DNS, Domain Name System

Protocol suite:	TCP/IP.
Protocol type:	Application layer name space translation protocol.
Port:	53 (TCP, UDP) server.
URI:	dns:
MIME subtypes:	application/dns. text/dns.
SNMP MIBs:	iso.org.dod.internet.mgmt.mib-2.dns (1.3.6.1.2.1.32).
Working groups:	dns, Domain Name System. dnsext, DNS Extensions. dnsind, DNS IXFR, Notification, and Dynamic Update. dnsop, Domain Name Server Operations.
Links:	IANA: DNS parameters. IANA: DNS security algorithm numbers. wiki: DNS.

MAC header

IP header

TCP | UDP header

DNS header

Data :::

DNS header:

00	16	17	21	22	23	24	25	26	27	28
Identification	QR	Opcode	AA	TC	RD	RA	Z	AD	CD	Rcode
Total Questions	Total Answer RRs
Total Authority RRs	Total Additional RRs
Questions [] :::
Answer RRs [] :::
Authority RRs [] :::
Additional RRs [] :::

Identification. 16 bits.
Used to match request/reply packets.

QR, Query/Response. 1 bit.

QR	Description
0	Query.
1	Response.

Opcode. 4 bits.

Opcode	Description	References
0	QUERY, Standard query.	RFC 1035
1	IQUERY, Inverse query.	RFC 1035, RFC 3425
2	STATUS, Server status request.	RFC 1035
3	reserved.
4	Notify.	RFC 1996
5	Update.	RFC 2136
6 - 15	reserved.

AA, Authoritative Answer. 1 bit.
Specifies that the responding name server is an authority for the domain name in question section. Note that the contents of the answer section may have multiple owner names because of aliases. This bit corresponds to the name which matches the query name, or the first owner name in the answer section.

AA	Description
0	Not authoritative.
1	Is authoritative.

TC, Truncated. 1 bit.
Indicates that only the first 512 bytes of the reply was returned.

TC	Description
0	Not truncated.
1	Message truncated.

RD, Recursion Desired. 1 bit.
May be set in a query and is copied into the response. If set, the name server is directed to pursue the query recursively. Recursive query support is optional.

RD	Description
0	Recursion not desired.
1	Recursion desired.

RA, Recursion Available. 1 bit.
Indicates if recursive query support is available in the name server.

RA	Description
0	Recursive query support not available.
1	Recursive query support available.

Z. 1 bit.

AD, Authenticated data. 1 bit.
Indicates in a response that all data included in the answer and authority sections of the response have been authenticated by the server according to the policies of that server. It should be set only if all data in the response has been cryptographically verified or otherwise meets the server's local security policy.

CD, Checking Disabled. 1 bit.

Rcode, Return code. 4 bits.

Rcode	Description	References
0	No error. The request completed successfully.	RFC 1035
1	Format error. The name server was unable to interpret the query.	RFC 1035
2	Server failure. The name server was unable to process this query due to a problem with the name server.	RFC 1035
3	Name Error. Meaningful only for responses from an authoritative name server, this code signifies that the domain name referenced in the query does not exist.	RFC 1035
4	Not Implemented. The name server does not support the requested kind of query.	RFC 1035
5	Refused. The name server refuses to perform the specified operation for policy reasons. For example, a name server may not wish to provide the information to the particular requester, or a name server may not wish to perform a particular operation (e.g., zone transfer) for particular data.	RFC 1035
6	YXDomain. Name Exists when it should not.	RFC 2136
7	YXRRSet. RR Set Exists when it should not.	RFC 2136
8	NXRRSet. RR Set that should exist does not.	RFC 2136
9	NotAuth. Server Not Authoritative for zone.	RFC 2136
10	NotZone. Name not contained in zone.	RFC 2136
11 - 15	reserved.
16	BADVERS.Bad OPT Version. BADSIG.TSIG Signature Failure.	RFC 2671 RFC 2845
17	BADKEY. Key not recognized.	RFC 2845
18	BADTIME. Signature out of time window.	RFC 2845
19	BADMODE. Bad TKEY Mode.	RFC 2930
20	BADNAME. Duplicate key name.	RFC 2930
21	BADALG. Algorithm not supported.	RFC 2930
22	BADTRUNC. Bad truncation.	RFC 4635
23 - 3840
3841 - 4095	Private use.
4096 - 65535

Total Questions. 16 bits, unsigned.
Number of entries in the question list that were returned.

