Sei sulla pagina 1di 14

Not logged in Talk Contributions Create account Log in

Article Talk Read Edit View history Search Wikipedia

List of DNS record types


From Wikipedia, the free encyclopedia

Main page This list of DNS record types is an overview of resource records (RRs) permissible in zone files
Contents of the Domain Name System (DNS). It also contains pseudo-RRs.
Featured content
Current events Contents
Random article 1 Resource records
Donate to Wikipedia 2 Other types and pseudo resource records
Wikipedia store 3 Obsolete record types
4 Further reading
Interaction
5 References
Help
About Wikipedia
Community portal
Recent changes
Resource records [edit]

Contact page
Type id. Defining
Type Description Function
Tools (decimal) RFC
What links here Returns a 32-bit IPv4 address, most
Related changes
commonly used to map hostnames to
Upload file
[1]
Address
A 1 RFC 1035 an IP address of the host, but it is
Special pages record
open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
Special pages record
Permanent link also used for DNSBLs, storing subnet
Page information masks in RFC 1101 , etc.
Wikidata item
Returns a 128-bit IPv6 address, most
Cite this page [2]
IPv6 address
AAAA 28 RFC 3596 commonly used to map hostnames to
record
Print/export an IP address of the host.
Create a book Location of database servers of an
Download as PDF AFS cell. This record is commonly
Printable version AFS
used by AFS clients to contact AFS
AFSDB 18 RFC 1183 database
Languages cells outside their local domain. A
record
Deutsch subtype of this record is used by the
Espaol obsolete DCE/DFS file system.
Esperanto Specify lists of address ranges, e.g.
Franais Address
APL 42 RFC 3123 in CIDR format, for various address
Italiano Prefix List
families. Experimental.
Magyar
Certification DNS Certification Authority
CAA 257 RFC 6844 Authority Authorization, constraining

Authorization acceptable CAs for a host/domain
Edit links
Child Child copy of DNSKEY record, for
CDNSKEY 60 RFC 7344
DNSKEY transfer to parent
Child copy of DS record, for transfer
CDS 59 RFC 7344 Child DS
to parent
Certificate
CERT 37 RFC 4398 Stores PKIX, SPKI, PGP, etc.
record
Alias of one name to another: the
[1]
Canonical
open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
[1]
Canonical
CNAME 5 RFC 1035 DNS lookup will continue by retrying
name record
the lookup with the new name.
DHCP Used in conjunction with the FQDN
DHCID 49 RFC 4701
identifier option to DHCP
For publishing DNSSEC trust
DNSSEC anchors outside of the DNS
Lookaside delegation chain. Uses the same
DLV 32769 RFC 4431
Validation format as the DS record. RFC
record 5074 describes a way of using
these records.
Alias for a name and all its
subnames, unlike CNAME, which is
an alias for only the exact name. Like
DNAME 39 RFC 6672
a CNAME record, the DNS lookup will
continue by retrying the lookup with
the new name.
The key record used in DNSSEC.
DNS Key
DNSKEY 48 RFC 4034 Uses the same format as the KEY
record
record.
The record used to identify the
Delegation
DS 43 RFC 4034 DNSSEC signing key of a delegated
signer
zone
Method of separating the end-point
Host Identity
HIP 55 RFC 8005 identifier and locator roles of IP
Protocol
open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
Protocol
addresses.
Key record that can be used with
IPSECKEY 45 RFC 4025 IPsec Key
IPsec
Used only for SIG(0) (RFC 2931 )
and TKEY (RFC 2930 ).[5] RFC
3445 eliminated their use for
RFC 2535 [3] application keys and limited their use
KEY 25 and RFC Key record to DNSSEC.[6] RFC 3755
2930 [4] designates DNSKEY as the
replacement within DNSSEC.[7] RFC
4025 designates IPSECKEY as the
replacement for use with IPsec.[8]
Used with some cryptographic
systems (not including DNSSEC) to
identify a key management agent for
Key the associated domain-name. Note
KX 36 RFC 2230 Exchanger that this has nothing to do with DNS
record Security. It is Informational status,
rather than being on the IETF
standards-track. It has always had
limited deployment, but is still in use.
Location Specifies a geographical location
LOC 29 RFC 1876
record associated with a domain name
RFC 1035 [1] Mail Maps a domain name to a list of
MX 15 and RFC exchange message transfer agents for that
open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
7505 record domain
Allows regular-expression-based
Naming
rewriting of domain names which can
NAPTR 35 RFC 3403 Authority
then be used as URIs, further domain
Pointer
names to lookups, etc.

