·7 min read

How to Migrate DNS Between Providers Without Downtime

Moving your DNS from one provider to another is one of those tasks that sounds simple but can go wrong in ways that take your website, email, and every connected service offline. The good news: with the right preparation, you can migrate cleanly with zero downtime. Here is the complete process.

Before you start: export your records

The first step in any DNS migration is to get a complete snapshot of your current records. You need every single record — not just the ones you remember setting up. Missing a single MX record breaks email. Missing a TXT record can disable your SPF policy and send your outbound email straight to spam.

Use ZonePeek to look up your domain and get all records at once. Select every record in the results, then export them as a BIND zone file. This gives you a machine-readable backup that most DNS providers can import directly.

Pre-migration checklist

  • Export all DNS records (A, AAAA, CNAME, MX, TXT, NS, SOA, SRV, CAA)
  • Note the current TTL values for each record
  • Identify all services that depend on DNS (website, email, subdomains, APIs)
  • Check for DKIM and SPF records — these are easy to miss
  • Verify CAA records if you use SSL certificates
  • Document your current name server addresses
  • Lower TTL values to 300 seconds (48 hours before migration)

Step 1: Set up the new provider

Create your domain zone at the new DNS provider. Most providers (Cloudflare, AWS Route 53, DigitalOcean, Vercel) allow you to import a zone file. If you exported from ZonePeek, you can often paste or upload the zone file directly.

If the provider does not support zone file import, you will need to recreate each record manually. Go through your exported list record by record. Pay special attention to:

  • MX records — get the priority values right, or email delivery order breaks
  • TXT records — copy the exact value including quotes, especially for SPF and DKIM
  • CNAME records — some providers do not allow CNAME at the root domain (use ALIAS or ANAME instead)
  • SRV records — these have priority, weight, and port fields that must be exact

Step 2: Verify before switching

Before you change your name servers, verify that the new provider is serving the correct records. Most providers give you temporary name server addresses you can query directly using command-line tools like dig or nslookup.

Query the new name server directly

dig @ns1.newprovider.com example.com A

Compare the results against your exported records. Every record type should match. If something is missing or different, fix it now — before you switch name servers.

Step 3: Update your name servers

Name server changes are made at your domain registrar (where you bought the domain), not at your DNS provider. Log in to your registrar and update the name server records to point to the new provider.

Name server changes can take up to 48 hours to propagate fully, though most resolvers pick up the change within 1-4 hours. During this window, some resolvers will query the old provider while others query the new one. This is why it is critical that both providers have identical records during the transition period.

Do not delete records from the old provider yet. Keep them in place until you are certain the name server change has propagated to all major resolvers. Running both providers in parallel during the transition prevents any gaps in service.

Step 4: Monitor and verify

After updating name servers, monitor the migration:

  1. Use ZonePeek to check NS records — once they show the new provider's name servers, the switch is taking effect
  2. Verify A and AAAA records point to the correct IP addresses
  3. Send a test email to verify MX records are working
  4. Check your website loads correctly on both desktop and mobile
  5. Verify SSL certificate issuance still works (check CAA records)
  6. Test any subdomains that point to separate services

Step 5: Clean up

Once the migration is confirmed working (wait at least 48-72 hours), you can:

  • Raise TTL values back to normal (3600-86400 seconds)
  • Remove the zone from the old DNS provider
  • Update any documentation or runbooks that reference the old provider
  • Store your zone file export as a backup — you will thank yourself next time you migrate

If something goes wrong: rollback plan

If the migration causes issues, you can roll back by changing the name servers at your registrar back to the old provider. As long as you did not delete records from the old provider, everything will revert to the previous state as resolvers pick up the original name servers.

This is why step one — exporting all records before you start — is so important. If your old provider deleted your zone after you migrated away, your export is the only way to reconstruct it.

Key takeaways

  • Always export a complete record of your DNS before migrating
  • Lower TTL values 48 hours before the switch to speed up propagation
  • Set up and verify all records on the new provider before changing name servers
  • Keep both providers running in parallel during the transition
  • Monitor with multiple resolvers to confirm propagation
  • Wait 48-72 hours before cleaning up the old provider
← SPF, DKIM & DMARCAll posts →