Total Answer RRs. 16 bits, unsigned.
Number of entries in the answer resource record list that were returned.

Total Authority RRs. 16 bits, unsigned.
Number of entries in the authority resource record list that were returned.

Total Additional RRs. 16 bits, unsigned.
Number of entries in the additional resource record list that were returned.

Questions[]. Variable length.
A list of zero or more Query structures.

Answer RRs[]. Variable length.
A list of zero or more Answer Resource Record structures.

Authority RRs[]. Variable length.
A list of zero or more Authority Resource Record structures.

Additional RRs[]. Variable length.
A list of zero or more Additional Resource Record structures.

Query. Variable length.

00	01	02	03	04	05	06	07	08	09	10	11	12	13	14	15	16	17	18	19	20	21	22	23	24	25	26	27	28	29	30	31
Query Name :::
Type																Class

Resource Record. Variable length.

00	01	02	03	04	05	06	07	08	09	10	11	12	13	14	15	16	17	18	19	20	21	22	23	24	25	26	27	28	29	30	31
Name :::
Type																Class
TTL
Rdata Length																Rdata :::

Type. 16 bits, unsigned.

Type	Description	References
0
1	A, IPv4 address.	RFC 1035
2	NS, Authoritative name server.	RFC 1035
3	MD, Mail destination. Obsolete use MX instead.	RFC 1035
4	MF, Mail forwarder. Obsolete use MX instead.	RFC 1035
5	CNAME, Canonical name for an alias.	RFC 1035
6	SOA, Marks the start of a zone of authority.	RFC 1035
7	MB, Mailbox domain name.	RFC 1035
8	MG, Mail group member.	RFC 1035
9	MR, Mail rename domain name.	RFC 1035
10	NULL, Null resource record.	RFC 1035
11	WKS, Well known service description.	RFC 1035
12	PTR, Domain name pointer.	RFC 1035
13	HINFO, Host information.	RFC 1035
14	MINFO, Mailbox or mail list information.	RFC 1035
15	MX, Mail exchange.	RFC 1035
16	TXT, Text strings.	RFC 1035
17	RP, Responsible Person.	RFC 1183
18	AFSDB, AFS Data Base location.	RFC 1183
19	X25, X.25 PSDN address.	RFC 1183
20	ISDN, ISDN address.	RFC 1183
21	RT, Route Through.	RFC 1183
22	NSAP, NSAP address. NSAP style A record.	RFC 1706
23	NSAP-PTR.	RFC 1348
24	SIG, Security signature.	RFC 2931, RFC 4034
25	KEY, Security key.	RFC 3445, RFC 4034
26	PX, X.400 mail mapping information.	RFC 2163
27	GPOS, Geographical Position.	RFC 1712
28	AAAA, IPv6 Address.	RFC 3596
29	LOC, Location Information.	RFC 1876
30	NXT, Next Domain (obsolete).	RFC 2535
31	EID, Endpoint Identifier.
32	NIMLOC, Nimrod Locator. NB, NetBIOS general Name Service.	RFC 1002
33	SRV, Server Selection. NBSTAT, NetBIOS NODE STATUS.	RFC 2052, RFC 2782 RFC 1002
34	ATMA, ATM Address.
35	NAPTR, Naming Authority Pointer.	RFC 3403
36	KX, Key Exchanger.	RFC 2230
37	CERT.	RFC 2538, RFC 4398
38	A6.	RFC 2874, RFC 3226
39	DNAME.	RFC 2672
40	SINK.
41	OPT.	RFC 2671
42	APL.	RFC 3123
43	DS, Delegation Signer.	RFC 3658
44	SSHFP, SSH Key Fingerprint.	RFC 4255
45	IPSECKEY.	RFC 4025
46	RRSIG.	RFC 3755
47	NSEC, NextSECure.	RFC 3755, RFC 3845
48	DNSKEY.	RFC 3755
49	DHCID, DHCP identifier.	RFC 4701
50	NSEC3.	RFC 5155
51	NSEC3PARAM.	RFC 5155
52 53 54
55	HIP, Host Identity Protocol.	RFC 5205
56	NINFO.
57	RKEY.
58 - 98
99	SPF, Sender Policy Framework.	RFC 4408
100	UINFO.
101	UID.
102	GID.
103	UNSPEC.
104 - 248
249	TKEY.	RFC 2930
250	TSIG, Transaction Signature.	RFC 2845, RFC 3645
251	IXFR, Incremental transfer.	RFC 1995
252	AXFR, A request for a transfer of an entire zone.	RFC 1035
253	MAILB, A request for mailbox-related records (MB, MG or MR).	RFC 1035
254	MAILA, A request for mail agent RRs. Obsolete.	RFC 1035
255	*. A request for all records.	RFC 1035
256 - 32767
32768	DNSSEC Trust Authorities.
32769	DNSSEC Lookaside Validation.	RFC 4431, RFC 5074

