 |  |
Appendix A. DNS Message Format and Resource Records
This appendix outlines the format of DNS messages and enumerates all the resource record types. The resource records are shown in their textual format, as you would specify them in a zone data file, and in their binary format, as they appear in DNS messages. You'll find a few resource records here that weren't covered in the book because they are experimental or obsolete.We've included the portions of RFC 1035, written by Paul Mockapetris, that deal with the textual format of master files (what we called zone data files in the book) or with the DNS message format (for those of you who need to parse DNS packets).
A.1. Master File Format
(From RFC 1035, pages 33-35)The format of these files is a sequence of entries. Entries are predominantly line-oriented, though parentheses can be used to continue a list of items across a line boundary, and text literals can contain CRLF within the text. Any combination of tabs and spaces acts as a delimiter between the separate items that make up an entry. The end of any line in the master file can end with a comment. The comment starts with a semicolon (;).
The following entries are defined:
Blank lines, with or without comments, are allowed anywhere in the file.blank[comment] $ORIGIN domain-name [comment] $INCLUDE file-name [domain-name] [comment] domain-namerr [comment] blankrr [comment]
Two control entries are defined: $ORIGIN and $INCLUDE. $ORIGIN is followed by a domain name and resets the current origin for relative domain names to the stated name. $INCLUDE inserts the named file into the current file and may optionally specify a domain name that sets the relative domain name origin for the included file. $INCLUDE may also have a comment. Note that an $INCLUDE entry never changes the relative origin of the parent file, regardless of changes to the relative origin made within the included file.
The last two forms represent RRs. If an entry for an RR begins with a blank, then the RR is assumed to be owned by the last stated owner. If an RR entry begins with a domain-name, then the owner name is reset.
rr contents take one of the following forms:
The RR begins with optional TTL and class fields, followed by a type and RDATA field appropriate to the type and class. Class and type use the standard mnemonics; TTL is a decimal integer. Omitted class and TTL values default to the last explicitly stated values. Since type and class mnemonics are disjoint, the parse is unique.[TTL] [class] type RDATA [class] [TTL] type RDATA
domain-names make up a large share of the data in the master file. The labels in the domain name are expressed as character strings and separated by dots. Quoting conventions allow arbitrary characters to be stored in domain names. Domain names that end in a dot are called absolute, and are taken as complete. Domain names that do not end in a dot are called relative; the actual domain name is the concatenation of the relative part with an origin specified in an $ORIGIN, $INCLUDE, or argument to the master file-loading routine. A relative name is an error when no origin is available.
character-string is expressed in one of two ways: as a contiguous set of characters without interior spaces, or as a string beginning with " and ending with ". Inside a " -delimited string any character can occur, except for " itself, which must be quoted using a backslash (\).
Because these files are text files, several special encodings are necessary to allow arbitrary data to be loaded. In particular:
- .
- Of the root.
- \X
- Where X is any character other than a digit (0-9), \ is used to quote
that character so that its special meaning does not apply. For
example, \. can be used to place a dot character in a
label.[108]
[108]Not implemented by BIND 4.8.3.
- \DDD
- Where each D is a
digit in the octet corresponding to the decimal number described by
DDD. The resulting octet is assumed to be text and is not checked for
special meaning.[109]
[109]Not implemented by BIND 4.8.3.
- ( )
- Parentheses are used to group data that crosses a line boundary. In
effect, line terminations are not recognized
within
parentheses.[110]
[110]BIND 4.8.3 allows parentheses only on SOA and WKS resource records.
A.1.1. Character Case
(From RFC 1035, page 9)For all parts of the DNS that are part of the official protocol, all comparisons between character strings (e.g., labels, domain names, etc.) are done in a case-insensitive manner. At present, this rule is in force throughout the domain system without exception. However, future additions beyond current usage may need to use the full binary octet capabilities in names, so attempts to store domain names in 7-bit ASCII or use of special bytes to terminate labels, etc., should be avoided.
A.1.2. Types
Here is a complete list of resource record types. The textual representation is used in master files. The binary representation is used in DNS queries and responses. These resource records are described on pages 13-21 of RFC 1035.| A address |
Example:owner ttl class A address
localhost.movie.edu. IN A 127.0.0.1
Binary Representation:
Address type code: 1
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| ADDRESS |
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
where:
ADDRESS A 32 bit Internet address.| CNAME canonical name |
Example:owner ttl class CNAME canonical-dname
wh.movie.edu. IN CNAME wormhole.movie.edu.
Binary Representation:
CNAME type code: 5
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ CNAME /
/ /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
where:
CNAME A domain-name which specifies the canonical
or primary name for the owner. The owner name is
an alias.| HINFO host information |
Example:owner ttl class HINFO cpu os
grizzly.movie.edu. IN HINFO VAX-11/780 UNIX
Binary Representation:
HINFO type code: 13
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ CPU /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ OS /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
where:
CPU A character-string which specifies the CPU type.
OS A character-string which specifies the
operating system type.| MB mailbox domain name (experimental) |
Example:owner ttl class MB mbox-dname
al.movie.edu. IN MB robocop.movie.edu.
Binary Representation:
MB type code: 7
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ MADNAME /
/ /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
where:
MADNAME A domain-name which specifies a host which has
the specified mailbox.| MD mail destination (obsolete) |
| MF mail forwarder (obsolete) |
| MG mail group member (experimental) |
Example:owner ttl class MG mgroup-dname
admin.movie.edu. IN MG al.movie.edu.
IN MG ed.movie.edu.
IN MG jc.movie.edu.MG type code: 8
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ MGMNAME /
/ /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
where:
MGMNAME A domain-name which specifies a mailbox which
is a member of the mail group specified by the
domain name.| MINFO mailbox or mail list information (experimental) |
Example:owner ttl class MINFO resp-mbox error-mbox
admin.movie.edu. IN MINFO al.movie.edu. al.movie.edu.
Binary Representation:
MINFO type code: 14
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ RMAILBX /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ EMAILBX /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
where:
RMAILBX A domain-name which specifies a mailbox which
is responsible for the mailing list or mailbox.
If this domain name names the root, the owner of
the MINFO RR is responsible for itself. Note
that many existing mailing lists use a mailbox
X-request for the RMAILBX field of mailing list
X, e.g., Msgroup-request for Msgroup. This field
provides a more general mechanism.
EMAILBX A domain-name which specifies a mailbox which is
to receive error messages related to the mailing
list or mailbox specified by the owner of the
MINFO RR (similar to the ERRORS-TO: field which has
been proposed). If this domain name names the root,
errors should be returned to the sender of the
message.| MR mail rename (experimental) |
Example:owner ttl class MR new-mbox
eddie.movie.edu. IN MR eddie.bornagain.edu.
Binary Representation:
MR type code: 9
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ NEWNAME /
/ /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
where:
NEWNAME A domain-name which specifies a mailbox which
is the proper rename of the specified mailbox.| MX mail exchanger |
Example:owner ttl class MX preference exchange-dname
ora.com. IN MX 0 ora.ora.com.
IN MX 10 ruby.ora.com.
IN MX 10 opal.ora.com.MX type code: 15
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| PREFERENCE |
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ EXCHANGE /
/ /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
where:
PREFERENCE A 16 bit integer which specifies the preference
given to this RR among others at the same owner.
Lower values are preferred.
EXCHANGE A domain-name which specifies a host willing
to act as a mail exchange for the owner name.| NS name server |
Example:owner ttl class NS name-server-dname
movie.edu. IN NS terminator.movie.edu
Binary Representation:
NS type code: 2
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ NSDNAME /
/ /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
where:
NSDNAME A domain-name which specifies a host which
should be authoritative for the specified
class and domain.| NULL null (experimental) |
NULL type code: 10
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ anything /
/ /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
Anything at all may be in the RDATA field so long as it is 65535
octets or less.| PTR pointer |
Example:owner ttl class PTR dname
1.249.249.192.in-addr.arpa. IN PTR wormhole.movie.edu.
Binary Representation:
PTR type code: 12
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ PTRDNAME /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
where:
PTRDNAME A domain-name which points to some location in
the domain name space.| SOA start of authority |
Example:owner ttl class SOA source-dname mbox (serial refresh retry expire minimum)
movie.edu. IN SOA terminator.movie.edu. al.robocop.movie.edu. (
1 ; Serial
10800 ; Refresh after 3 hours
3600 ; Retry after 1 hour
604800 ; Expire after 1 week
86400 ) ; Minimum TTL of 1 daySOA type code: 6
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ MNAME /
/ /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ RNAME /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| SERIAL |
| |
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| REFRESH |
| |
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| RETRY |
| |
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| EXPIRE |
| |
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| MINIMUM |
| |
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
where:
MNAME The domain-name of the name server that was the
original or primary source of data for this zone.
RNAME A domain-name which specifies the mailbox of the
person responsible for this zone.
SERIAL The unsigned 32 bit version number of the original
copy of the zone. Zone transfers preserve this
value. This value wraps and should be compared
using sequence space arithmetic.
REFRESH A 32 bit time interval before the zone should be
refreshed.
RETRY A 32 bit time interval that should elapse before
a failed refresh should be retried.
EXPIRE A 32 bit time value that specifies the upper limit
on the time interval that can elapse before the
zone is no longer authoritative.
