DNS Record Types
From Realm Business Systems Ltd
Resource Records
Code | Number | Defining RFC | Description | Function |
---|---|---|---|---|
<div id="A"/>A | 1 | RFC 1035 | address record | Returns a 32-bit IPv4 address, most commonly used to map hostnames to an IP address of the host, but also used for DNSBLs, storing subnet masks in RFC 1101, etc. |
<div id="AAAA"/>AAAA | 28 | RFC 3596 | IPv6 address record | Returns a 128-bit IPv6 address, most commonly used to map hostnames to an IP address of the host. |
<div id="AFSDB"/>AFSDB | 18 | RFC 1183 | AFS database record | Location of database servers of an Andrew File System (AFS) cell. This record is commonly used by AFS clients to contact AFS cells outside their local domain. A subtype of this record is used by the obsolete DCE Distributed File System (DCE/DFS) file system. |
<div id="CERT"/>CERT | 37 | RFC 4398 | Certificate record | Stores PKIX, SPKI, Pretty Good Privacy (PGP), etc. |
CNAME | 5 | RFC 1035 | Canonical name record | Alias of one name to another: the DNS lookup will continue by retrying the lookup with the new name. |
<div id="DHCID"/>DHCID | 49 | RFC 4701 | DHCP identifier | Used in conjunction with the FQDN option to DHCP |
<div id="DLV"/>DLV | 32769 | RFC 4431 | DNSSEC Lookaside Validation record | For publishing DNSSEC trust anchors outside of the DNS delegation chain. Uses the same format as the DS record. RFC 5074 describes a way of using these records. |
DNAME record (DNAME) | 39 | RFC 2672 | delegation name | DNAME will delegate an entire portion of the DNS tree under a new name. In contrast, the CNAME record creates an alias of a single name. Like the CNAME record, the DNS lookup will continue by retrying the lookup with the new name. |
<div id="DNSKEY"/>DNSKEY | 48 | RFC 4034 | DNS Key record | The key record used in DNSSEC. Uses the same format as the KEY record. |
<div id="DS"/>DS | 43 | RFC 4034 | Delegation signer | The record used to identify the DNSSEC signing key of a delegated zone |
Host Identity Protocol (HIP) | 55 | RFC 5205 | Host Identity Protocol | Method of separating the end-point identifier and locator roles of IP addresses. |
<div id="IPSECKEY"/>IPSECKEY | 45 | RFC 4025 | IPSEC Key | Key record that can be used with IPSEC |
<div id="KEY"/>KEY | 25 | RFC 4034 | Key record | Used only for TKEY (RFC 2930). Before RFC 3755 was published, this was also used for DNSSEC, but DNSSEC now uses DNSKEY. |
LOC record (LOC) | 29 | RFC 1876 | Location record | Specifies a geographical location associated with a domain name |
MX record (MX) | 15 | RFC 1035 | mail exchange record | Maps a domain name to a list of mail exchange servers for that domain |
NAPTR record (NAPTR) | 35 | RFC 3403 | Naming Authority Pointer | Allows regular expression based rewriting of domain names which can then be used as URIs, further domain names to lookups, etc. |
<div id="NS"/>NS | 2 | RFC 1035 | name server record | Delegates a DNS zone to use the given authoritative name servers |
<div id="NSEC"/>NSEC | 47 | RFC 4034 | Next-Secure record | Part of DNSSEC—used to prove a name does not exist. Uses the same format as the (obsolete) NXT record. |
<div id="NSEC3"/>NSEC3 | 50 | RFC 5155 | NSEC record version 3 | An extension to DNSSEC that allows proof of nonexistence for a name without permitting zonewalking |
<div id="NSEC3PARAM"/>NSEC3PARAM | 51 | RFC 5155 | NSEC3 parameters | Parameter record for use with NSEC3 |
<div id="PTR"/>PTR | 12 | RFC 1035 | pointer record | DNS-SD. |
<div id="RRSIG"/>RRSIG | 46 | RFC 4034 | DNSSEC signature | Signature for a DNSSEC-secured record set. Uses the same format as the SIG record. |
<div id="SIG"/>SIG | 24 | RFC 2535 | Signature | Signature record used in SIG(0) (RFC 2931). Until RFC 3755 was published, the SIG record was part of DNSSEC; now RRSIG is used for that. |
<div id="SOA"/>SOA | 6 | RFC 1035 | start of authority record | Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone. |
Sender Policy Framework (SPF) | 99 | RFC 4408 | SPF record | Specified as part of the SPF protocol, as an alternative to storing SPF data in TXT records. Uses the same format as the TXT record. |
SRV | 33 | RFC 2782 | Service locator | Generalized service location record, used for newer protocols instead of creating protocol-specific records such as MX. |
<div id="SSHFP"/>SSHFP | 44 | RFC 4255 | SSH Public Key Fingerprint | Resource record for publishing Secure Shell (SSH) public host key fingerprints in the DNS System, in order to aid in verifying the authenticity of the host. |
<div id="TA"/>TA | 32768 | None | DNSSEC Trust Authorities | Part of a deployment proposal for DNSSEC without a signed DNS root. See the IANA database and Weiler Spec] for details. Uses the same format as the DS record. |
<div id="TXT"/>TXT | 16 | RFC 1035 | Text record | DNS-SD, etc. |