Class. 16 bits, unsigned.

Class	Description	References
0	Reserved.	RFC 5395
1	IN, Internet.	RFC 1035.
2
3	CH, Chaos.	RFC 1035.
4	HS, Hesiod.	RFC 1035.
5 - 253
254	None.	RFC 2136.
255	Any (QCLASS only).	RFC 1035.
256 - 65279
65280 - 65534	Private use.	RFC 5395
65535		RFC 5395

Glossary:

Authoritative Server.
(RFC 2182) A server that knows the content of a DNS zone from local knowledge, and thus can answer queries about that zone without needing to query other servers.

Forward Zone.
(RFC 2182) A zone containing data mapping names to host addresses, mail exchange targets, etc.

Listed Server.
(RFC 2182) An Authoritative Server for which there is an "NS" resource record (RR) in the zone.

Master.
(RFC 1996) Any authoritative server configured to be the source of zone transfer for one or more slave servers.

Notify Set.
(RFC 1996) A set of servers to be notified of changes to some zone. The default is all servers named in the NS RRset, except for any server also named in the SOA MNAME. Some implementations will permit the name server administrator to override this set or add elements to it (such as, for example, stealth servers).

Primary Master.
(RFC 1996) Master server at the root of the zone transfer dependency graph. The primary master is named in the zone's SOA MNAME field and optionally by an NS RR. There is by definition only one primary master server per zone.

Primary Server.
(RFC 2182) An authoritative server for which the zone information is locally configured. Sometimes known as a Master server.

Resolver.
A DNS client which seeks information contained in a zone using the DNS protocols.

Reverse Zone.
(RFC 2182) A zone containing data used to map addresses to names.

Secondary Server.
(RFC 2182) An authoritative server that obtains information about a zone from a Primary Server via a zone transfer mechanism. Sometimes known as a Slave Server.

Slave.
(RFC 1996) An authoritative server which uses zone transfer to retrieve the zone. All slave servers are named in the NS RRs for the zone.

Stealth.
(RFC 1996) Similar to a slave server except it is not listed in an NS RR for the zone. A stealth server, unless explicitly configured to do otherwise, will set the AA bit in responses and be capable of acting as a master. A stealth server will only be known by other servers if they are given static configuration data indicating its existence.

Stealth Server.
(RFC 2182) An authoritative server, usually secondary, which is not a Listed Server.

TLD, Top level domain name.

WKS, Well Known Services.

Zone.
(RFC 2182) A part of the DNS tree, that is treated as a unit.

RFCs:

[RFC 830] A Distributed System for Internet Name Service.

[RFC 881] The Domain Names Plan and Schedule.

[RFC 897] Domain Name System Implementation Schedule.

Updates:
RFC 881.

[RFC 920] Domain Requirements.

[RFC 921] Domain Name System Implementation Schedule - Revised.

Updates:
RFC 881, RFC 897.

[RFC 974] MAIL ROUTING AND THE DOMAIN SYSTEM.

STD: 14.

[RFC 1002] PROTOCOL STANDARD FOR A NetBIOS SERVICE ON A TCP/UDP TRANSPORT: DETAILED SPECIFICATIONS.

STD: 19.

[RFC 1031] MILNET NAME DOMAIN TRANSITION.

[RFC 1032] DOMAIN ADMINISTRATORS GUIDE.

[RFC 1033] DOMAIN ADMINISTRATORS OPERATIONS GUIDE.

[RFC 1034] DOMAIN NAMES - CONCEPTS AND FACILITIES.

STD: 13.
Updated by:
RFC 4033, RFC 4034, RFC 4035, RFC 4343.
Obsoletes:
RFC 882, RFC 883, RFC 973.

[RFC 1035] DOMAIN NAMES - IMPLEMENTATION AND SPECIFICATION.

