You finally finished redesigning your company's website on a brand new high-speed server. You proudly log into GoDaddy or Cloudflare, update the A Record to point to the new IP address, and click save. You hit refresh on your browser and... nothing happens. The old website is still loading.
DNS propagation is the period required for changes to a domain's DNS records to spread across all DNS servers worldwide. When you migrate a website—changing your hosting provider, updating nameservers, or modifying IP addresses—these changes don't happen instantly. Instead, they must ripple through the internet's distributed network of DNS servers, a process that typically takes 24-48 hours and can extend up to 72 hours in some cases .Think of it like updating your address with the post office: just because you've moved doesn't mean everyone who had your old address gets notified immediately. Similarly, DNS servers around the world cache (store) domain information to speed up browsing, and they only refresh this data when their cached copies expire.
DNS propagation is the period required for changes to a domain's DNS records to spread across all DNS servers worldwide. When you migrate a website—changing your hosting provider, updating nameservers, or modifying IP addresses—these changes don't happen instantly. Instead, they must ripple through the internet's distributed network of DNS servers, a process that typically takes 24-48 hours and can extend up to 72 hours in some cases .
Think of it like updating your address with the post office: just because you've moved doesn't mean everyone who had your old address gets notified immediately. Similarly, DNS servers around the world cache (store) domain information to speed up browsing, and they only refresh this data when their cached copies expire.
The Global Root Name Servers: The Internet's Foundation
At the very top of the DNS hierarchy sit the 13 logical root name servers, identified by letters A through M. These are the internet's master directory, operated by 12 independent organizations including VeriSign, NASA, the U.S. Army Research Lab, and international bodies like RIPE NCC and the WIDE Project.
At the very top of the DNS hierarchy sit the 13 logical root name servers, identified by letters A through M. These are the internet's master directory, operated by 12 independent organizations including VeriSign, NASA, the U.S. Army Research Lab, and international bodies like RIPE NCC and the WIDE Project.
The 13 Root Server Letters
Table Letter Operator IPv4 Address IPv6 Address Location A VeriSign, Inc. 198.41.0.4 2001:503:ba3e::2:30 Reston, Virginia, USA B USC-ISI 170.247.170.2 2801:1b8:10::b Los Angeles, California, USA C Cogent Communications 192.33.4.12 2001:500:2::c Washington, D.C., USA D University of Maryland 199.7.91.13 2001:500:2d::d College Park, Maryland, USA E NASA Ames Research Center 192.203.230.10 2001:500:a8::e Greenbelt, Maryland, USA F Internet Systems Consortium 192.5.5.241 2001:500:2f::f Cambridge, Massachusetts, USA G U.S. DOD NIC 192.112.36.4 2001:500:12::d0d Arlington, Virginia, USA H U.S. Army Research Lab 198.97.190.53 2001:500:1::53 Adelphi, Maryland, USA I Netnod 192.36.148.17 2001:7fe::53
Stockholm, Sweden J VeriSign, Inc. 192.58.128.30 2001:503:c27::2:30 Reston, Virginia, USA K RIPE NCC 193.0.14.129 2001:7fd::1 Amsterdam, Netherlands L ICANN 199.7.83.42 2001:500:9f::42 Los Angeles, California, USA M WIDE Project 202.12.27.33 2001:dc3::35 Tokyo, Japan
| Letter | Operator | IPv4 Address | IPv6 Address | Location |
|---|---|---|---|---|
| A | VeriSign, Inc. | 198.41.0.4 | 2001:503:ba3e::2:30 | Reston, Virginia, USA |
| B | USC-ISI | 170.247.170.2 | 2801:1b8:10::b | Los Angeles, California, USA |
| C | Cogent Communications | 192.33.4.12 | 2001:500:2::c | Washington, D.C., USA |
| D | University of Maryland | 199.7.91.13 | 2001:500:2d::d | College Park, Maryland, USA |
| E | NASA Ames Research Center | 192.203.230.10 | 2001:500:a8::e | Greenbelt, Maryland, USA |
| F | Internet Systems Consortium | 192.5.5.241 | 2001:500:2f::f | Cambridge, Massachusetts, USA |
| G | U.S. DOD NIC | 192.112.36.4 | 2001:500:12::d0d | Arlington, Virginia, USA |
| H | U.S. Army Research Lab | 198.97.190.53 | 2001:500:1::53 | Adelphi, Maryland, USA |
| I | Netnod | 192.36.148.17 | 2001:7fe::53 | Stockholm, Sweden |
| J | VeriSign, Inc. | 192.58.128.30 | 2001:503:c27::2:30 | Reston, Virginia, USA |
| K | RIPE NCC | 193.0.14.129 | 2001:7fd::1 | Amsterdam, Netherlands |
| L | ICANN | 199.7.83.42 | 2001:500:9f::42 | Los Angeles, California, USA |
| M | WIDE Project | 202.12.27.33 | 2001:dc3::35 | Tokyo, Japan |
The Anycast Illusion: 13 IPs, 1,700+ Servers
While there are only 13 logical root servers (limited by the 512-byte UDP packet size in original DNS protocol), there are actually over 1,700 physical server instances distributed across 130+ countries . This is achieved through IP Anycast, a routing technique where the same IP address is announced from multiple physical locations simultaneously. When you query a root server, you're automatically routed to the geographically closest instance—dramatically improving speed and resilience.The root servers contain the root zone file, a critical database listing all top-level domains (TLDs) like .com, .org, .net and their authoritative nameservers. This file is maintained by IANA (Internet Assigned Numbers Authority) and digitally signed with DNSSEC to prevent tampering.
