KNOWNHOST KNOWLEDGE BASE

Hosting Question? Find the Solution - Browse our Guides, Articles, and How-To's

DNS Records Explained

Category: Common Issues
Tags: # # # #

Domain Name System (DNS) records are used to translate and store information relating to web hosting such as website IP addressing, domain name and subdomains associated, web servers, mail servers and a range of other resources that you wish to access or have accessed by others.

Name Servers are used to respond to requests, keep track of key information and generally manage the operational aspects of DNS requests.

Below is a comprehensive list of DNS records being used at this time. Keep in mind that many of these aren’t common, but can be used if required.

Most Popular DNS Records

The most common records in use include A, CNAME, MX, NS, SOA and TXT. All are explained below.

Comprehensive List of DNS Records

A

  • address records that map domain names to IPv4 IP addresses
  • domains can have single domain names mapped to multiple IP addresses
  • single IP addresses can have multiple domains mapped to them

AAAA

  • address records that map domain names to IPv6 IP addresses
  • as with A records, one to many and many to one mapping is allowed

AFSDB

  • address records that map domain names to an Andrew File System Database server

ALIAS

  • address records used to map apex domains (domain.tld without subdomains)
  • similar to CNAME (though CNAME can only be used on subdomains)

AMTRELAY

  • used for reverse IP Automatic Multicast Tunneling discovery
  • advertises a set of AMT relays for receiving and forwarding multicast traffic

APL

  • Address Prefix List resolution and sharing

ATMA

  • maps domain names to Asynchronous Transfer Mode Addresses
  • ATM addresses can be E.164 or NSAP (decimal or hexadecimal) formats

AVC

  • used for application metadata relating to Application Visibility and Control

AXFR

  • as a part of the DNS transaction process for domain transfers
  • AXFR is a DNS query type which, when combined with certain values, corresponds to steps in the domain transfer process/exchange

CAA

  • the Certification Authority Authorization (CAA) identifies which certificate authorities are permitted to issue certs for a given domain

CDNSKEY

  • a Child DNSKey or CDNSKEY is a record used in the signaling of secure entry points in the process of establishing, modifying or deleting DS records

CDS

  • a Child DS record is used for signaling changes for a zone DNSSEC status

CERT

  • enabling DNS to store and maintain certificate information, CERT resource records relate to certificates and certificate revocation lists

CNAME

  • Canonical NAME records are used to map subdomain resources to their respective domains (which will also have A records to map primary domain.tld to respective IP addresses
  • enables domain moves to new IP addresses using just A record changes, without need to change all the subdomain mapping as well

CSYNC

  • Child SYNC or CSYNC records enable change notices to be sent from child DNS operators to their respective parents, notifying them of changes needing to be made

DHCID

  • Dynamic Host Configuration ID records are used to associate DHCP clients with their domain names
  • typically only updated via DHCP clients and servers, not via DNS zone edits manually

DLV

  • DNSSEC Lookaside Validation records are formatted as DS records and are used for DNSSEC public-key validation chains which can be published outside of tradition DNS validation chains, appearing at the zone apex

DNAME

  • DNS Name redirection records, or DNAME, enable entire subtree redirection of one domain to another
  • whereas an A, AAAA or Alias allows apex domains to be pointed elsewhere, a DNAME record allows all subdomains of one domain to be associated with all subdomains on another domain (such as mail.domain1.com and ftp.domain1.com being associated with mail.domain2.com and ftp.domain2.com – all by simply setting one DNAME record, thus associating all subdomains)

DNSKEY

  • holding a public key, the DNSKEY record can be used by resolvers to verify DNSSEC key signatures

DOA

  • Digital Object Architecture over DNS maps objects and object resources to handles, URI and related resource details

DS

  • Delegation Signer records reference DNSKEY-records and include details about the key algorithm, digest-type and digest

EID

  • Endpoint Identifier records are used in Nimrod Routing Architecture for uniquely identifying the node

EUI48

  • used to encode ethernet addresses in DNS, EUI48 records are 48-bit Extended Unique Identifiers that specify layer-2 addressing details

EUI64

  • used to encode ethernet addresses in DNS, EUI64 records are 64-bit Extended Unique Identifiers that specify layer-2 addressing details

GID

  • Group IDentifier information maintained and encoded via DNS

GPOS

  • Geographical POSition information (being replaced by LOC records)

HINFO

  • containing Host INFOrmation, HINFO records store host software and hardware details

HIP

  • Host Identity Protocol records store the Host Identity, Host Identity Tag and the respective Rendezvous Servers domain names

IPSECKEY

  • contains the IPsec KEY – the public key associated with a domain name

ISDN

  • maps an Integrated Services Digital Network telephone number to a domain name

IXFR

  • Incremental Zone Transfer
  • see AXFR
  • used for updating zone information on newer DNS implementations

KX

  • specifies the Key eXchanger for use in cryptographic key management

L32

  • used for specifying 32-bit Locator records

L64

  • used for specifying 64-bit Locator records

LOC

  • by storing WGS84 latitude, longitude and altitude information, LOCation records enable resources to be associated with geographical location information

