Common DNS Misconceptions

DNS is one of the most widely deployed yet frequently misunderstood internet systems. Even small configuration errors can lead to propagation delays, traffic misdirection, or downtime. This page explains common misconceptions about DNS behavior and clarifies how Medianova DNS manages these factors through optimized TTL policies, Anycast resolution, and real-time zone updates.

“DNS Is Instantaneous”

Misconception: Changes to DNS records are instantly visible across the internet.

Reality: DNS lookups may appear instant due to caching, but propagation is constrained by several factors:

• TTL (Time to Live) values assigned to each record

• Intermediate caches in browsers, operating systems, and recursive resolvers

• Update intervals for authoritative nameservers

Even with low TTL settings, caches that already exist cannot be invalidated immediately. Medianova DNS minimizes propagation latency through fast Anycast-based resolvers and controlled TTL management per record.

Related: How DNS Works – Step by Step

“Changing DNS Records Moves Traffic Instantly”

Misconception: Updating a DNS record instantly redirects all active traffic.

Reality: DNS does not behave like a real-time routing protocol (e.g., BGP). Record updates only affect new DNS lookups, not ongoing sessions using cached data. Existing clients will continue to use the previous IP or CNAME value until their TTL expires.

To manage controlled transitions, Medianova recommends:

• Lowering TTL in advance of planned migrations

• Using temporary records to pre-warm caches

• Coordinating updates with CDN Resource or Redirect configuration changes

See Redirect and CNAME & SSL.

“CNAMEs Can Be Used Anywhere”

Misconception: CNAME records can be freely applied to any domain name.

Reality: CNAME cannot coexist with other record types (A, MX, TXT) for the same name. They are also not allowed at the zone apex (e.g., example.com) unless the DNS provider supports special record types like ALIAS or ANAME.

In Medianova DNS, CNAMEs are primarily used to map customer domains (e.g., cdn.yourdomain.com) to Medianova CDN hostnames (yourzonename.mncdn.com). Zone apex mapping should be handled via redirects or A records.

“DNS Is Secure by Default”

Misconception: DNS queries are protected against interception or tampering.

Reality: Traditional DNS operates in plaintext and offers no integrity or confidentiality. Without added security mechanisms, attackers can perform:

• DNS spoofing or cache poisoning

• Record hijacking

• Traffic interception through rogue resolvers

Medianova DNS supports security extensions such as DNSSEC, CAA, and TLSA to ensure query authenticity and HTTPS certificate validation.

“TTL Is Just a Performance Setting”

Misconception: TTL only affects caching speed and can be adjusted arbitrarily.

Reality: TTL is a critical operational parameter. Improper TTL management can:

• Extend the lifespan of outdated or incorrect records

• Prevent quick rollbacks during outages

• Delay failover routing updates

In Medianova DNS, TTL is configurable per record, allowing flexible trade-offs between performance and control. Short TTLs are recommended for frequently updated records such as Redirects or load-balancing CNAMEs.