DNS Record Types

A — IPv4 address (2-5.org supports)

The A or “address” DNS record type was created to hold IPv4 addresses. Translating names to addresses is one of the most fundamental uses of the DNS!

The A record type was introduced in the original DNS specifications (RFC 1034 and 1035) in 1987. Each type A record holds an IPv4 address. IPv6 did not yet exist in 1987 so all addresses were 32-bit IPv4 addresses. The AAAA DNS record type for IPv6 records would come later.

The DNS was created because the original system for mapping names to address, the “hosts” file, was quickly becoming unsustainable. The DNS would allow applications to map human-readable names into addresses in a massive globally distributed database. The A record type associates IPv4 addresses with DNS names.

Today, the DNS performs many other critical functions. But one of its most important jobs remains the mapping of names to addresses.

 

AAAA — IPv6 address (2-5.org supports)

The AAAA DNS record type was created to hold IPv6 addresses. AAAA records, pronounced “quad A records” are similar to A records. They hold a 128-bit IPv6 address instead of a 32-bit IPv4 address.

IPv6 did not exist when the original DNS specifications (RFC 1034 and 1035) were written. Only a few years later, IPv6 was created to address the problem of IPv4 address space exhaustion. The AAAA record type was introduced in RFC 1886 in 1995. RFC 3596 is the current specification for AAAA records in the DNS.

 

AFSDB — AFS database location

 

APL — Address prefix list

 

AXFR — Authoritative zone transfer

 

CAA — Certification authority authorization (2-5.org supports)

 

CDNSKEY — Child copy of a DNSKEY

 

CDS — Child copy of DS

 

CERT — Cryptographic certificate

 

CNAME — Canonical name (2-5.org supports)

The CNAME or “canonical name” DNS record type is used to alias or redirect one DNS name to another DNS name.

This record type was introduced in the original DNS specifications (RFC 1034 and 1035) in 1987. CNAME records have not changed much since then, but CNAME remains a powerful and useful tool in any DNS toolbox.

 

CSYNC — Child-to-parent synchronization

 

DHCID — DHCP identifier

 

DLV — DNSSEC Look-Aside validation

 

DNAME — Delegation name

 

DNSKEY — Cryptographic key for DNSSEC

 

DS — Delegation signer (2-5.org supports)

 

EUI48 — MAC address (EUI-48)

 

EUI64 — Mac address (EUI-64)

 

HINFO — Host information

 

HIP — Host identification protocol

 

HTTPS — HTTPS binding (2-5.org supports)

 

IPSECKEY — Cryptographic key for IPsec

 

IXFR — Incremental zone transfer

 

KEY — Cryptographic key for DNSSEC (obsoleted by DNSKEY)

 

KX — Key exchange

 

LOC — Geographical location

 

MX — Mail exchange (2-5.org supports)

The MX or “mail exchange” DNS record type is critical to the delivery of email via the Simple Mail Transfer Protocol (SMTP). MX records are used to specify a list of mail servers for a domain. If MX records are not created and maintained correctly, email for the domain will not be delivered reliably or perhaps at all.

The MX record type was introduced in the original DNS specifications (RFC 1034 and 1035) in 1987.

 

NAPTR — Naming authority pointer

 

NS — Name server (2-5.org supports)

The NS or “name server” DNS record type is used to specify the authoritative name servers for a domain. It tells DNS resolvers which servers to contact when it's looking for DNS records for that domain name. This is what allows different organizations to own different domain names.

Like a number of other DNS record types, the original DNS specifications (RFC 1034 and 1035) introduced this record type in 1987. Along with the Start of Authority (SOA) record type, NS records are integral to the proper functioning of the DNS.

 

NSEC3 — Next secure (Version 3)

 

NSEC3PARAM — Parameter for NSEC3

 

NSEC — Next secure (obsoleted by NSEC3)

 

NXT — DNSSEC key (obsoleted by NSEC)

 

OPENPGPKEY — Public key for OpenPGP

 

OPT — EDNS option

 

PTR — Canonical name pointer (2-5.org supports)

The PTR or "pointer" DNS record type maps an IP address to a domain name in the DNS. This is called a DNS reverse lookup.

Most DNS records types are used in "forward lookups". A DNS forward lookup maps a DNS name to an IP address or another piece of DNS data. PTR records do the opposite. A reverse lookup for a PTR record maps an IP address to a DNS name.

The PTR record type was introduced in the original DNS specifications (RFC 1034 and 1035) in 1987. Today, PTR records are essential for email delivery. They are used as a layer of security to prove that a mail server is trustworthy.

 

RP — Responsible person

 

RRSIG — Resource record signature for DNSSEC

 

SIG — Resource record signature for DNSSEC (obsoleted by RRSIG)

 

SMIMEA — S/MIME association

 

SOA — Start of authority

All DNS zones begin with a Start Of Authority (SOA) record. The SOA record states that authority for a zone is starting at a particular point in the global tree of DNS names.

For example, when creating a new DNS zone for 2-5.org then the process of zone creation would include the creation of a SOA record at 2-5.org.

Maintenance and creation of the SOA record is a task for the DNS server administrator of the zone. The webmaster for a domain would not generally need to add or change the SOA record.

The SOA record at 2-5.org indicates that a DNS zone begins at ohmcar.org and extends downwards in the DNS tree to encompass all the DNS names that are children of 2-5.org. The names www.2-5.org and apps.backend.2-5.org would be part of this zone, as would the name 2-5.org itself.

The SOA record does more than just indicate that a zone exists. It also gives some important information about the zone and controls negative caching for non-existent names within the zone.

 

SSHFP — Public key fingerprint for SSH (2-5.org supports)

 

SVCB — Service binding (2-5.org supports)

 

SPV — The Sender Policy Framework (2-5.org supports)

 

SRV — Service locator (2-5.org supports)

The SRV or "service locator" DNS record type enables service discovery in the DNS. SRV records allow services to be advertised on specific ports and used in an order controlled by the owner of the service. SRV also provides a load balancing feature.

The SRV record type was proposed in the late 1990s in RFC 2782. The SRV record addresses limitations in the DNS around advertising and consuming services. Not all application protocols support SRV, but many do.

 

TA — Trust authority for DNSSEC

 

TKEY — Transaction key

 

TLSA — Certificate association for TLS (2-5.org supports)

 

TSIG — Transaction signature

 

TXT — Human-readable text (2-5.org supports)

The TXT or “descriptive text” DNS record type was created to hold human-readable text. It now plays a critical role in the prevention of spam on the Internet.

The TXT record type was introduced in the original DNS specifications (RFC 1034 and 1035) in 1987. They were to be used for notes and text created by DNS administrators. There was originally no definitive purpose for TXT records. They were used for whatever information the DNS administrator thought was useful. This included contact information, the locations and owners of machines, humorous messages, and other administrivia.

TXT records were used this way until 2003. In 2003 efforts began to fight back against spam and other abuses of email. This led to the creation of SPF (Sender Policy Framework). SPF stores email authority information in TXT records. Other uses for the TXT record type have been added over the years.

 

URI — Uniform resource identifier

 

ZONEMD — Message digest for DNS zones