LP

  • used as a Locator Pointer for L32 and L64 records, LP holds network name information used with ILNP

MAILA

  • MAIL Agent records being replaced by MX records

MAILB

  • MAIL Box records being replaced by MX records

MB

  • Mail Box records which map a mailbox to a host server
  • requires a valid A record for the zone

MD

  • Mail Destination records being replaced with MX records

MF

  • Mail Forwarder records being replaced with MX records

MG

  • Mail Group member records used to associate boxes MB’s with a group
  • requires a valid MB for each MG member

MINFO

  • Mailbox INFOrmation records specify who is responsible for a box, group or list

MR

  • Mailbox Redirection records map an existing mailbox address to a new address
  • also known as Mailbox Rename
  • acts as a forwarder from one mailbox to another

MX

  • Mail eXchange records maps mail subdomain to an apex domain
  • can specify multiple servers and their relative priority in the list
  • must point to A or AAAA records, not CNAME records

NAPTR

  • the Name Authority Pointer record is typically used to convey IP telephony details (such as with SIP) relating to your domain supporting VOIP/SIP and details about ports and protocols used

NID

  • DNS Node Identifiers (NID records) hold values for ILNP-capable nodes under a new internet architecture approach
  • ideally suited for mobile nodes, devices and networks presented on Identifier Locator Network Protocol implementations

NIMLOC

  • used for location information storage and retrieval in Nimrod Routing Architecture deployments

NINFO

  • designed to convey domain status information
  • uses TXT record format

NS

  • NameServer (NS) records identify what nameservers are to be used in resolving DNS queries about a given domain

NSAP

  • Network Service Access Point addressing information is done via NSAP records and are most commonly used in ConnectionLess Network Protocol routing detail queries

NSEC

  • used in DNSSEC validation, a Next SECure record will store the address of the next record name in the zone
  • generally used to identify that a record doesn’t exist

NSEC3

  • like NSEC, Next SECure record 3 records serve the same function as NSEC but differ by being cryptographically hashed names to prevent the clear text presenting of record names in the zone

NSEC3PARAM

  • accompanying NSEC3, Next SECure record 3 PARAMeters are used to include additional detailed information

NULL

  • placeholders for experimental protocols or as part of DNS:Tunnel, NULL is an empty space

OPENPGPKEY

  • used for delivery of PGP public keys for email addresses

OPT

  • a pseudo-key, OPT records don’t actually contain DNS data, but instead are used to pass control information during a DNS question/answer exchange

PTR

  • used for reverse DNS lookups, PoinTeR records provide a map from domain name to IP addresses so that requests can query via IP address and get a domain name as a result
  • the opposite of A records which can handle query via domain name to provide IP addresses

PX

  • designed for use in X.400 (RFC822) mapping

RKEY

  • used for storing keys that encrypt NAPTR records, protocol, algorithm and key data are contained in these resource records

RP

  • Responsible Person records store the identity information of the person responsible for a particular domain name

RRSIG

  • acting as storage for a DNSSEC signature across a record set, RRSIG records work in conjunction with DNSKEY public keys

RT

  • Route Through records delineate intermediate hosts used to route to the final destination host

SIG

  • SIGnature or SIGning records, SIG records are used to authenticate exchanges (DNS requests) so that the requester can be sure it’s communicating with the server queried (intended to communicate with)

SINK

  • the kitchen SINK record has historically been used as a lump and dump storage facility for handling miscellaneous data that couldn’t be conveniently stored and queried using other record types

SMIMEA

  • associated email addresses with end entity certificates or public keys

SOA

  • Start of Authority records contain administrative details about a zone and are typically used as part of the zone transfer process

SPF

  • Sender Policy Framework records are TXT records containing details about what hostnames and IP addresses are authorized to send email for a domain

SRV

SeRVice records specify hostname and port for detailing servers associated with particular services

SSHFP

  • Secure SHell Fingerprint records spell out the SSH keys associated with a given hostname

SVCB

  • SerViCe Binding records allow requests to find associated multiple network locations for a given origin

TALINK

  • Trust Anchor LINK records have been used to connect two domain names

TKEY

  • Transaction KEY records are a part of the exchanging of secret keys

TLSA

  • the TLS Authentication record makes an association between domain name and a TLS server certificate or key

TSIG

  • a Transaction SIGnature record confirms the validity of DNS database changes
  • often used with dynamic DNS or with slave/secondary DNS server systems

TXT

  • TeXT records enable storing of miscellaneous information associated with a given hostname

UID

  • used for storing User ID information

UINFO

  • User INFO records are much like TXT records and can store arbitrary info associated with a domain

UNSPEC

  • UNSPECified records store information that’s not conveniently stored elsewhere

URI

  • Uniform Resource Indicator records store precisely that

WKS

  • Well Known Services records spell out protocols that are to be supported at a particular address

X25

  • used for mapping Public Switched Data Networks to particular addresses
  • often implemented for specifying secure circuit endpoints on PSTN connections

Related Articles: