Monday, December 14, 2009

DNS Resource Records

Category: SkyHi @ Monday, December 14, 2009
DNS resource records (RRs) describe the characteristics of a zone (or domain) and have a binary or wire-format, which is used in queries and responses, and a text format used in zone files and which is described in this chapter.

Contents


Zone File Format
DNS Generic Record Formats

DNS Record Types


A full list of DNS Record Types may be obtained from IANA DNS Parameters.
RR Value RFC Description
A 1 RFC 1035 IPv4 Address record. An IPv4 address for a host.
AAAA 28 RFC 3596 IPv6 Address record. An IPv6 address for a host. Current IETF recommendation for IPv6 forward-mapped zones.
A6 38 RFC 2874 Experimental. Forward mapping of IPv6 addresses. An IP address for a host within the zone.
AFSDB 18 RFC 1183 Location of AFS servers. Experimental - special apps only.
CNAME 5 RFC 1035 Canonical Name. An alias name for a host.
DNAME 39 RFC 2672 Experimental. Delegation of reverse addresses (primarily IPv6).
DNSKEY 48 RFC 4034 DNSSEC.bis. DNS public key RR.
DS 43 RFC 4034 DNSSEC.bis. Delegated Signer RR.
HINFO 13 RFC 1035 Host Information - optional text data about a host.
ISDN 20 RFC 1183 ISDN address. Experimental = special applications only.
KEY 25 RFC 2535 Public key associated with a DNS name.
LOC 29 RFC 1876 Stores GPS data. Experimental - widely used.
MX 15 RFC 1035 Mail Exchanger. A preference value and the host name for a mail server/exchanger that will service this zone. RFC 974 defines valid names.
NAPTR 35 RFC 3403 Naming Authority Pointer Record. Gross misnomer. General purpose definition of rule set to be used by applications e.g. VoIP
NS 2 RFC 1035 Name Server. Defines the authoritative name server(s) for the domain (defined by the SOA record) or the subdomain.
NSEC 47 RFC 4034 DNSSEC.bis. Next Secure record. Ssed to provide proof of non-existence of a name.
NXT 30
DNSSEC Next Domain record type. Obsolete use NSEC.
PTR 12 RFC 1035 IP address (IPv4 or IPv6) to host. Used in reverse maps.
RP 17 RFC 1183 Information about responsible person. Experimental - special apps only.
RRSIG 46 RFC 4034 DNSSEC.bis. Signed RRset.
RT 21 RFC 1183 Through-route binding. Experimental - special apps only.
SIG 24 RFC 2931//2535 DNSSEC. Obsolete use RRSIG. SIG(0) is used as a special meta RR in DDNS and zone transfer security.
SOA 6 RFC 1035 Start of Authority. Defines the zone name, an e-mail contact and various time and refresh values applicable to the zone.
SPF 99 RFC 4408 Sender Policy Framework (v1). Defines the servers which are authorized to send mail for a domain. Its primary function is to prevent identity theft by spammers.
SRV 33 RFC 2872 Defines services available in the zone, for example, ldap, http etc..
TXT 16 RFC 1035 Text information associated with a name. The SPF record should be defined using a TXT record and may (as of April 2006) be defined using an SPF RR. DKIM (RFC 4871 also makes use of the TXT RR for authenticaing email.
WKS 11 RFC 1035 Well Known Services. Deprecated in favour of SRV.
X25 19 RFC 1183 X.25 address. Experimental - special apps only.
Zone File Directives
$ORIGIN
$INCLUDE
$TTL
$GENERATE (non-standard BIND only)

Zone File Format



The DNS system defines a number of Resource Records (RRs). The text representation of these records are stored in zone files.

Zone file example


; zone file for example.com
$TTL 2d    ; 172800 secs default TTL for zone
$ORIGIN example.com.
@             IN      SOA   ns1.example.com. hostmaster.example.com. (
2003080800 ; se = serial number
12h        ; ref = refresh
15m        ; ret = update retry
3w         ; ex = expiry
3h         ; min = minimum
)
IN      NS      ns1.example.com.
IN      MX  10  mail.example.net.
joe           IN      A       192.168.254.3
www           IN      CNAME   joe

The above example shows a very simple but fairly normal zone file. The following notes apply to zone files:

  1. Zone files consist of Comments, Directives and Resource Records
  2. Comments start with ';' (semicolon) and are assumed to continue to the end of the line. Comments can occupy a whole line or part of a line as shown in the above example.
  3. Directives start with '
    The binary format is described in chapter 15 RR format
up icon

DNS Zone File Directives


Directives start with '$' and are standardized - $ORIGIN and $INCLUDE (defined in RFC 1305) and $TTL (defined in RFC 2308). BIND additionally provides the non-standard $GENERATE directive.
Directive Description
$INCLUDE Includes the defined file in-line.
$ORIGIN Defines the base name (aka label) to be used for 'unqualified' name substitution.
$TTL Defines the default Resource Record TTL value, used if no TTL is defined in a resource record.
Reference: http://www.zytrax.com/books/dns/ch8/ and are standardized - $ORIGIN and $INCLUDE (defined in RFC 1035) and $TTL (defined in RFC 2308). BIND additionally provides the non-standard $GENERATE directive.

  • There are a number of Resource Record (RR) types defined in RFC 1035 and augmented by subsequent RFCs.



  • The $TTL directive should be present and appear before the first RR (RFC 2308 implemented in BIND 9).



  • The first Resource Record must be the SOA (Start of Authority) record. The generic format is described below.


    • up icon

    DNS Generic Record Format



    Resource Records have two representations. A textual format described in this chapter and a binary or wire-format described in Chapter 15.
    The textual format has the following generic form:
    name  ttl  class  type  type-specific-data<br />
    Where:
    name The name (or label) of the node in the zone file to which this record belongs. The name field may also take one of the following values: 
    @<br />; replace with the current value of $ORIGIN<br /> <br />; blank/space or tab in which case the last name used or the value of $ORIGIN (or its default value) is substituted<br />
    ttl 32 bit value. The Time to Live in seconds (range is 1 to 2147483647) and indicates how long the RR may be cached. The value zero indicates the data should not be cached.
    class A 16 bit value which defines the protocol family or an instance of the protocol. The normal value is IN = Internet protocol (other values are HS and CH both historic MIT protocols).
    types The resource record type which determines the value(s) of the type-specific-data field. Type takes one of the values below.
    type-specific-data Data content of each record is defined by the type and class values.
    The generic binary or wire-format is:
    name  ttl class type rdlen rdata<br />
    The binary format is described in chapter 15 RR format
    up icon

    DNS Zone File Directives


    Directives start with '$' and are standardized - $ORIGIN and $INCLUDE (defined in RFC 1305) and $TTL (defined in RFC 2308). BIND additionally provides the non-standard $GENERATE directive.
    Directive Description
    $INCLUDE Includes the defined file in-line.
    $ORIGIN Defines the base name (aka label) to be used for 'unqualified' name substitution.
    $TTL Defines the default Resource Record TTL value, used if no TTL is defined in a resource record.
    Reference: http://www.zytrax.com/books/dns/ch8/