# Medianova DNS Service

**Medianova DNS** is a fully managed authoritative DNS platform that provides Anycast-based reliability, API automation, and instant propagation.\
It supports standard and advanced record types, including DNSSEC validation, delegation control, and custom **REDIRECT** records for domain-level forwarding.

You can manage DNS configurations directly under **DNS → Domains** via the [Medianova Control Panel](https://cloud.medianova.com) 

### **Manage Domains and Records**

Each domain added under Medianova DNS corresponds to an authoritative DNS Zone hosted on Medianova’s nameservers.\
From **DNS → Domains**, you can:

* Add or remove domains.
* Create, update, or delete DNS records (A, AAAA, CNAME, MX, TXT, etc.).
* Set TTL values per record.
* Validate nameserver delegation for each zone.

When adding a new domain, Medianova can import existing records via **Quick Scan** or allow **Manual Entry** for full control.\
After configuration, update your registrar’s nameservers to:

* `ns1.medianova.com`
* `ns2.medianova.com`

After propagation, the domain becomes active on Medianova’s global Anycast network.

#### **Supported Record Types**

The table below lists all DNS record types supported by Medianova DNS, including standard, advanced, and security-related entries.

<table><thead><tr><th width="157">Record Type</th><th>Description</th><th>Example Usage</th></tr></thead><tbody><tr><td><strong>A</strong></td><td>Maps a hostname to an IPv4 address</td><td><code>example.com → 192.0.2.1</code></td></tr><tr><td><strong>AAAA</strong></td><td>Maps a hostname to an IPv6 address</td><td><code>example.com → 2001:db8::1</code></td></tr><tr><td><strong>CNAME</strong></td><td>Aliases one domain to another</td><td><code>www.example.com → example.com</code></td></tr><tr><td><strong>ALIAS</strong></td><td>Functions like CNAME but can be used at the zone apex</td><td><code>example.com → app.hosting.com</code></td></tr><tr><td><strong>MX</strong></td><td>Defines mail servers for the domain</td><td><code>10 mail.example.com</code></td></tr><tr><td><strong>TXT</strong></td><td>Stores text data such as SPF, DKIM, or verification values</td><td><code>v=spf1 include:_spf.google.com ~all</code></td></tr><tr><td><strong>NS</strong></td><td>Delegates the domain to authoritative nameservers</td><td><code>ns1.medianova.com</code></td></tr><tr><td><strong>SOA</strong></td><td>Defines zone authority and timing parameters</td><td><code>Serial, refresh, retry values</code></td></tr><tr><td><strong>SRV</strong></td><td>Specifies services and ports (e.g., SIP, XMPP)</td><td><code>_sip._tcp.example.com</code></td></tr><tr><td><strong>PTR</strong></td><td>Maps an IP address to a domain name (reverse DNS)</td><td><code>1.2.0.192.in-addr.arpa → example.com</code></td></tr><tr><td><strong>TLSA</strong></td><td>Associates a TLS certificate with a hostname and port</td><td>Used for DANE validation</td></tr><tr><td><strong>SSHFP</strong></td><td>Stores SSH key fingerprints for host verification</td><td><code>example.com → SHA256 fingerprint</code></td></tr><tr><td><strong>SPF</strong></td><td>Deprecated; now implemented using TXT records</td><td><code>v=spf1 ...</code> (in TXT)</td></tr><tr><td><strong>SVCB</strong></td><td>Defines service binding for modern protocols like HTTP/3</td><td>Used by browsers for routing</td></tr><tr><td><strong>HTTPS</strong></td><td>Specialized SVCB record optimized for HTTPS services</td><td>Defines browser connection parameters</td></tr><tr><td><strong>CAA</strong></td><td>Restricts which certificate authorities can issue certificates</td><td><code>0 issue "letsencrypt.org"</code></td></tr><tr><td><strong>DNAME</strong></td><td>Redirects an entire subdomain tree to another</td><td><code>sub.example.com → otherdomain.com</code></td></tr><tr><td><strong>AFSDB</strong></td><td>Identifies AFS (Andrew File System) servers</td><td><code>afs.example.com</code></td></tr><tr><td><strong>APL</strong></td><td>Defines IP address ranges for filtering</td><td>Used in access control lists</td></tr><tr><td><strong>CERT</strong></td><td>Stores digital certificates such as PGP or PKIX</td><td><code>CERT record data</code></td></tr><tr><td><strong>CDS</strong></td><td>Child DS record used for DNSSEC automation</td><td><code>Signals DS updates to parent</code></td></tr><tr><td><strong>CDNSKEY</strong></td><td>Child DNSKEY used in DNSSEC infrastructure</td><td>Related to CDS</td></tr><tr><td><strong>DNSKEY</strong></td><td>Public key for DNSSEC signature validation</td><td>Used to verify RRSIGs</td></tr><tr><td><strong>DS</strong></td><td>Delegation Signer linking to DNSKEY in parent zone</td><td>Required for DNSSEC</td></tr><tr><td><strong>CSYNC</strong></td><td>Synchronizes NS and A/AAAA records across zones</td><td>Used for automated zone replication</td></tr><tr><td><strong>HINFO</strong></td><td>Provides host information such as CPU or OS</td><td>Rarely used</td></tr><tr><td><strong>NAPTR</strong></td><td>Supports dynamic service discovery (e.g., VoIP)</td><td>Used with SRV</td></tr><tr><td><strong>OPENPGPKEY</strong></td><td>Publishes a PGP public key for a user ID</td><td>Used for encrypted email</td></tr><tr><td><strong>REDIRECT</strong></td><td>Medianova-specific record for domain-level forwarding</td><td>See Redirect</td></tr><tr><td><strong>RP</strong></td><td>Identifies the responsible person for the domain</td><td><code>hostmaster.example.com</code></td></tr><tr><td><strong>SMIMEA</strong></td><td>Binds S/MIME email certificates</td><td>Used for secure email</td></tr><tr><td><strong>URI</strong></td><td>Maps a domain name to a URI</td><td>Service locator</td></tr><tr><td><strong>ZONEMD</strong></td><td>Provides a checksum for zone data integrity</td><td>Used in DNS validation</td></tr><tr><td><strong>DHCID</strong></td><td>DHCP identity record for Dynamic DNS</td><td>Used for IPv4/IPv6 host validation</td></tr></tbody></table>