[1]
Name server Delegates a DNS zone to use the
NS 2 RFC 1035
record given authoritative name servers
Part of DNSSECused to prove a
Next Secure
NSEC 47 RFC 4034 name does not exist. Uses the same
record
format as the (obsolete) NXT record.
Next Secure An extension to DNSSEC that allows
NSEC3 50 RFC 5155 record proof of nonexistence for a name
version 3 without permitting zonewalking
NSEC3
NSEC3PARAM 51 RFC 5155 Parameter record for use with NSEC3
parameters
Pointer to a canonical name. Unlike a
CNAME, DNS processing stops and

[1]
Pointer just the name is returned. The most
PTR 12 RFC 1035
record common use is for implementing
reverse DNS lookups, but other uses
include such things as DNS-SD.
Signature for a DNSSEC-secured
DNSSEC
RRSIG 46 RFC 4034 record set. Uses the same format as
signature
the SIG record.
open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
Information about the responsible
Responsible person(s) for the domain. Usually an
RP 17 RFC 1183
Person email address with the @ replaced by
a.
Signature record used in SIG(0)
(RFC 2931 ) and TKEY (RFC
SIG 24 RFC 2535 Signature 2930 ).[7] RFC 3755 designated
RRSIG as the replacement for SIG
for use within DNSSEC.[7]
Specifies authoritative information

[1]
Start of [a about a DNS zone, including the
RFC 1035
zone of] primary name server, the email of the
SOA 6 and RFC
[9]
authority domain administrator, the domain
2308
record serial number, and several timers
relating to refreshing the zone.
Generalized service location record,
Service used for newer protocols instead of
SRV 33 RFC 2782
locator creating protocol-specific records
such as MX.
Resource record for publishing SSH
public host key fingerprints in the
DNS System, in order to aid in
SSH Public
verifying the authenticity of the host.
SSHFP 44 RFC 4255 Key
RFC 6594 defines ECC SSH keys
Fingerprint
and SHA-256 hashes. See the IANA
open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
SSHFP RR parameters registry for
details.
Part of a deployment proposal for
DNSSEC DNSSEC without a signed DNS root.
TA 32768 N/A Trust See the IANA database and Weiler
Authorities Spec for details. Uses the same
format as the DS record.
A method of providing keying
Transaction material to be used with TSIG that is
TKEY 249 RFC 2930
Key record encrypted under the public key in an
accompanying KEY RR.[10]
A record for DNS-based
Authentication of Named Entities
(DANE). RFC 6698 defines "The
TLSA TLSA DNS resource record is used
TLSA 52 RFC 6698 certificate to associate a TLS server certificate
association or public key with the domain name
where the record is found, thus
forming a 'TLSA certificate
association'".
Can be used to authenticate dynamic
updates as coming from an approved
Transaction client, or to authenticate responses
TSIG 250 RFC 2845
Signature as coming from an approved
recursive name server[11] similar to
open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
recursive name server similar to
DNSSEC.
Originally for arbitrary human-
readable text in a DNS record. Since
the early 1990s, however, this record

[1]
more often carries machine-readable
TXT 16 RFC 1035 Text record
data, such as specified by RFC
1464 , opportunistic encryption,
Sender Policy Framework, DKIM,
DMARC, DNS-SD, etc.
Uniform
Can be used for publishing mappings
URI 256 RFC 7553 Resource
from hostnames to URIs.
Identifier

Other types and pseudo resource records [edit]

Other types of records simply provide some types of information (for example, an HINFO record
gives a description of the type of computer/OS a host uses), or others return data used in
experimental features. The "type" field is also used in the protocol for various operations.