STD: 13.
Updated by:
RFC 3658, RFC 4033, RFC 4034, RFC 4035, RFC 4343.
Obsoletes:
RFC 882, RFC 883, RFC 973.

[RFC 1101] DNS Encoding of Network Names and Other Types.

Updates:
RFC 1034, RFC 1035.

[RFC 1123] Requirements for Internet Hosts -- Application and Support.

STD: 3.
Updated by:
RFC 1349, RFC 5321.

[RFC 1183] New DNS RR Definitions.

Updated by:
RFC 5395.
Updates:
RFC 1034, RFC 1035.

[RFC 1279] X.500 and Domains.

[RFC 1296] Internet Growth (1981-1991).

[RFC 1383] An Experiment in DNS Based IP Routing.

[RFC 1401] Correspondence between the IAB and DISA on the use of DNS throughout the Internet.

[RFC 1464] Using the Domain Name System To Store Arbitrary String Attributes.

[RFC 1480] The US Domain.

Obsoletes:
RFC 1386.

[RFC 1535] A Security Problem and Proposed Correction With Widely Deployed DNS Software.

Category: Informational.

[RFC 1536] Common DNS Implementation Errors and Suggested Fixes.

Category: Informational.

[RFC 1591] Domain Name System Structure and Delegation.

Category: Informational.

[RFC 1611] DNS Server MIB Extensions.

Category: Standards Track.
Defines SNMP MIB iso.org.dod.internet.mgmt.mib-2.dns (1.3.6.1.2.1.32).

[RFC 1612] DNS Resolver MIB Extensions.

Category: Standards Track.

[RFC 1706] DNS NSAP Resource Records.

Category: Informational.
Obsoletes:
RFC 1348, RFC 1637.

[RFC 1712] DNS Encoding of Geographical Location.

Category: Experimental.

[RFC 1713] Tools for DNS debugging.

FYI: 27.

[RFC 1794] DNS Support for Load Balancing.

Category: Informational.

[RFC 1876] A Means for Expressing Location Information in the Domain Name System.

Category: Experimental.
Defines DNS Type LOC.
Updates:
RFC 1034, RFC 1035.

[RFC 1912] Common DNS Operational and Configuration Errors.

Category: Informational.
Obsoletes:
RFC 1537.

[RFC 1982] Serial Number Arithmetic.

Category: Standards Track.
Updates:
RFC 1034, RFC 1035.

[RFC 1995] Incremental Zone Transfer in DNS.

Category: Standards Track.
Updates:
RFC 1035.

[RFC 1996] A Mechanism for Prompt Notification of Zone Changes (DNS NOTIFY).

Category: Standards Track.
Defines the DNS notify opcode.
Updates:
RFC 1035.

[RFC 2053] The AM (Armenia) Domain.

Category: Informational.

[RFC 2136] Dynamic Updates in the Domain Name System (DNS UPDATE).

Category: Standards Track.
Updated by:
RFC 4033, RFC 4034, RFC 4035.

[RFC 2142] MAILBOX NAMES FOR COMMON SERVICES, ROLES AND FUNCTIONS.

Cateogry: Standards Track.

[RFC 2146] U.S. Government Internet Domain Names.

Category: Informational.
Obsoletes:
RFC 1816.

[RFC 2163] Using the Internet DNS to Distribute MIXER Conformant Global Address Mapping (MCGAM).

Category: Standards Track.
Obsoletes:
RFC 1664.

[RFC 2181] Clarifications to the DNS Specification.

Category: Standards Track.
Updated by:
RFC 4033, RFC 4034, RFC 4035, RFC 4343.

[RFC 2182] Selection and Operation of Secondary DNS Servers.

BCP: 16.

[RFC 2219] Use of DNS Aliases for Network Services.

BCP: 17.

[RFC 2230] Key Exchange Delegation Record for the DNS.

Category: Informational.

[RFC 2308] Negative Caching of DNS Queries (DNS NCACHE).

Category: Standards Track.
Updated by:
RFC 4033, RFC 4034, RFC 4035.

[RFC 2517] Building Directories from DNS: Experiences from WWWSeeker.

Category: Informational.

[RFC 2536] DSA KEYs and SIGs in the Domain Name System (DNS).

Category: Standards Track.

[RFC 2539] Storage of Diffie-Hellman Keys in the Domain Name System (DNS).

