March 20, 2026

IPv6 and DNS: The Complete Guide to AAAA Records

IPv6 adoption is accelerating, and understanding how it integrates with DNS is essential for modern infrastructure. This guide covers everything from AAAA records and dual-stack configuration to IPv6 email delivery and common misconceptions.

What Is IPv6?

IPv6 (Internet Protocol version 6) is the latest version of the Internet Protocol, designed to replace IPv4. While IPv4 uses 32-bit addresses (about 4.3 billion unique addresses), IPv6 uses 128-bit addresses, providing a virtually unlimited address space of approximately 340 undecillion (3.4 x 10³⁸) unique addresses.

IPv6 addresses look different from IPv4. Instead of the familiar dotted-decimal format like 192.168.1.1, IPv6 uses hexadecimal notation separated by colons: 2001:0db8:85a3:0000:0000:8a2e:0370:7334. Leading zeros can be omitted and consecutive groups of zeros can be replaced with :: for brevity.

IPv4 vs IPv6: Key Differences

Understanding the differences between IPv4 and IPv6 is crucial for network administrators and anyone managing DNS infrastructure:

Address size: IPv4 uses 32 bits (4 bytes), giving roughly 4.3 billion addresses. IPv6 uses 128 bits (16 bytes), providing an essentially limitless pool.
Address format: IPv4 uses dotted decimal (203.0.113.50). IPv6 uses colon-separated hexadecimal (2001:db8::1).
NAT requirement: IPv4 networks heavily rely on NAT (Network Address Translation) due to address scarcity. IPv6 eliminates the need for NAT by providing enough addresses for every device to have a globally unique address.
Header simplification: IPv6 has a simplified header structure, which improves routing efficiency and reduces processing overhead on routers.
Built-in security: IPsec support is mandatory in IPv6 (optional in IPv4), providing native encryption and authentication capabilities.
DNS record type: IPv4 addresses use A records. IPv6 addresses use AAAA records (also called "quad-A" records).

What Are AAAA Records?

An AAAA record (pronounced "quad-A") is a DNS record type that maps a domain name to an IPv6 address. It is the IPv6 equivalent of the A record, which maps domains to IPv4 addresses. The name "AAAA" reflects the fact that an IPv6 address is four times the size of an IPv4 address (128 bits vs 32 bits).

For example, a domain might have both of these DNS records:

A record: example.com → 93.184.216.34
AAAA record: example.com → 2606:2800:220:1:248:1893:25c8:1946

When a client (browser, email server, etc.) resolves a domain name, it can request both A and AAAA records. If both exist, the client typically prefers IPv6 using a mechanism called Happy Eyeballs (RFC 8305), which races both connections and uses whichever responds first.

How to Check If Your Domain Supports IPv6

The easiest way to check whether your domain has IPv6 support is to look up its AAAA records. If AAAA records exist, your domain resolves over IPv6. If only A records are present, your domain is IPv4-only.

Use our AAAA Lookup tool to instantly check whether any domain has AAAA records configured. You can also use our DNS Lookup tool to see all DNS record types for a domain at once.

For a comprehensive view of your domain's DNS health, including IPv6 readiness, try our Domain Health Checker.

Setting Up AAAA Records

Adding AAAA records to your domain is straightforward if your hosting provider supports IPv6:

Get your IPv6 address. Check with your hosting provider or server configuration for the IPv6 address assigned to your server. It will look something like 2001:db8:1::50.
Log in to your DNS provider. Access the DNS management panel for your domain (e.g., Cloudflare, Namecheap, Route 53).
Add a new AAAA record. Set the name to @ (or your subdomain) and the value to your IPv6 address. Set the TTL to your preferred value (3600 seconds is a common default).
Verify propagation. Use our DNS Propagation Checker to confirm your AAAA record has propagated globally. DNS changes can take anywhere from a few minutes to 48 hours.

Dual-Stack Configuration

Dual-stack means running both IPv4 and IPv6 simultaneously on your infrastructure. This is the recommended approach during the IPv6 transition period, as it ensures your services are reachable by clients on both protocols.

To implement dual-stack DNS, you simply publish both A and AAAA records for the same domain name. Your web server, mail server, and other services must be configured to listen on both IPv4 and IPv6 interfaces. Most modern server software (Apache, Nginx, Postfix, etc.) supports this out of the box.

Key considerations for dual-stack:

Ensure your firewall rules cover both IPv4 and IPv6. A common mistake is configuring firewall rules only for IPv4, leaving IPv6 services unprotected.
Monitor both protocols independently. An outage on one protocol may not affect the other, making issues harder to detect.
Update your SPF records to include IPv6 addresses using the ip6: mechanism if your mail server sends over IPv6.
Verify reverse DNS (PTR records) are configured for your IPv6 addresses, especially for mail servers.

IPv6 and Email Delivery

IPv6 is increasingly relevant for email infrastructure, but it comes with unique challenges:

Stricter spam filtering: Major email providers like Gmail apply stricter anti-spam policies to email sent over IPv6. This is because the vast IPv6 address space makes it easy for spammers to rotate through addresses. Senders must have impeccable DMARC, SPF, and DKIM configuration.
PTR records are mandatory: Mail servers sending over IPv6 must have valid reverse DNS (PTR) records. Without them, most receiving servers will reject the connection outright.
MX record considerations: Your MX records point to hostnames, not IP addresses. If those hostnames have AAAA records, sending servers may attempt delivery over IPv6 automatically.
Reputation building: IPv6 address reputation is still maturing. If you are new to sending email over IPv6, warm up your IPv6 addresses gradually, just as you would with new IPv4 addresses.