Type Defining
Type Description Function
id. RFC
Returns all records of all types known to the name
server. If the name server does not have any
information on the name, the request will be
forwarded on. The records returned may not be
[1]
All cached
open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
[1]
All cached
* 255 RFC 1035 complete. For example, if there is both an A and an
records
MX for a name, but the name server has only the A
record cached, only the A record will be returned.
Sometimes referred to as "ANY", for example in
Windows nslookup and Wireshark.
Authoritative
[1]
Transfer entire zone file from the master name
AXFR 252 RFC 1035 Zone
server to secondary name servers.
Transfer
Requests a zone transfer of the given zone but only
differences from a previous serial number. This
Incremental
request may be ignored and a full (AXFR) sent in
IXFR 251 RFC 1996 Zone
response if the authoritative server is unable to
Transfer
fulfill the request due to configuration or lack of
required deltas.
This is a "pseudo DNS record type" needed to
OPT 41 RFC 6891 Option
support EDNS

Obsolete record types [edit]

Progress has rendered some of the originally defined record-types obsolete. Of the records listed
at IANA, some have limited use, for various reasons. Some are marked obsolete in the list, some
are for very obscure services, some are for older versions of services, and some have special
notes saying they are "not right".

Type Defining Obsoleted


Type Description
id. RFC by
open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
MD 3
Obsoleted
Obsoleted by RFC 973 : MD(3), MF (4), MAILA
MF 4 RFC 973 by: 1034,
(254)
MAILA 254 1035

Records to publish mailing list subscriber lists in


the DNS: MB(7), MG(8), MR(9), MINFO(14),
MB 7
Obsoleted MAILB (253). The intent, as specified by RFC
MG 8 by: 1034, 883 , was for MB to replace the SMTP VRFY
RFC 883 , 1035 command, MG to replace the SMTP EXPN
MR 9
RFC 2505 command, and MR to replace the "551 User Not
MINFO 14 Obsoleted
Local" SMTP error. Later, RFC 2505
by: 2050
MAILB 253 recommended that both the VRFY and EXPN
commands be disabled, making the use of MB
and MG unlikely to ever be adopted.
Declared "not to be relied upon" by RFC 1123
WKS 11 RFC 1123 (with further information in RFC 1127 ):
WKS(11)[12]

NB 32 Mistakes: NB(32), NBSTAT(33) (from RFC


RFC 1002 1002 ); the numbers are now assigned to
NBSTAT 33
NIMLOC and SRV.
Obsoleted by RFC 1035 : NULL(10) (RFC 883
defined "completion queries" (opcode 2 and
RFC
NULL 0 RFC 883 maybe 3) which used this record, RFC 1035
1035
later reassigned opcode 2 to be "status" and

open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
reserved opcode 3.)
Defined as part of early IPv6 but downgraded to
A6 38 RFC 3363 RFC 6563 experimental by RFC 3363 : A6(38), Later
downgraded to historic in RFC 6563 .
NXT 30 Obsoleted by DNSSEC updates (RFC 3755 ):
NXT(30). At the same time, the domain of
KEY -- RFC 3755 RFC 4034
applicability for KEY and SIG was also limited to
SIG --
not include DNSSEC use.
Part of the first version of DNSSEC (RFC
RFC 2065
2065 ).
HINFO 13

RP 17 Not in current use by any notable application


X25 19

ISDN 20

RT 21 Not in current use by any notable application


NSAP 22

NSAP-
23
PTR
26 Not in current use by any notable application
PX
31
EID

NIMLOC 32

open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
ATMA 34 Not in current use by any notable application
APL 42

