How to Compare DNS Records Between Domains (And Why You Should)

Why Compare DNS Records?

DNS records are the foundation of how your domain operates on the internet. Every service — email, web hosting, CDN, security, verification — depends on specific DNS records being correctly configured. Comparing records between domains serves several critical purposes:

Domain Migration Planning

When migrating from an old domain to a new one, you need to replicate every DNS record that supports active services. A missing MX record means email stops working. A missing SPF record means your emails start failing authentication. A missing CNAME for your CDN means your website loads from the origin server instead of the edge. By comparing the source domain with the target domain, you can identify every record that still needs to be created before cutting over.

Competitive Analysis

DNS records reveal a surprising amount about how a domain operates. You can see which email provider a competitor uses (MX records), which CDN they use (CNAME records), whether they have email authentication configured (SPF, DKIM, DMARC in TXT records), and which third-party services they have verified (TXT verification records). Comparing your domain's records against a competitor's can highlight gaps in your own configuration.

Troubleshooting Differences

If you manage multiple domains that should have similar configurations (for example, regional variants like example.com and example.co.uk), comparing their DNS records helps you spot inconsistencies. One domain might be missing DMARC while the other has it. One might have outdated MX records pointing to a decommissioned server. These discrepancies cause subtle failures that are hard to diagnose without a direct comparison.

Post-Migration Verification

After completing a migration, compare the old and new domains to verify that all records were transferred correctly. This is especially important for complex DNS configurations with dozens of records spanning multiple subdomains.

Which DNS Records to Compare

Not all record types carry equal weight. Focus your comparison on these critical record types:

• MX Records — Define where email is delivered. Differences in MX records mean the two domains use different mail servers or providers. Missing MX records on the target domain during migration will cause complete email failure.
• A and AAAA Records — Point the domain to its web server. Different A records mean the domains are hosted on different servers or IPs. AAAA records indicate IPv6 support.
• CNAME Records — Aliases that point to other hostnames. Critical for CDN configuration, third-party service integration, and subdomain management.
• TXT Records — Contain SPF policies, DKIM public keys, DMARC policies, domain verification tokens, and other metadata. TXT records are often the most numerous and the most frequently misconfigured.
• NS Records — Identify the authoritative nameservers. Different NS records mean the domains are managed by different DNS providers.
• SOA Records — The Start of Authority record contains zone metadata including serial numbers and refresh intervals. Comparing SOA records can reveal configuration drift or stale zones.

For a deep dive into all DNS record types, see our guide on DNS Record Types Explained.

Using the DNS Compare Tool

Our DNS Compare tool makes side-by-side comparison effortless. Enter two domain names and the tool queries all major record types for both domains, presenting the results in a unified diff view. Records that exist on one domain but not the other are highlighted, and matching records are shown side by side for easy comparison.

The tool checks A, AAAA, MX, TXT, CNAME, NS, SOA, and CAA records for both domains simultaneously. For each record type, it shows the values from both domains and flags discrepancies. This is significantly faster than manually running DNS Lookup queries for each domain and each record type individually.

Common Discrepancies and What They Mean

Missing SPF Record on One Domain

If your source domain has an SPF record but the target does not, email sent from the target domain will fail SPF checks at receiving servers. This is the most common migration oversight and directly impacts deliverability.

Different MX Priorities

Even if both domains use the same mail provider, different MX priority values can affect failover behavior. A domain with a single MX at priority 10 handles failures differently than one with MX records at priorities 10, 20, and 30.

Missing DMARC Policy

If one domain has a DMARC record at _dmarc.example.com and the other does not, the unprotected domain is vulnerable to email spoofing. This is especially concerning for brands that operate multiple domains.

Stale Verification TXT Records

Domains often accumulate TXT records from past service verifications (Google Workspace, Microsoft 365, various SaaS tools). When comparing domains, you may notice one has verification records for services that are no longer in use. While these do not cause functional problems, they add clutter and can reveal your service history to anyone who queries your DNS.

Different CAA Records

CAA (Certificate Authority Authorization) records specify which CAs are allowed to issue certificates for your domain. If one domain has strict CAA records and the other has none, the unprotected domain could have unauthorized certificates issued.

Bulk DNS Comparison for Multiple Domains

If you manage a portfolio of domains, our Bulk DNS Lookup tool lets you query records for multiple domains at once. This is useful for auditing a fleet of domains to ensure consistent configuration. You can export the results and compare them offline or use the output as a checklist for standardization.

Best Practices for DNS Comparison

• Compare before and after migration. Run a comparison before starting migration to create a complete record inventory, and again after migration to verify completeness.
• Document expected differences. Not all discrepancies are problems. Different A records are expected if domains are on different servers. Document which differences are intentional.
• Check TTL values. Two domains can have the same records but different TTL values. Low TTLs on the source domain during migration allow faster rollback if issues arise.
• Include subdomains. Do not only compare the root domain. Check common subdomains like www, mail, and any application-specific subdomains.
• Schedule regular audits. DNS configuration drift happens over time as records are added, modified, and forgotten. Quarterly comparisons between related domains catch drift early.

Related Guides

• DNS Record Types Explained: A Complete Reference
• DNS Propagation Explained: Why Changes Take Time
• How to Check DNS Records for Any Domain