While there are only 13 logical root servers (limited by the 512-byte UDP packet size in original DNS protocol), there are actually over 1,700 physical server instances distributed across 130+ countries . This is achieved through IP Anycast, a routing technique where the same IP address is announced from multiple physical locations simultaneously. When you query a root server, you're automatically routed to the geographically closest instance—dramatically improving speed and resilience.
The root servers contain the root zone file, a critical database listing all top-level domains (TLDs) like
.com, .org, .net and their authoritative nameservers. This file is maintained by IANA (Internet Assigned Numbers Authority) and digitally signed with DNSSEC to prevent tampering.Why Propagation Takes 24-48 Hours: The Caching Problem
The delay isn't a bug—it's a feature of the internet's design for efficiency and resilience. Here's why it takes time:
The delay isn't a bug—it's a feature of the internet's design for efficiency and resilience. Here's why it takes time:
1. The TTL (Time to Live) Mechanism
Every DNS record has a TTL value (measured in seconds) that tells servers how long to cache the information before refreshing. Common TTL settings:- Default: 24 hours (86,400 seconds)
- Pre-migration: Often lowered to 300 seconds (5 minutes) to speed up propagation
When you change your website's IP address, servers worldwide continue serving the old cached data until their TTL expires. If your TTL was set to 24 hours, some servers won't check for updates for a full day .
Every DNS record has a TTL value (measured in seconds) that tells servers how long to cache the information before refreshing. Common TTL settings:
- Default: 24 hours (86,400 seconds)
- Pre-migration: Often lowered to 300 seconds (5 minutes) to speed up propagation
When you change your website's IP address, servers worldwide continue serving the old cached data until their TTL expires. If your TTL was set to 24 hours, some servers won't check for updates for a full day .
2. The ISP Cache Problem
Internet Service Providers operate recursive DNS resolvers that cache DNS information for millions of users. Here's the critical issue: some ISPs ignore TTL values entirely and set their own refresh schedules—sometimes checking only every 2-3 days .
Internet Service Providers operate recursive DNS resolvers that cache DNS information for millions of users. Here's the critical issue: some ISPs ignore TTL values entirely and set their own refresh schedules—sometimes checking only every 2-3 days .
3. The Geographic Cascade
Consider a user in Bari, Italy trying to reach your newly migrated website hosted in Phoenix, USA. The query path might look like this :plain User's Computer → Local DNS Cache → Bari ISP → Rome Upstream →
Hamburg, Germany → New York, NY → Phoenix, AZ (Authoritative Server)
Each of these ISP nodes maintains its own cache with different refresh intervals. Your website might load correctly for users in Phoenix within minutes, while users in Europe see the old server for 24+ hours .
Consider a user in Bari, Italy trying to reach your newly migrated website hosted in Phoenix, USA. The query path might look like this :
plain
User's Computer → Local DNS Cache → Bari ISP → Rome Upstream →
Hamburg, Germany → New York, NY → Phoenix, AZ (Authoritative Server)Each of these ISP nodes maintains its own cache with different refresh intervals. Your website might load correctly for users in Phoenix within minutes, while users in Europe see the old server for 24+ hours .
4. Registry-Level Delays
Changes to nameserver (NS) records require updates at the TLD registry level (e.g., VeriSign for .com). These registries often impose their own TTLs of up to 48 hours to protect root servers from excessive query loads .
Changes to nameserver (NS) records require updates at the TLD registry level (e.g., VeriSign for
.com). These registries often impose their own TTLs of up to 48 hours to protect root servers from excessive query loads .Real-World Propagation Timeline
Table Region Typical Update Time Reason United States 6 hours Proximity to authoritative servers and major internet infrastructure Europe 12 hours Transatlantic routing and major IXPs (Internet Exchange Points) Asia/Australia 24-48 hours Greater physical distance and varied ISP caching policies
| Region | Typical Update Time | Reason |
|---|---|---|
| United States | 6 hours | Proximity to authoritative servers and major internet infrastructure |
| Europe | 12 hours | Transatlantic routing and major IXPs (Internet Exchange Points) |
| Asia/Australia | 24-48 hours | Greater physical distance and varied ISP caching policies |
Practical Example: Website Migration Scenario
Before Migration (Week Prior)
You lower your TTL values from 24 hours to 5 minutes to prepare for the switch:dns example.com. 300 IN A 192.0.2.100 ; Old server (TTL: 5 min)
www.example.com. 300 IN CNAME example.com.