Defined by the Kitchen Sink internet draft, but


SINK 40
never made it to RFC status: SINK(40)
A more limited early version of the LOC record:
GPOS 27
GPOS(27)
UINFO 100
IANA reserved, no RFC documented them [1]
UID 101
and support was removed from BIND in the early
GID 102 90s: UINFO(100), UID(101), GID(102),
UNSPEC(103)
UNSPEC 103

SPF(99) (from RFC 4408 ) was specified as part


of the Sender Policy Framework protocol as an
alternative to storing SPF data in TXT records,
SPF 99 RFC 4408 using the same format. It was later found that the
majority of SPF deployments lack proper support
for this record type, and support for it was
discontinued in RFC 7208 .[13][14]
RP(17) may be used for certain human-readable
information regarding a different contact point for
RP 17
a specific host, subnet, or other domain level
label separate than that used in the SOA record.

open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
Further reading [edit]

"IANA DNS Parameters registry" . Retrieved 2008-05-25.


"Google's Guide to DNS Records" . Retrieved 2010-12-09.

References [edit]
1. ^ a bc de fghi
Paul Mockapetris (November 1987). "RFC 1035: Domain Names - Implementation
and Specification" . Network Working Group of the IETF (Internet Engineering Task Force). p. 12.
2. ^ "RFC 3596: DNS Extensions to Support IP Version 6" . The Internet Society. October 2003.
3. ^ RFC 2535 , 3
4. ^ RFC 3445 , 1. "The KEY RR was defined in RFC 2930 ..."
5. ^ RFC 2931 , 2.4. "SIG(0) on the other hand, uses public key authentication, where the public
keys are stored in DNS as KEY RRs and a private key is stored at the signer."
6. ^ RFC 3445 , 1. "DNSSEC will be the only allowable sub-type for the KEY RR..."
7. ^ a bc
RFC 3755 , 3. "DNSKEY will be the replacement for KEY, with the mnemonic indicating
that these keys are not for application use, per RFC3445. RRSIG (Resource Record SIGnature) will
replace SIG, and NSEC (Next SECure) will replace NXT. These new types completely replace the
old types, except that SIG(0) RFC2931 and TKEY RFC2930 will continue to use SIG and KEY."
8. ^ RFC 4025 , Abstract. "This record replaces the functionality of the sub-type #4 of the KEY
Resource Record, which has been obsoleted by RFC 3445 ."
9. ^ The minimum field of SOA record is redefined to be the TTL of NXDOMAIN reply in RFC 2308 .
10. ^ RFC 2930 , 6. "... the keying material is sent within the key data field of a TKEY RR encrypted
under the public key in an accompanying KEY RR RFC 2535 ."
11. ^ RFC 2845 , abstract
12. ^ RFC 1123 section 2.2, 5.2.12, 6.1.3.6
13. ^ Kucherawy, M. (July 2012). "Background on the RRTYPE Issue" . Resolution of the Sender
Policy Framework (SPF) and Sender ID Experiments . IETF. sec. A. RFC 6686. Retrieved August
open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
31, 2013.
14. ^ Kitterman, S. (April, 2014). "The SPF DNS Record Type" . Sender Policy Framework (SPF) for
Authorizing Use of Domains in Email, Version 1 . IETF. sec. 3.1. RFC 7208. Retrieved 26 April
2014.

Categories: Domain name system Internet protocols

This page w as last edited on 15 May 2017, at 10:00.

Text is available under the Creative Commons Attribution-ShareAlike License; additional terms may apply. By using this site, you
agree to the Terms of Use and Privacy Policy. Wikipedia is a registered trademark of the Wikimedia Foundation, Inc., a non-profit
organization.

Privacy policy About Wikipedia Disclaimers Contact Wikipedia Developers Cookie statement Mobile view

open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com

Potrebbero piacerti anche