### **Delegation and Validation**

Delegation ensures your domain correctly points to Medianova’s authoritative nameservers.\
Propagation and query reliability depend on valid NS configurations.

**To validate delegation:**

* Confirm your registrar lists:
  * `ns1.medianova.com`
  * `ns2.medianova.com`
* Use **Check Zone** or **Validate Nameservers** in the Control Panel.
* API users can automate this via `/check-zone` and `/validate-nameservers` endpoints.

{% hint style="info" %}
Misconfigured delegation can delay updates or cause inconsistent lookups. Always revalidate after changes.
{% endhint %}

### **DNS API Integration**

Medianova DNS supports full REST API access for automation and infrastructure-as-code workflows.

**Capabilities:**

* Create and delete DNS zones
* Add, modify, or remove records
* Validate delegation
* Query DNS data programmatically

Explore the [DNS API Documentation](https://clients.medianova.com/api-documentation/dns).

### **Security and Reliability**

Medianova DNS is built on a globally distributed **Anycast network**, ensuring low-latency resolution and resilience.

**Core features:**

* Multi-region authoritative nodes with automatic route failover
* Support for DNSSEC, CAA, and TLSA
* Configurable TTL values for faster propagation
* Built-in DDoS mitigation via distributed query handling

{% hint style="info" %}
Medianova DNS is available to all customers with DNS management access in the Control Panel.\
Feature availability may vary depending on your service plan.
{% endhint %}