanisms

🔄

JSON Compare

Compare differences between two JSON files

📝

JSON to YAML

Convert JSON to YAML format