From Wikipedia, the free encyclopedia
|
The Domain name system (DNS) implements a distributed, hierarchical, and redundant database for information associated with Internet domain names and addresses. This List of DNS record types provides an overview of types of resource records (database records) stored in the zone files of the DNS.
Resource Records
Code | Number | Defining RFC | Description | Function |
---|---|---|---|---|
A | 1 | RFC 1035 | address record | Returns a 32-bit IPv4 address, most commonly used to map hostnames to an IP address of the host, but also used for DNSBLs, storing subnet masks in RFC 1101, etc. |
AAAA | 28 | RFC 3596 | IPv6 address record | Returns a 128-bit IPv6 address, most commonly used to map hostnames to an IP address of the host. |
AFSDB | 18 | RFC 1183 | AFS database record | Location of database servers of an AFS cell. This record is commonly used by AFS clients to contact AFS cells outside their local domain. A subtype of this record is used by the obsolete DCE/DFS file system. |
CERT | 37 | RFC 4398 | Certificate record | Stores PKIX, SPKI, PGP, etc. |
CNAME | 5 | RFC 1035 | Canonical name record | Alias of one name to another: the DNS lookup will continue by retrying the lookup with the new name. |
DHCID | 49 | RFC 4701 | DHCP identifier | Used in conjunction with the FQDN option to DHCP |
DLV | 32769 | RFC 4431 | DNSSEC Lookaside Validation record | For publishing DNSSEC trust anchors outside of the DNS delegation chain. Uses the same format as the DS record. RFC 5074 describes a way of using these records. |
DNAME | 39 | RFC 2672 | delegation name | DNAME will delegate an entire portion of the DNS tree under a new name. In contrast, the CNAME record creates an alias of a single name. Like the CNAME record, the DNS lookup will continue by retrying the lookup with the new name. |
DNSKEY | 48 | RFC 4034 | DNS Key record | The key record used in DNSSEC. Uses the same format as the KEY record. |
DS | 43 | RFC 4034 | Delegation signer | The record used to identify the DNSSEC signing key of a delegated zone |
HIP | 55 | RFC 5205 | Host Identity Protocol | Method of separating the end-point identifier and locator roles of IP addresses. |
IPSECKEY | 45 | RFC 4025 | IPSEC Key | Key record that can be used with IPSEC |
KEY | 25 | RFC 4034 | Key record | Used only for TKEY (RFC 2930). Before RFC 3755 was published, this was also used for DNSSEC, but DNSSEC now uses DNSKEY. |
LOC | 29 | RFC 1876 | Location record | Specifies a geographical location associated with a domain name |
MX | 15 | RFC 1035 | mail exchange record | Maps a domain name to a list of mail exchange servers for that domain |
NAPTR | 35 | RFC 3403 | Naming Authority Pointer | Allows regular expression based rewriting of domain names which can then be used as URIs, further domain names to lookups, etc. |
NS | 2 | RFC 1035 | name server record | Delegates a DNS zone to use the given authoritative name servers |
NSEC | 47 | RFC 4034 | Next-Secure record | Part of DNSSEC—used to prove a name does not exist. Uses the same format as the (obsolete) NXT record. |
NSEC3 | 50 | RFC 5155 | NSEC record version 3 | An extension to DNSSEC that allows proof of nonexistence for a name without permitting zonewalking |
NSEC3PARAM | 51 | RFC 5155 | NSEC3 parameters | Parameter record for use with NSEC3 |
PTR | 12 | RFC 1035 | pointer record | Pointer to a canonical name. Unlike a CNAME, DNS processing does NOT proceed, just the name is returned. The most common use is for implementing reverse DNS lookups, but other uses include such things as DNS-SD. |
RRSIG | 46 | RFC 4034 | DNSSEC signature | Signature for a DNSSEC-secured record set. Uses the same format as the SIG record. |
SIG | 24 | RFC 2535 | Signature | Signature record used in SIG(0) (RFC 2931). Until RFC 3755 was published, the SIG record was part of DNSSEC; now RRSIG is used for that. |
SOA | 6 | RFC 1035 | start of authority record | Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone. |
SPF | 99 | RFC 4408 | SPF record | Specified as part of the SPF protocol, as an alternative to storing SPF data in TXT records. Uses the same format as the TXT record. |
SRV | 33 | RFC 2782 | Service locator | Generalized service location record, used for newer protocols instead of creating protocol-specific records such as MX. |
SSHFP | 44 | RFC 4255 | SSH Public Key Fingerprint | Resource record for publishing SSH public host key fingerprints in the DNS System, in order to aid in verifying the authenticity of the host. |
TA | 32768 | None | DNSSEC Trust Authorities | Part of a deployment proposal for DNSSEC without a signed DNS root. See the IANA database and Weiler Spec] for details. Uses the same format as the DS record. |
TXT | 16 | RFC 1035 | Text record | Originally for arbitrary human-readable text in a DNS record. Since the early 1990s, however, this record more often carries machine-readable data, such as specified by RFC 1464, opportunistic encryption, Sender Policy Framework (deprecated), DomainKeys, DNS-SD, etc. |