Common IPv6 Misconceptions

Despite growing adoption, several myths about IPv6 persist:

"IPv6 is not needed yet." IPv4 address exhaustion is real. ARIN, RIPE, and other RIRs have already depleted their free IPv4 pools. IPv6 is not optional — it is the future of the internet.
"IPv6 is inherently more secure." While IPv6 mandates IPsec support, this does not mean it is automatically more secure. Misconfigured IPv6 networks can be just as vulnerable as IPv4. Security depends on proper configuration, monitoring, and TLS/SSL implementation.
"IPv6 breaks existing services." Modern operating systems, applications, and hosting providers fully support IPv6. Dual-stack deployment ensures backward compatibility with IPv4 while adding IPv6 support.
"You need to choose IPv4 or IPv6." You do not. Dual-stack is the standard approach — run both protocols simultaneously and let clients choose the best path.
"IPv6 addresses are hard to manage." While they look longer, IPv6 addressing is actually more logical. Subnetting is simpler, SLAAC (Stateless Address Autoconfiguration) reduces manual work, and modern tools handle IPv6 natively. Our Subnet Calculator supports both IPv4 and IPv6.

March 20, 2026

IPv6 and DNS: The Complete Guide to AAAA Records

What Is IPv6?

IPv4 vs IPv6: Key Differences

Understanding the differences between IPv4 and IPv6 is crucial for network administrators and anyone managing DNS infrastructure:

Address size: IPv4 uses 32 bits (4 bytes), giving roughly 4.3 billion addresses. IPv6 uses 128 bits (16 bytes), providing an essentially limitless pool.
Address format: IPv4 uses dotted decimal (203.0.113.50). IPv6 uses colon-separated hexadecimal (2001:db8::1).
NAT requirement: IPv4 networks heavily rely on NAT (Network Address Translation) due to address scarcity. IPv6 eliminates the need for NAT by providing enough addresses for every device to have a globally unique address.
Header simplification: IPv6 has a simplified header structure, which improves routing efficiency and reduces processing overhead on routers.
Built-in security: IPsec support is mandatory in IPv6 (optional in IPv4), providing native encryption and authentication capabilities.
DNS record type: IPv4 addresses use A records. IPv6 addresses use AAAA records (also called "quad-A" records).

What Are AAAA Records?

For example, a domain might have both of these DNS records:

A record: example.com → 93.184.216.34
AAAA record: example.com → 2606:2800:220:1:248:1893:25c8:1946

How to Check If Your Domain Supports IPv6

Use our AAAA Lookup tool to instantly check whether any domain has AAAA records configured. You can also use our DNS Lookup tool to see all DNS record types for a domain at once.

For a comprehensive view of your domain's DNS health, including IPv6 readiness, try our Domain Health Checker.

Setting Up AAAA Records

Adding AAAA records to your domain is straightforward if your hosting provider supports IPv6:

Get your IPv6 address. Check with your hosting provider or server configuration for the IPv6 address assigned to your server. It will look something like 2001:db8:1::50.
Log in to your DNS provider. Access the DNS management panel for your domain (e.g., Cloudflare, Namecheap, Route 53).
Add a new AAAA record. Set the name to @ (or your subdomain) and the value to your IPv6 address. Set the TTL to your preferred value (3600 seconds is a common default).
Verify propagation. Use our DNS Propagation Checker to confirm your AAAA record has propagated globally. DNS changes can take anywhere from a few minutes to 48 hours.

Dual-Stack Configuration

Key considerations for dual-stack:

Ensure your firewall rules cover both IPv4 and IPv6. A common mistake is configuring firewall rules only for IPv4, leaving IPv6 services unprotected.
Monitor both protocols independently. An outage on one protocol may not affect the other, making issues harder to detect.
Update your SPF records to include IPv6 addresses using the ip6: mechanism if your mail server sends over IPv6.
Verify reverse DNS (PTR records) are configured for your IPv6 addresses, especially for mail servers.

IPv6 and Email Delivery

IPv6 is increasingly relevant for email infrastructure, but it comes with unique challenges:

Stricter spam filtering: Major email providers like Gmail apply stricter anti-spam policies to email sent over IPv6. This is because the vast IPv6 address space makes it easy for spammers to rotate through addresses. Senders must have impeccable DMARC, SPF, and DKIM configuration.
PTR records are mandatory: Mail servers sending over IPv6 must have valid reverse DNS (PTR) records. Without them, most receiving servers will reject the connection outright.
MX record considerations: Your MX records point to hostnames, not IP addresses. If those hostnames have AAAA records, sending servers may attempt delivery over IPv6 automatically.
Reputation building: IPv6 address reputation is still maturing. If you are new to sending email over IPv6, warm up your IPv6 addresses gradually, just as you would with new IPv4 addresses.

Common IPv6 Misconceptions

Despite growing adoption, several myths about IPv6 persist:

"IPv6 is not needed yet." IPv4 address exhaustion is real. ARIN, RIPE, and other RIRs have already depleted their free IPv4 pools. IPv6 is not optional — it is the future of the internet.
"IPv6 is inherently more secure." While IPv6 mandates IPsec support, this does not mean it is automatically more secure. Misconfigured IPv6 networks can be just as vulnerable as IPv4. Security depends on proper configuration, monitoring, and TLS/SSL implementation.
"IPv6 breaks existing services." Modern operating systems, applications, and hosting providers fully support IPv6. Dual-stack deployment ensures backward compatibility with IPv4 while adding IPv6 support.
"You need to choose IPv4 or IPv6." You do not. Dual-stack is the standard approach — run both protocols simultaneously and let clients choose the best path.
"IPv6 addresses are hard to manage." While they look longer, IPv6 addressing is actually more logical. Subnetting is simpler, SLAAC (Stateless Address Autoconfiguration) reduces manual work, and modern tools handle IPv6 natively. Our Subnet Calculator supports both IPv4 and IPv6.