Category: Standards Track.

[RFC 2540] Detached Domain Name System (DNS) Information.

Category: Experimental.

[RFC 2541] DNS Security Operational Considerations.

Category: Informational.

[RFC 2606] Reserved Top Level DNS Names.

BCP: 32.
Defines the .test, .example, .invalid and .localhost top level domain names.

[RFC 2671] Extension Mechanisms for DNS (EDNS0).

Category: Standards Track.
Defines DNS Type OPT.

[RFC 2672] Non-Terminal DNS Name Redirection.

Category: Standards Track.
Defines DNS Resource Record DNAME.

[RFC 2673] Binary Labels in the Domain Name System.

Category: Standards Track.

[RFC 2694] DNS extensions to Network Address Translators (DNS_ALG).

Category: Informational.

[RFC 2782] A DNS RR for specifying the location of services (DNS SRV).

Category: Standards Track.
Obsoletes:
RFC 2052.

[RFC 2826] IAB Technical Comment on the Unique DNS Root.

Category: Informational.

[RFC 2845] Secret Key Transaction Authentication for DNS (TSIG).

Category: Standards Track.
Updated by:
RFC 3645.
Updates:
RFC 1035.

[RFC 2870] Root Name Server Operational Requirements.

BCP: 40.
Obsoletes:
RFC 2010.

[RFC 2874] DNS Extensions to Support IPv6 Address Aggregation and Renumbering.

Category: Standards Track.
Defines DNS type A6.

[RFC 2930] Secret Key Establishment for DNS (TKEY RR).

Category: Standards Track.

[RFC 2931] DNS Request and Transaction Signatures ( SIG(0)s ).

Category: Standards Track.
Updates:
RFC 2535.

[RFC 3007] Secure Domain Name System (DNS) Dynamic Update.

Category: Standards Track.
Updated by:
RFC 4033, RFC 4034, RFC 4035.
Obsoletes:
RFC 2137.
Updates:
RFC 2136, RFC 2535.

[RFC 3027] Protocol Complications with the IP Network Address Translator.

Category: Informational.

[RFC 3071] Reflections on the DNS, RFC 1591, and Categories of Domains.

Category: Informational.

[RFC 3110] RSA/SHA-1 SIGs and RSA KEYs in the Domain Name System (DNS).

Category: Standards Track.
Obsoletes:
RFC 2537.

[RFC 3123] A DNS RR Type for Lists of Address Prefixes (APL RR).

Category: Experimental.

[RFC 3130] Notes from the State-Of-The-Technology: DNSSEC.

Category: Informational.

[RFC 3197] Applicability Statement for DNS MIB Extensions.

Category: Informational.

[RFC 3225] Indicating Resolver Support of DNSSEC.

Category: Standards Track.
Updated by:
RFC 4033, RFC 4034, RFC 4035.

[RFC 3226] DNSSEC and IPv6 A6 aware server/resolver message size requirements.

Category: Standards Track.
Updated by:
RFC 4033, RFC 4034, RFC 4035.
Updates:
RFC 2535, RFC 2874.

[RFC 3245] The History and Context of Telephone Number Mapping (ENUM) Operational Decisions: Informational Documents Contributed to ITU-T Study Group 2 (SG2).

Category: Informational.

[RFC 3258] Distributing Authoritative Name Servers via Shared Unicast Addresses.

Category: Informational.

[RFC 3363] Representing Internet Protocol version 6 (IPv6) Addresses in the Domain Name System (DNS).

Category: Informational.
Updates:
RFC 2673, RFC 2874.

[RFC 3364] Tradeoffs in Domain Name System (DNS) Support for Internet Protocol version 6 (IPv6).

Category: Informational.
Updates:
RFC 2673, RFC 2874.

[RFC 3403] Dynamic Delegation Discovery System (DDDS) Part Three: The Domain Name System (DNS) Database.

Category: Standards Track.
Obsoletes:
RFC 2168, RFC 2915.

[RFC 3425] Obsoleting IQUERY.

Category: Standards Track.
Defines DNS opcode 1 (IQUERY) as obsolete.
Updates:
RFC 1035.

[RFC 3467] Role of the Domain Name System (DNS).

Category: Informational.

[RFC 3568] Known Content Network (CN) Request-Routing Mechanisms.

Category: Informational.

[RFC 3596] DNS Extensions to Support IP Version 6.

