Domain Name System (DNS) Parameters
2024-03-06
DNS CLASSes
Petr Špaček, Ladislav Lhotka
As noted in , Multicast DNS can only carry DNS records with classes in the range 0-32767.
Classes in the range 32768 to 65535 are incompatible with Multicast DNS.
When this registry is modified, the YANG module iana-dns-class-rr-type
must be updated as defined in .
0
0x0000
Standards Action
1-127
0x0000-0x007F
IETF Review
data CLASSes only
128-253
0x0080-0x00FD
IETF Review
QCLASSes and meta-CLASSes only
256-32767
0x0100-0x7FFF
IETF Review
32768-57343
0x8000-0xDFFF
Specification Required
data CLASSes only
57344-65279
0xE000-0xFEFF
Specification Required
QCLASSes and meta-CLASSes only
65280-65534
0xFF00-0xFFFE
Private Use
65535
0xFFFF
Standards Action
0
0x0000
Reserved
1
0x0001
Internet (IN)
2
0x0002
Unassigned
3
0x0003
Chaos (CH)
D. Moon, "Chaosnet", A.I. Memo 628, Massachusetts Institute of
Technology Artificial Intelligence Laboratory, June 1981.
4
0x0004
Hesiod (HS)
Dyer, S., and F. Hsu, "Hesiod", Project Athena Technical
Plan - Name Service, April 1987.
5-253
0x0005-0x00FD
Unassigned
254
0x00FE
QCLASS NONE
255
0x00FF
QCLASS * (ANY)
256-65279
0x0100-0xFEFF
Unassigned
65280-65534
0xFF00-0xFFFE
Reserved for Private Use
65535
0xFFFF
Reserved
Resource Record (RR) TYPEs
Roy Arends, Frederico AC Neves, Olafur Gudmundsson, Ray Bellis
When this registry is modified, the YANG module iana-dns-class-rr-type
must be updated as defined in .
0
0x0000
RRTYPE zero is used as a special indicator for the SIG RR
, and in other circumstances and must never
be allocated for ordinary use.
1-127
0x0000-0x007F
Expert Review (see mailing list information in ) or Standards Action
data TYPEs
128-255
0x0080-0x00FF
Expert Review (see mailing list information in ) or Standards Action
Q TYPEs, Meta TYPEs
256-61439
0x0100-0xEFFF
Expert Review (see mailing list information in ) or Standards Action
data RRTYPEs
61440-65279
0xF000-0xFEFF
Reserved for future use (IETF Review required to define use)
65280-65534
0xFF00-0xFFFE
Private Use
65535
0xFFFF
Reserved (Standards Action)
Reserved
0
A
1
a host address
NS
2
an authoritative name server
MD
3
a mail destination (OBSOLETE - use MX)
MF
4
a mail forwarder (OBSOLETE - use MX)
CNAME
5
the canonical name for an alias
SOA
6
marks the start of a zone of authority
MB
7
a mailbox domain name (EXPERIMENTAL)
MG
8
a mail group member (EXPERIMENTAL)
MR
9
a mail rename domain name (EXPERIMENTAL)
NULL
10
a null RR (EXPERIMENTAL)
WKS
11
a well known service description
PTR
12
a domain name pointer
HINFO
13
host information
MINFO
14
mailbox or mail list information
MX
15
mail exchange
TXT
16
text strings
RP
17
for Responsible Person
AFSDB
18
for AFS Data Base location
X25
19
for X.25 PSDN address
ISDN
20
for ISDN address
RT
21
for Route Through
NSAP
22
for NSAP address, NSAP style A record (DEPRECATED)
status-change-int-tlds-to-historic
NSAP-PTR
23
for domain name pointer, NSAP style (DEPRECATED)
status-change-int-tlds-to-historic
SIG
24
for security signature
KEY
25
for security key
PX
26
X.400 mail mapping information
GPOS
27
Geographical Position
AAAA
28
IP6 Address
LOC
29
Location Information
NXT
30
Next Domain (OBSOLETE)
EID
31
Endpoint Identifier
NIMLOC
32
Nimrod Locator
SRV
33
Server Selection
ATMA
34
ATM Address
ATM Forum Technical Committee, "ATM Name System, V2.0", Doc ID: AF-DANS-0152.000, July 2000. Available from and held in escrow by IANA.