You lower your TTL values from 24 hours to 5 minutes to prepare for the switch:
dns
example.com. 300 IN A 192.0.2.100 ; Old server (TTL: 5 min)
www.example.com. 300 IN CNAME example.com.Migration Day (Hour 0)
You update the A record to point to the new server:dns example.com. 300 IN A 203.0.113.50 ; New server
You update the A record to point to the new server:
dns
example.com. 300 IN A 203.0.113.50 ; New serverWhat Happens Next
Minutes 0-5:- Your authoritative DNS server immediately has the new IP
- Users whose ISP resolvers have expired caches see the new site immediately
- Users with cached data still see the old site
Hours 1-6:- Major US ISPs (Comcast, AT&T) refresh and pick up the new record
- Some users report seeing the new site, others see the old one
- Email may route to old or new server depending on MX record caching
Hours 12-24:- European ISPs update their caches
- Global consistency improves but pockets of old data remain
Hours 24-48:- Stubborn ISP caches with ignored TTLs finally refresh
- Asian and remote regions complete their updates
- Full propagation achieved
Minutes 0-5:
- Your authoritative DNS server immediately has the new IP
- Users whose ISP resolvers have expired caches see the new site immediately
- Users with cached data still see the old site
Hours 1-6:
- Major US ISPs (Comcast, AT&T) refresh and pick up the new record
- Some users report seeing the new site, others see the old one
- Email may route to old or new server depending on MX record caching
Hours 12-24:
- European ISPs update their caches
- Global consistency improves but pockets of old data remain
Hours 24-48:
- Stubborn ISP caches with ignored TTLs finally refresh
- Asian and remote regions complete their updates
- Full propagation achieved
Post-Migration (After 48 Hours)
Once propagation is complete, you should restore TTL values to 24 hours to reduce DNS query load and improve performance:dns example.com. 86400 IN A 203.0.113.50 ; New server (TTL: 24 hours)
Once propagation is complete, you should restore TTL values to 24 hours to reduce DNS query load and improve performance:
dns
example.com. 86400 IN A 203.0.113.50 ; New server (TTL: 24 hours)How to Check Propagation Status
Use these tools to monitor your DNS changes across global servers:- whatsmydns.net: Check A, CNAME, MX, and NS records from 20+ global locations
- MXToolbox: Comprehensive DNS lookup and diagnostics
- dig +trace: Command-line tool to see the full DNS delegation path
Use these tools to monitor your DNS changes across global servers:
- whatsmydns.net: Check A, CNAME, MX, and NS records from 20+ global locations
- MXToolbox: Comprehensive DNS lookup and diagnostics
- dig +trace: Command-line tool to see the full DNS delegation path
Command-Line Verification
bash # Check current resolution
nslookup example.com
# Trace the full DNS path
dig +trace example.com
# Check specific record type
dig example.com A
dig example.com MX
bash
# Check current resolution
nslookup example.com
# Trace the full DNS path
dig +trace example.com
# Check specific record type
dig example.com A
dig example.com MXBest Practices for Faster Propagation
- Lower TTL 24-48 hours before migration (set to 300-600 seconds)
- Maintain both old and new servers during the transition period to prevent downtime
- Schedule migrations during low-traffic hours (evenings/weekends)
- Use a high-quality DNS provider with anycast networks (like Cloudflare) for sub-minute propagation
- Clear local caches after changes: flush your browser cache and local DNS cache (
ipconfig /flushdns on Windows)
Understanding DNS propagation helps set realistic expectations during website migrations. While the 24-48 hour window can be frustrating, it's the trade-off for a globally distributed, resilient internet infrastructure that can withstand server failures and route around network outages.
- Lower TTL 24-48 hours before migration (set to 300-600 seconds)
- Maintain both old and new servers during the transition period to prevent downtime
- Schedule migrations during low-traffic hours (evenings/weekends)
- Use a high-quality DNS provider with anycast networks (like Cloudflare) for sub-minute propagation
- Clear local caches after changes: flush your browser cache and local DNS cache (
ipconfig /flushdnson Windows)
Understanding DNS propagation helps set realistic expectations during website migrations. While the 24-48 hour window can be frustrating, it's the trade-off for a globally distributed, resilient internet infrastructure that can withstand server failures and route around network outages.