DNS changes shouldn't require split shifts and crossed fingers

Changes are grouped into named deployments with ticket tracking. Multiple records — creates, updates, deletes — are batched as a unit. Deployments can be scheduled for maintenance windows or executed immediately with real-time progress tracking.

“Who changed this and why?” should never be a mystery. The audit trail is the documentation. Any change should be reversible — not through panic and hope, but through a structured rollback with full visibility into what will be affected.

• Connectivity — is the DNS provider reachable?
• Zone existence — does the target zone exist and is it accessible?
• Record existence — for updates and deletes, is the record still there?
• Drift detection — has someone modified the record since the change was planned?
• Content validation — will the provider accept these values (type-specific rules)?
• Conflict detection — will this change break existing records (CNAME singletons, duplicates)?
• Rollback readiness — is enough state captured to reverse this change if needed?

Every check should return pass, warning, or error. Errors must block deployment. Warnings are at the operator’s discretion.

• Deployment progress — which items have been applied, which are pending, which failed
• Propagation status — confirmation that records are live and resolving correctly after deployment
• Change broadcasts — in multi-user environments, every DNS change, deployment status transition, and cache refresh must be visible to all connected operators in real time

Observability turns firefighting into engineering. When you can see what’s happening, you can respond before it becomes an incident.

• Record protection — critical records should be shielded from accidental modification
• Conflict detection — CNAME conflicts, duplicate records, and type collisions must be caught before they cause outages
• Drift detection — operators should be warned when a record has been modified since they loaded it
• Rollback with impact analysis — reversing a deployment should show which downstream deployments would be affected, which records were modified externally, and exactly what the rollback will restore
• Duplicate prevention — the same record should not be deployable twice in overlapping change windows

Fear-driven after-hours changes are a symptom of unsafe processes. Good guardrails enable confidence during business hours.

No more context-switching between provider-specific dashboards, CLIs, and management consoles. Learn one workflow, apply it to every DNS backend in your infrastructure.

The architecture should be provider-agnostic: a standardized interface that each DNS backend implements, so adding a new provider doesn’t require changing the deployment pipeline, the audit system, or the guardrails.

A deployment rollback should show the operator exactly what will happen before it happens:

• Which items will be reversed (and how — delete, restore, or recreate)
• Which records were modified by later deployments (cascading risk)
• Which records were changed outside the tool (external drift)
• Which items can’t be rolled back (insufficient state captured)

Confirm, and every item is reversed in the correct order with a full audit trail. Individual record rollback should also be available from the audit log for surgical corrections.

For individuals and small teams: The tool works standalone with no infrastructure requirements. Full guardrails, audit trail, and deployment pipeline running locally.

For organizations: A server component adds multi-user collaboration with shared state, role-based access control, directory service authentication (LDAP/Active Directory), scheduled deployments that execute unattended, real-time synchronization across all connected operators, and an administrative interface for user and connection management.

The transition from individual to organizational use should not require re-learning the tool or migrating data formats.