Category: Standards Track.
Defines DNS type AAAA.
Obsoletes:
RFC 1886, RFC 3152.

[RFC 3597] Handling of Unknown DNS Resource Record (RR) Types.

Category: Standards Track.
Updated by:
RFC 4033, RFC 4034, RFC 4035, RFC 5395.

[RFC 3645] Generic Security Service Algorithm for Secret Key Transaction Authentication for DNS (GSS-TSIG).

Category: Standards Track.
Updates:
RFC 2845.

[RFC 3646] DNS Configuration options for Dynamic Host Configuration Protocol for IPv6 (DHCPv6).

Category: Standards Track.
Defines DHCPv6 options 23 (OPTION_DNS_SERVERS) and 24 (OPTION_DOMAIN_LIST).

[RFC 3675] .sex Considered Dangerous.

Category: Informational.

[RFC 3681] Delegation of E.F.F.3.IP6.ARPA.

BCP: 80.

[RFC 3696] Application Techniques for Checking and Transformation of Names.

Category: Informational.

[RFC 3761] The E.164 to Uniform Resource Identifiers (URI) Dynamic Delegation Discovery System (DDDS) Application (ENUM).

Category: Standards Track.
Obsoletes:
RFC 2916.

[RFC 3832] Remote Service Discovery in the Service Location Protocol (SLP) via DNS SRV.

Category: Experimental.

[RFC 3833] Threat Analysis of the Domain Name System (DNS).

Category: Informational.

[RFC 3901] DNS IPv6 Transport Operational Guidelines.

BCP: 91.

[RFC 3958] Domain-Based Application Service Location Using SRV RRs and the Dynamic Delegation Discovery Service (DDDS).

Category: Standards Track.

[RFC 4025] A Method for Storing IPsec Keying Material in DNS.

Category: Standards Track.
Defines DNS Resource Record 45 (IPSECKEY).

[RFC 4027] Domain Name System Media Types.

Category: Informational.
Defines MIME media subtypes application/dns and text/dns.

[RFC 4033] DNS Security Introduction and Requirements.

Category: Standards Track.
Obsoletes:
RFC 2535, RFC 3008, RFC 3090, RFC 3445, RFC 3655, RFC 3658, RFC 3755, RFC 3757, RFC 3845.
Updates:
RFC 1034, RFC 1035, RFC 2136, RFC 2181, RFC 2308, RFC 3007, RFC 3225, RFC 3226, RFC 3597.

[RFC 4034] Resource Records for the DNS Security Extensions.

Category: Standards Track.
Obsoletes:
RFC 2535, RFC 3008, RFC 3090, RFC 3445, RFC 3655, RFC 3658, RFC 3755, RFC 3757, RFC 3845.
Updates:
RFC 1034, RFC 1035, RFC 2136, RFC 2181, RFC 2308, RFC 3007, RFC 3225, RFC 3226, RFC 3597.

[RFC 4035] Protocol Modifications for the DNS Security Extensions.

Category: Standards Track.
Obsoletes:
RFC 2535, RFC 3008, RFC 3090, RFC 3445, RFC 3655, RFC 3658, RFC 3755, RFC 3757, RFC 3845.
Updates:
RFC 1034, RFC 1035, RFC 2136, RFC 2181, RFC 2308, RFC 3007, RFC 3225, RFC 3226, RFC 3597.

[RFC 4074] Common Misbehavior Against DNS Queries for IPv6 Addresses.

Category: Informational.

[RFC 4095] Attaching Meaning to Solicitation Class Keywords.

Category: Standards Track.

[RFC 4143] Facsimile Using Internet Mail (IFAX) Service of ENUM.

Category: Standards Track.

[RFC 4183] A Suggested Scheme for DNS Resolution of Networks and Gateways.

Category: Informational.

[RFC 4185] National and Local Characters for DNS Top Level Domain (TLD) Names.

Category: Informational.

[RFC 4213] Basic Transition Mechanisms for IPv6 Hosts and Routers.

Category: Standards Track.
Obsoletes:
RFC 2893.

[RFC 4255] Using DNS to Securely Publish Secure Shell (SSH) Key Fingerprints.

Category: Standards Track.
Defines DNS type 44 (SSH Key Fingerprint).

[RFC 4310] Domain Name System (DNS) Security Extensions Mapping for the Extensible Provisioning Protocol (EPP).

