All Products
Search

This Product

    Domain Names:Update DNS servers

    Document Center

    Domain Names:Update DNS servers

    Last Updated:Jan 21, 2026

    This topic describes how to update the DNS server configuration for a domain name in the Alibaba Cloud Domain Names console. DNS servers respond to DNS queries for a domain name. Updating this configuration affects the domain name resolution service.

    Prerequisites

    To prevent service interruptions when you update DNS servers, you must first synchronize your DNS records.

    1. Synchronize DNS records: On your new DNS provider's platform, add your domain name and configure all necessary DNS records.

    2. Verify DNS resolution: You can run the following commands to query the new DNS server directly and check if it responds properly.

      # Replace yourdomain with your domain name.
# Replace ns1.alidns.com with the address of the new provider's DNS server.
dig @ns1.alidns.com yourdomain A
dig @ns1.alidns.com yourdomain MX

    3. Check and disable DNSSEC (skip this step if DNSSEC is not configured)

      Check whether Domain Name System Security Extensions (DNSSEC) is enabled for your domain name. If it is enabled, you must first delete the Delegation Signer (DS) record with your domain name registrar and then disable DNSSEC.

      # Use the dig command to check the DNSSEC status of your domain.
# If the response includes an RRSIG record, DNSSEC is enabled.
dig +dnssec yourdomain.com

    4. (Recommended) Lower the TTL: To reduce the wait time for updates or rollbacks to take effect, lower the Time-to-Live (TTL) value for critical DNS records, such as the A record and MX records for your primary site. Set the TTL to a small value, such as 300 or 600 seconds. Make this change 24 to 48 hours before you update the DNS servers. Wait for the old TTL to expire before you perform the update.

    Procedure

    Update DNS servers for a single domain name

    1. Log on to the Domain Names page. Find the target domain name and click Manage in the Actions column.

    2. In the navigation pane on the left, click DNS Server Change.

    3. On the DNS Server Change page, click Change DNS Server.

    4. Enter the target DNS server addresses and click Confirm.

    Batch update DNS servers for multiple domain names

    1. Log on to the Domain Names page.

    2. In the navigation pane on the left, choose Batch Operations > Common Batch Operations > DNS Server Change.

    3. On the DNS Server Change page, enter the Domain Names and Custom DNS. Then, submit the request and complete the email verification.

    4. On the Batch Operations Log page, check whether the operation was successful.

    Verify the update

    After you submit the update, you can run the following commands to monitor the propagation.

    # Replace yourdomain with your domain name.
# 1. Check if the registry's name server (NS) records have been updated to the new DNS server addresses.
dig yourdomain NS

# 2. Trace the full resolution path to confirm that requests are answered by the new DNS servers.
dig +trace yourdomain A

    Apply in production

    • We recommend performing this operation during off-peak hours and preparing a rollback plan beforehand.

    • When you update DNS servers, the propagation time depends on the TTL of the domain's NS records that are cached by local DNS servers. It may take 24 to 48 hours for the update to propagate worldwide.

    FAQ

    What is a domain's DNS server?

    A domain's DNS servers are servers that store and manage the Domain Name System (DNS) information for a specific domain. These servers hold various records for the domain, such as A records, which point a domain to an IPv4 address. Other records include AAAA records, which point a domain to an IPv6 address, MX records, which specify the mail servers for the domain, and CNAME records, which create aliases for a domain.

    After you register a domain name, you must configure its DNS servers to allow computers on the Internet to resolve the IP addresses and other information associated with it. Typically, when you purchase a domain name, you can use the default DNS servers provided by the domain name registrar. You can also set up your own DNS servers if you want more control over your DNS configuration.

    For example, if you own the domain name `example.com` and set its DNS servers to `ns1.example.com` and `ns2.example.com`, DNS resolvers worldwide will query these servers for records related to `example.com` or its subdomains, such as `www.example.com`. This process allows users to access your website, email services, and other resources.

    Important

    To ensure high availability and redundancy, we recommend that you configure at least two DNS servers. This way, if one server becomes unavailable, the other can serve as a backup to ensure that your domain name resolution service is not interrupted.

    Why can't I modify the domain's DNS address?

    You cannot modify DNS settings when a domain name is in its grace period, redemption period, or transfer period. To modify the DNS settings, you must renew the domain name or wait for the transfer to complete. For more information about how to renew a domain name, see Domain name renewal.

    Why are my DNS server updates not taking effect or causing access issues in some regions?

    This issue typically occurs for one of the following reasons:

    • Incorrect configuration on the new DNS servers: This is the most common cause. Log on to your new DNS provider's platform and check if all necessary DNS records, such as A, CNAME, and MX records, have been added for the domain name.

    • Local DNS cache: The local DNS resolver in your region or on your device may have cached the old NS records. DNS server updates can take up to 48 hours to propagate globally. You can wait for the propagation to complete or try to flush the local DNS cache.

    • Self-hosted DNS issues: If you use a self-hosted DNS server, check if your firewall allows traffic on port 53, ensure that the DNS service is running correctly, and verify the accuracy of the authoritative zone configuration.

    Can I use DNS services from multiple providers at the same time?

    Yes, you can, but this depends on your domain name registrar. If the registrar's interface for updating DNS servers lets you enter addresses from multiple providers, you can use them simultaneously. Domain names registered with Alibaba Cloud support this feature.

    What are the reasons for a failed DNS server update?

    • Because an invalid DNS cannot be modified, confirm that the DNS is valid.

    • The domain name has an update lock. You cannot modify the DNS servers when the domain status is `clientUpdateProhibited` or `serverUpdateProhibited`. You can check the domain status using a tool. The query result shows a Domain Name Status such as "Update prohibited by registrar".

      Solution:

      1. Log on to the Domain Names page. Find the domain name for which you want to disable the update lock and click Manage in the Actions column.

      2. In the navigation pane on the left, click Security Settings.

      3. You can click Disable for the Update Lock setting and complete the security authentication as prompted.

    How do I check the DNS server on my local machine?

    The following steps use Windows as an example:

    1. Open the command prompt. You can find it by searching for "cmd" or "Command Prompt" in the Start menu.

    2. Enter ipconfig /all and press Enter.

    3. In the output, find the "DNS Servers" line. The addresses listed are your DNS server addresses.

    Does my local machine have a DNS cache? How do I clear it?

    If a cache is present, purge it. The following example shows the commands for Windows:

    1. Open the command prompt as an administrator. You can do this by searching for "cmd" or "Command Prompt" in the Start menu, right-clicking it, and selecting "Run as administrator".

    2. Type ipconfig/flushdns and press Enter.

    3. If the operation is successful, a message appears that says "Successfully flushed the DNS Resolver Cache".