MINIMUM The unsigned 32 bit minimum TTL field that should
be exported with any RR from this zone.| TXT text |
Example:owner ttl class TXT txt-strings
cujo.movie.edu. IN TXT "Location: machine room dog house"
Binary Representation:
TXT type code: 16
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ TXT-DATA /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
where:
TXT-DATA One or more character-strings.| WKS well-known services |
Example:owner ttl class WKS address protocol service-list
terminator.movie.edu. IN WKS 192.249.249.3 TCP ( telnet smtp
ftp shell domain )WKS type code: 11
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| ADDRESS |
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| PROTOCOL | |
+--+--+--+--+--+--+--+--+ |
| |
/ BIT MAP /
/ /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
where:
ADDRESS An 32 bit Internet address
PROTOCOL An 8 bit IP protocol number
BIT MAP A variable length bit map. The bit map must
be a multiple of 8 bits long.A.1.3. New Types from RFC 1183
| AFSDB Andrew File System Data Base (experimental) |
Example:owner ttl class AFSDB subtype hostname
fx.movie.edu. IN AFSDB 1 bladerunner.fx.movie.edu.
IN AFSDB 2 bladerunner.fx.movie.edu.
IN AFSDB 1 empire.fx.movie.edu.
IN AFSDB 2 aliens.fx.movie.edu.AFSDB type code: 18
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| SUBTYPE |
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ HOSTNAME /
/ /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
where:
SUBTYPE Subtype 1 is an AFS cell database server. Subtype 2
is a DCE authenticated name server.
HOSTNAME A domain-name which specifies a host that has a
server for the cell named by the owner of the RR.| ISDN Integrated Services Digital Network address (experimental) |
Example:owner ttl class ISDN ISDN-address sa
Binary Representation:delay.hp.com. IN ISDN 141555514539488 hep.hp.com. IN ISDN 141555514539488 004
ISDN type code: 20
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ ISDN ADDRESS /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ SUBADDRESS /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
where:
ISDN ADDRESS A character-string which identifies the ISDN number
of owner and DDI (Direct Dial In) if any.
SUBADDRESS An optional character-string specifying the
subaddress.| RP Responsible Person (experimental) |
Example:owner ttl class RP mbox-dname txt-dname
; The current origin is fx.movie.edu
@ IN RP ajs.fx.movie.edu. ajs.fx.movie.edu.
bladerunner IN RP root.fx.movie.edu. hotline.fx.movie.edu.
IN RP richard.fx.movie.edu. rb.fx.movie.edu.
ajs IN TXT "Arty Segue, (415) 555-3610"
hotline IN TXT "Movie U. Network Hotline, (415) 555-4111"
rb IN TXT "Richard Boisclair, (415) 555-9612"RP type code: 17
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ MAILBOX /
/ /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ TXTDNAME /
/ /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
where:
MAILBOX A domain-name that specifies the mailbox for
the responsible person.
TXTDNAME A domain-name for which TXT RR's exist. A
subsequent query can be performed to retrieve
the associated TXT resource records at
txt-dname| RT Route Through (experimental) |
Example:owner ttl class RT preference intermediate-host
sh.prime.com. IN RT 2 Relay.Prime.COM.
IN RT 10 NET.Prime.COM.RT type code: 21
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| PREFERENCE |
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ INTERMEDIATE /
/ /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
where:
PREFERENCE A 16 bit integer which specifies the preference
given to this RR among others at the same owner.
Lower values are preferred.
EXCHANGE A domain-name which specifies a host which will
serve as an intermediate in reaching the host
specified by owner.| X25 X.25 address (experimental) |
Example:owner ttl class X25 PSDN-address
Binary Representation:relay.pink.com. IN X25 31105060845
X25 type code: 19
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ PSDN ADDRESS /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
where:
PSDN ADDRESS A character-string which identifies the PSDN
(Public Switched Data Network) address in the
X.121 numbering plan associated with owner.A.1.4. New Types from RFC 1664
| PX pointer to X.400/RFC 822 mapping information |
Example:owner ttl class PX preference RFC822 address X.400 address
Binary Representation:ab.net2.it. IN PX 10 ab.net2.it. O-ab.PRMD-net2.ADMDb.C-it.
PX type code: 26
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| PREFERENCE |
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ MAP822 /
/ /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ MAPX400 /
/ /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
where:
PREFERENCE A 16 bit integer which specifies the preference given to
this RR among others at the same owner. Lower values
are preferred.
MAP822 A domain-name element containing rfc822-domain, the
RFC 822 part of the RFC 1327 mapping information.
MAPX400 A domain-name element containing the value of
x400-in-domain-syntax derived from the X.400 part of
the RFC 1327 mapping information. |  | |
| 16.8. DNS and Windows 2000 |  | A.2. DNS Messages |