Category: Standards Track.

[RFC 4322] Opportunistic Encryption using the Internet Key Exchange (IKE).

Category: Informational.

[RFC 4339] IPv6 Host Configuration of DNS Server Information Approaches.

Category: Informational.

[RFC 4343] Domain Name System (DNS) Case Insensitivity Clarification.

Category: Standards Track.
Updates:
RFC 1034, RFC 1035, RFC 2181.

[RFC 4367] What's in a Name: False Assumptions about DNS Names.

Category: Informational.

[RFC 4386] Internet X.509 Public Key Infrastructure Repository Locator Service.

Category: Experimental.

[RFC 4398] Storing Certificates in the Domain Name System (DNS).

Category: Standards Track.
Defines DNS type 37 (CERT).
Obsoletes:
RFC 2538.

[RFC 4406] Sender ID: Authenticating E-Mail.

Category: Experimental.

[RFC 4408] Sender Policy Framework (SPF) for Authorizing Use of Domains in E-Mail, Version 1.

Category: Experimental.
Defines DNS type 99 (Sender Policy Framework).

[RFC 4431] The DNSSEC Lookaside Validation (DLV) DNS Resource Record.

Category: Informational.
Defines DNS type 32769 (DNSSEC Lookaside Validation).

[RFC 4470] Minimally Covering NSEC Records and DNSSEC On-line Signing.

Category: Standards Track.

[RFC 4471] Derivation of DNS Name Predecessor and Successor.

Category: Experimental.

[RFC 4472] Operational Considerations and Issues with IPv6 DNS.

Category: Informational.

[RFC 4477] Dynamic Host Configuration Protocol (DHCP): IPv4 and IPv6 Dual-Stack Issues.

Category: Informational.

[RFC 4501] Domain Name System Uniform Resource Identifiers.

Category: Standards Track.
Defines URI scheme dns:.

[RFC 4509] Use of SHA-256 in DNSSEC Delegation Signer (DS) Resource Records (RRs).

Category: Standards Track.

[RFC 4697] Observed DNS Resolution Misbehavior.

BCP: 123.

[RFC 5358] Preventing Use of Recursive Nameservers in Reflector Attacks.

BCP: 140.

[RFC 5395] Domain Name System (DNS) IANA Considerations.

BCP: 42.
Obsoletes:
RFC 2929.
Updates:
RFC 1183, RFC 3597.

Publications:

Obsolete RFCs:

[RFC 882] DOMAIN NAMES - CONCEPTS and FACILITIES.

Obsoleted by:
RFC 1034, RFC 1035.

[RFC 883] DOMAIN NAMES - IMPLEMENTATION and SPECIFICATION.

Obsoleted by:
RFC 1034, RFC 1035.

[RFC 973] Domain System Changes and Observations.

Obsoleted by:
RFC 1034, RFC 1035.
Updates:
RFC 882, RFC 883.

[RFC 1348] DNS NSAP RRs.

Obsoleted by:
RFC 1706.
Updates:
RFC 1034, RFC 1035.

[RFC 1386] The US Domain.

Obsoleted by:
RFC 1480.

[RFC 1537] Common DNS Data File Configuration Errors.

Category: Informational.
Obsoleted by:
RFC 1912.

[RFC 1637] DNS NSAP Resource Records.

Category: Experimental.
Obsoleted by:
RFC 1706.
Obsoletes:
RFC 1348.

[RFC 1664] Using the Internet DNS to Distribute RFC1327 Mail Address Mapping Tables.

Category: Experimental.
Obsoleted by:
RFC 2163.

[RFC 1811] U.S. Government Internet Domain Names.

Category: Informational.
Obsoleted by:
RFC 1816.

[RFC 1816] U.S. Government Internet Domain Names.

Category: Informational.
Obsoleted by:
RFC 2146.
Obsoletes:
RFC 1811.

[RFC 1886] DNS Extensions to support IP version 6.

Category: Standards Track.
Defines DNS Type AAAA.
Obsoleted by:
RFC 3596.

[RFC 1933] Transition Mechanisms for IPv6 Hosts and Routers.

Category: Standards Track.
Obsoleted by:
RFC 2893.

[RFC 2010] Operational Criteria for Root Name Servers.

Category: Informational.
Obsoleted by:
RFC 2870.

[RFC 2052] A DNS RR for specifying the location of services (DNS SRV).

