DNS Record Types
From Realm Business Systems
Jump to navigationJump to search
Resource Records
| Code | Number | Defining RFC | Description | Function |
|---|---|---|---|---|
A
|
1 | RFC 1035 | address record | Returns a 32-bit IPv4 address, most commonly used to map hostnames to an IP address of the host, but also used for DNSBLs, storing subnet masks in RFC 1101, etc. |
AAAA
|
28 | RFC 3596 | IPv6 address record | Returns a 128-bit IPv6 address, most commonly used to map hostnames to an IP address of the host. |
AFSDB
|
18 | RFC 1183 | AFS database record | Location of database servers of an Andrew File System (AFS) cell. This record is commonly used by AFS clients to contact AFS cells outside their local domain. A subtype of this record is used by the obsolete DCE Distributed File System (DCE/DFS) file system. |
CERT |
37 | RFC 4398 | Certificate record | Stores PKIX, SPKI, Pretty Good Privacy (PGP), etc. |
| CNAME | 5 | RFC 1035 | Canonical name record | Alias of one name to another: the DNS lookup will continue by retrying the lookup with the new name. |
DHCID |
49 | RFC 4701 | DHCP identifier | Used in conjunction with the FQDN option to DHCP |
DLV |
32769 | RFC 4431 | DNSSEC Lookaside Validation record | For publishing DNSSEC trust anchors outside of the DNS delegation chain. Uses the same format as the DS record. RFC 5074 describes a way of using these records. |
| DNAME record (DNAME) | 39 | RFC 2672 | delegation name | DNAME will delegate an entire portion of the DNS tree under a new name. In contrast, the CNAME record creates an alias of a single name. Like the CNAME record, the DNS lookup will continue by retrying the lookup with the new name. |
DNSKEY |
48 | RFC 4034 | DNS Key record | The key record used in DNSSEC. Uses the same format as the KEY record. |
DS |
43 | RFC 4034 | Delegation signer | The record used to identify the DNSSEC signing key of a delegated zone |
| Host Identity Protocol (HIP) | 55 | RFC 5205 | Host Identity Protocol | Method of separating the end-point identifier and locator roles of IP addresses. |
IPSECKEY |
45 | RFC 4025 | IPSEC Key | Key record that can be used with IPSEC |
KEY |
25 | RFC 4034 | Key record | Used only for TKEY (RFC 2930). Before RFC 3755 was published, this was also used for DNSSEC, but DNSSEC now uses DNSKEY. |
| LOC record (LOC) | 29 | RFC 1876 | Location record | Specifies a geographical location associated with a domain name |
| MX record (MX) | 15 | RFC 1035 | mail exchange record | Maps a domain name to a list of mail exchange servers for that domain |
| NAPTR record (NAPTR) | 35 | RFC 3403 | Naming Authority Pointer | Allows regular expression based rewriting of domain names which can then be used as URIs, further domain names to lookups, etc. |
NS
|
2 | RFC 1035 | name server record | Delegates a DNS zone to use the given authoritative name servers |
NSEC |
47 | RFC 4034 | Next-Secure record | Part of DNSSEC—used to prove a name does not exist. Uses the same format as the (obsolete) NXT record. |
NSEC3 |
50 | RFC 5155 | NSEC record version 3 | An extension to DNSSEC that allows proof of nonexistence for a name without permitting zonewalking |
NSEC3PARAM |
51 | RFC 5155 | NSEC3 parameters | Parameter record for use with NSEC3 |
PTR
|
12 | RFC 1035 | pointer record | DNS-SD. |
RRSIG |
46 | RFC 4034 | DNSSEC signature | Signature for a DNSSEC-secured record set. Uses the same format as the SIG record. |
SIG |
24 | RFC 2535 | Signature | Signature record used in SIG(0) (RFC 2931). Until RFC 3755 was published, the SIG record was part of DNSSEC; now RRSIG is used for that. |
SOA
|
6 | RFC 1035 | start of authority record | Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone. |
| Sender Policy Framework (SPF) | 99 | RFC 4408 | SPF record | Specified as part of the SPF protocol, as an alternative to storing SPF data in TXT records. Uses the same format as the TXT record. |
| SRV | 33 | RFC 2782 | Service locator | Generalized service location record, used for newer protocols instead of creating protocol-specific records such as MX. |
SSHFP
|
44 | RFC 4255 | SSH Public Key Fingerprint | Resource record for publishing Secure Shell (SSH) public host key fingerprints in the DNS System, in order to aid in verifying the authenticity of the host. |
TA |
32768 | None | DNSSEC Trust Authorities | Part of a deployment proposal for DNSSEC without a signed DNS root. See the IANA database and Weiler Spec] for details. Uses the same format as the DS record. |
TXT
|
16 | RFC 1035 | Text record | DNS-SD, etc. |
