Vultr offers free DNS hosting for customers' domains. Vultr's nameservers are on an AnyCAST network to ensure fast DNS resolution. You are not required to use Vultr DNS when using other Vultr services, but it's fast, free, and easy to use. Here's how.
Navigate to the DNS tab of the customer portal.
Click the Add Domain menu.
Enter the domain name and default IP address. Click Add.
The created domain has default A, MX, and NS records, and a wildcard CNAME for the domain.
To add DNS records, use the fields at the top of the DNS record list.
Fill in the appropriate values, as described below, then click the + icon in the Actions column. All records use the TTL value, which is the "time to live" value, or the amount of time other DNS servers cache the DNS record. You do not usually need to modify this value.
Change your domain's nameserver (NS) records, at the domain registrar where your domain name was purchased, to Vultr's primary and secondary name servers:
ns1.vultr.com
ns2.vultr.com
Only these two nameservers should be listed for your domain at your registrar. Delete any other nameservers to prevent conflicts. The specific instructions vary depending on your registrar, we recommend searching for "register nameserver ns records at YOUR_REGISTRAR_NAME" to locate step-by-step instructions for your registrar. Some registrars refer to this setting as your "personal nameservers, "custom nameservers", or "authoritative nameservers".
When you change your domain's NS records to Vultr's name servers, all domain services are affected. Make sure your Vultr DNS records are correct before updating the NS records at your registrar.
An A (Address) record points the domain or subdomain to an IPv4 address.
Name: Enter a hostname, or leave the field blank to set the domain default address. For example:
Enter test to create a record for test.example.org.
Leave the field blank if setting the domain default address for example.org.
Data: Enter the IPv4 address.
AAAA (Quad A) records works the same as A records, except for IPv6.
Name: Enter a hostname, or leave the field blank to set the domain default address. For example:
Enter test to create a record for test.example.org.
Leave the field blank if setting the domain default address for example.org.
Data: Enter the IPv6 address.
The CAA (Certification Authority Authorization) record specifies which certificate authorities can issue certificates for the domain.
Name: Leave this field blank.
Data: The CAA policy for your domain. A tool like CAA Record Helper may help generate your policy string.
CNAME (Canonical Name) records create aliases that point to A or AAAA records for DNS redirect. They can also point to CNAME records, but this results in multiple, inefficient DNS lookups.
Name: Enter an instance name, such as foo.
Data: Enter the name of an existing A, AAAA, or CNAME record. For example, bar.
foo.example.org is now an alias for bar.example.org.
MX (Mail Exchanger) records direct email to a mail server. MX records always point to a fully-qualified domain name, never to an IP address.
Name: Leave blank.
Data: Enter the fully-qualified domain name of the mail server. For example, mail.example.org.
Priority: Enter a number. Lower numbers indicate higher priority.
Multiple MX records, pointing to multiple mail servers, may exist for example:
SMTP servers will attempt delivery to mail.example.org (priority 10) first. Then, if delivery fails, mail2.example.org.
The NS (Name Server) record specifies the authoritative nameservers for a domain or a subdomain.
Name: Leave blank.
Data: Enter the fully-qualified domain name of the name server.
Vultr correctly sets the NS records to the default name servers when you create a DNS zone. The default name servers are:
ns1.vultr.com
ns2.vultr.com
Do not change these records unless creating a "vanity nameserver". If you create vanity nameservers, there is no guarantee that the IP addresses for ns1.vultr.com
and ns2.vultr.com
won't change in the future.
SRV (Service) records assist with service discovery for protocols such as VoIP and LDAP.
Name: Enter the Service and Protocol, separated by a dot.
Data: Enter the Weight, Port and Target. Separate the values with spaces.
Priority: Enter a number. Lower numbers indicate higher priority.
An SSHFP (Secure Shell fingerprint) record identifies SSH keys that are associated with a hostname. You should secure SSHFP records with DNSSEC.
Name: Enter a fully-qualified instance name, such as test.example.org.
Data: Enter the Algorithm, Fingerprint type and Fingerprint in hex. Separate the values with spaces. For example, if you use the RSA algorithm and SHA-1 fingerprint, your data would look like:
1 1 6580deadbeef0920be418551eb9978b830f82935
The valid values for Algorithm and Fingerprint are below. For more details, please see our step-by-step guide guide Use SSHFP Records to Verify SSH Host Keys.
There are four different algorithms, each represented by an integer:
1 - RSA
2 - DSA
3 - ECDSA
4 - Ed25519
There are two fingerprint types, represented by an integer:
1 - SHA-1
2 - SHA-256
You can use ssh-keygen to generate SSHFP records with the -r parameter, followed by the hostname.
$ ssh-keygen -r test.example.org
test.example.org IN SSHFP 1 1 65809317c6510920be418551eb9978b830f82935
TXT (Text) records can store arbitrary string attributes for various purposes.
Name: Enter data as desired.
Data: Enter data as desired.
Use the Zone Settings tab of the Manage DNS Domain page to modify SOA information.
The following limitations apply to Vultr DNS:
No PTR: Vultr DNS does not support adding arpa zones to create PTR records. If you need to create a PTR record, please review our reverse DNS article.
Minimum TTL: The minimum TTL is 120 seconds.
Vultr allows you to enable DNSSEC for any domain on your account. Navigate to the Zone Settings tab within the Vultr DNS control panel and toggle the DNSSEC switch on.
You will have to provide your domain's registrar with the DS records listed on the Zone Settings page to finish DNSSEC setup. These records are unique to each domain, and cannot be recovered in the event you disable DNSSEC.
Once the records are set with your registrar, verify the DNSSEC setup with a tool like DNSViz.
Vultr DNS cannot be used with cPanel in an automated fashion. If you run a cPanel server and plan on using Vultr DNS, you will need to manually add/edit your DNS zones and records. cPanel DNS clustering does not support Vultr's API.
The Vultr API offers several endpoints to manage DNS.
List all DNS domains in your account.
Create a DNS domain.
Get information for the DNS domain.
Update a DNS domain
Set a reverse DNS entry for an IPv4 address.
Delete a DNS domain.
List the DNS records for the domain.
Create a DNS record.
Get information for a DNS record.
Update the information for a DNS record.
Delete a DNS record.
Get SOA information for the DNS domain.
Update the SOA information for the DNS domain.
Are Vultr DNS nameservers on an AnyCAST network?
Can I use Vultr DNS with my cPanel server?
Does Vultr allow white-label DNS/vanity nameservers?
Does Vultr support Unicode records and domain names?
Does Vultr support DNSSEC?