Category: Experimental.
Obsoleted by:
RFC 2782.
Updates:
RFC 1035, RFC 1183.

[RFC 2065] Domain Name System Security Extensions.

Category: Standards Track.
Obsoleted by:
RFC 2535.
Updates:
RFC 1034, RFC 1035.

[RFC 2137] Secure Domain Name System Dynamic Update.

Category: Standards Track.
Obsoleted by:
RFC 3007.
Updates:
RFC 1035.

[RFC 2168] Resolution of Uniform Resource Identifiers using the Domain Name System.

Category: Experimental.
Obsoleted by:
RFC 3401, RFC 3402, RFC 3403, RFC 3404.

[RFC 2535] Domain Name System Security Extensions.

Category: Standards Track.
Obsoleted by:
RFC 4033, RFC 4034, RFC 4035.
Updated by:
RFC 3655, RFC 3658, RFC 3755, RFC 3757, RFC 3845.
Obsoletes:
RFC 2065.

[RFC 2537] RSA/MD5 KEYs and SIGs in the Domain Name System (DNS).

Category: Standards Track.
Obsoleted by:
RFC 3110.

[RFC 2538] Storing Certificates in the Domain Name System (DNS).

Category: Standards Track.
Defines DNS type 37 (CERT).
Obsoleted by:
RFC 4398.

[RFC 2893] Transition Mechanisms for IPv6 Hosts and Routers.

Category: Standards Track.
Obsoleted by:
RFC 4213.
Obsoletes:
RFC 1933.

[RFC 2915] The Naming Authority Pointer (NAPTR) DNS Resource Record.

Category: Standards Track.
Obsoleted by:
RFC 3401, RFC 3402, RFC 3403, RFC 3404.
Updates:
RFC 2168.

[RFC 2916] E.164 number and DNS.

Category: Standards Track.
Obsoleted by:
RFC 3761.

[RFC 2929] Domain Name System (DNS) IANA Considerations.

BCP: 42.
Obsoleted by:
RFC 5395.

[RFC 3008] Domain Name System Security (DNSSEC) Signing Authority.

Category: Standards Track.
Obsoleted by:
RFC 4033, RFC 4034, RFC 4035.
Updated by:
RFC 3658.
Updates:
RFC 2535.

[RFC 3090] DNS Security Extension Clarification on Zone Status.

Category: Standards Track.
Obsoleted by:
RFC 4033, RFC 4034, RFC 4035.
Updated by:
RFC 3658.

[RFC 3152] Delegation of IP6.ARPA.

BCP: 49.
Obsoleted by:
RFC 3596.
Updates:
RFC 1886, RFC 2553, RFC 2766, RFC 2772, RFC 2874.

[RFC 3445] Limiting the Scope of the KEY Resource Record (RR).

Category: Standards Track.
Limits the scope of the DNS KEY Resource Record.
Obsoleted by:
RFC 4033, RFC 4034, RFC 4035.
Updates:
RFC 2535.

[RFC 3655] Redefinition of DNS Authenticated Data (AD) bit.

Category: Standards Track.
Obsoleted by:
RFC 4033, RFC 4034, RFC 4035.
Updates:
RFC 2535.

[RFC 3658] Delegation Signer (DS) Resource Record (RR).

Category: Standards Track.
Defines DNS Resource Record 43 (Delegation Signer).
Obsoleted by:
RFC 4033, RFC 4034, RFC 4035.
Updated by:
RFC 3755.
Updates:
RFC 1035, RFC 2535, RFC 3008, RFC 3090.

[RFC 3755] Legacy Resolver Compatibility for Delegation Signer (DS).

Category: Standards Track.
Obsoleted by:
RFC 4033, RFC 4034, RFC 4035.
Updated by:
RFC 3757, RFC 3845.
Updates:
RFC 2535, RFC 3658.

[RFC 3757] Domain Name System KEY (DNSKEY) Resource Record (RR) Secure Entry Point (SEP) Flag.

Category: Standards Track.
Obsoleted by:
RFC 4033, RFC 4034, RFC 4035.
Updates:
RFC 3755, RFC 2535.

[RFC 3845] DNS Security (DNSSEC) NextSECure (NSEC) RDATA Format.

Category: Standards Track.
Obsoleted by:
RFC 4033, RFC 4034, RFC 4035.
Updates:
RFC 3755, RFC 2535.