NAPTR
35
Naming Authority Pointer
KX
36
Key Exchanger
CERT
37
CERT
A6
38
A6 (OBSOLETE - use AAAA)
DNAME
39
DNAME
SINK
40
SINK
OPT
41
OPT
APL
42
APL
DS
43
Delegation Signer
SSHFP
44
SSH Key Fingerprint
IPSECKEY
45
IPSECKEY
RRSIG
46
RRSIG
NSEC
47
NSEC
DNSKEY
48
DNSKEY
DHCID
49
DHCID
NSEC3
50
NSEC3
NSEC3PARAM
51
NSEC3PARAM
TLSA
52
TLSA
SMIMEA
53
S/MIME cert association
SMIMEA/smimea-completed-template
Unassigned
54
HIP
55
Host Identity Protocol
NINFO
56
NINFO
NINFO/ninfo-completed-template
RKEY
57
RKEY
RKEY/rkey-completed-template
TALINK
58
Trust Anchor LINK
TALINK/talink-completed-template
CDS
59
Child DS
CDS/cds-completed-template
CDNSKEY
60
DNSKEY(s) the Child wants reflected in DS
OPENPGPKEY
61
OpenPGP Key
OPENPGPKEY/openpgpkey-completed-template
CSYNC
62
Child-To-Parent Synchronization
ZONEMD
63
Message Digest Over Zone Data
ZONEMD/zonemd-completed-template
SVCB
64
General-purpose service binding
SVCB/svcb-completed-template
HTTPS
65
SVCB-compatible type for use with HTTP
HTTPS/https-completed-template
Unassigned
66-98
SPF
99
UINFO
100
IANA-Reserved
UID
101
IANA-Reserved
GID
102
IANA-Reserved
UNSPEC
103
IANA-Reserved
NID
104
ILNP/nid-completed-template
L32
105
ILNP/l32-completed-template
L64
106
ILNP/l64-completed-template
LP
107
ILNP/lp-completed-template
EUI48
108
an EUI-48 address
EUI48/eui48-completed-template
EUI64
109
an EUI-64 address
EUI64/eui64-completed-template
Unassigned
110-248
TKEY
249
Transaction Key
TSIG
250
Transaction Signature
IXFR
251
incremental transfer
AXFR
252
transfer of an entire zone
MAILB
253
mailbox-related RRs (MB, MG or MR)
MAILA
254
mail agent RRs (OBSOLETE - see MX)
*
255
A request for some or all records the server has available
URI
256
URI
URI/uri-completed-template
CAA
257
Certification Authority Restriction
CAA/caa-completed-template
AVC
258
Application Visibility and Control
AVC/avc-completed-template
DOA
259
Digital Object Architecture
DOA/doa-completed-template
AMTRELAY
260
Automatic Multicast Tunneling Relay
AMTRELAY/amtrelay-completed-template
RESINFO
261
Resolver Information as Key/Value Pairs
RESINFO/resinfo-completed-template
Unassigned
262-32767
TA
32768
DNSSEC Trust Authorities
Deploying DNSSEC Without a Signed Root. Technical Report 1999-19,
Information Networking Institute, Carnegie Mellon University, April 2004.
DLV
32769
DNSSEC Lookaside Validation (OBSOLETE)
Unassigned
32770-65279
Private use
65280-65534
Reserved
65535
In , two types are defined. It is not clear that these
are in use, though if so their assignment does conflict with those
above.
NB 32 NetBIOS general Name Service
NBSTAT 33 NetBIOS NODE STATUS
DNS OpCodes
Standards Action
0
Query
1
IQuery (Inverse Query, OBSOLETE)
2
Status
3
Unassigned
4
Notify
5
Update
6
DNS Stateful Operations (DSO)
7-15
Unassigned
DNS RCODEs
0-3840
IETF Review
3841-4095
Private Use
4096-65534
IETF Review
65535
Reserved (Standards Action)
0
NoError
No Error
1
FormErr
Format Error
2
ServFail
Server Failure
3
NXDomain
Non-Existent Domain
4
NotImp
Not Implemented
5
Refused
Query Refused
6
YXDomain
Name Exists when it should not
7
YXRRSet
RR Set Exists when it should not
8
NXRRSet
RR Set that should exist does not
9
NotAuth
Server Not Authoritative for zone
9
NotAuth
Not Authorized
10
NotZone
Name not contained in zone
11
DSOTYPENI
DSO-TYPE Not Implemented
12-15
Unassigned
16
BADVERS
Bad OPT Version
16
BADSIG
TSIG Signature Failure
17
BADKEY
Key not recognized
18
BADTIME
Signature out of time window
19
BADMODE
Bad TKEY Mode
20
BADNAME
Duplicate key name
21
BADALG
Algorithm not supported
22
BADTRUNC
Bad Truncation
23
BADCOOKIE
Bad/missing Server Cookie
24-3840
Unassigned
3841-4095
Reserved for Private Use
4096-65534
Unassigned
65535
Reserved, can be allocated by Standards Action
AFSDB RR Subtype
Registry closed per
0
0x0000
Reserved; registry closed
1
0x0001
Andrews File Service v3.0 Location Service
2
0x0002
DCE/NCA root cell directory node
3-65279
0x0003-0xFEFF
Not allocated; registry closed
65280-65534
0xFF00-0xFFFE
Reserved for Private Use
65535
0xFFFF
Reserved; registry closed
DHCID RR Identifier Type Codes
Standards Action
Olafur Gudmundsson
Registration rules to be as follows:
New DHCID RR type codes are tentatively assigned after the specification for the
associated type code, published as an Internet Draft, has received expert review
by a designated expert. The final assignment of DHCID RR type codes is through
Standards Action, as defined in .
0x0000
The 1-octet 'htype' followed by 'hlen' octets
of 'chaddr' from a DHCPv4 client's DHCPREQUEST.
0x0001
The data octets (i.e., the Type and
Client-Identifier fields) from a DHCPv4
client's Client Identifier option.
0x0002
The client's DUID (i.e., the data octets of a
DHCPv6 client's Client Identifier option
or the DUID field from a DHCPv4 client's
Client Identifier option).
0x0003-0xFFFE
Unassigned
0xFFFF
Reserved
DHCID RR Digest Type Codes
Standards Action
0
Reserved
1
SHA-256
2-255
Unassigned
DNS Label Types
Standards Action
The top 2 bits of the first byte of an DNS label indicate the type of label.
0 0
Normal label lower 6 bits is the length of the label
Standard
1 1
Compressed label the lower 6 bits and the 8 bits
from next octet form a pointer to the compression target.
Standard
0 1
Extended label type the lower 6 bits of this type
(section 3) indicate the type of label in use
Proposed
0 1 0 0 0 0 0 1
Binary Label
Historic
0 1 1 1 1 1 1 1
Reserved for future expansion.
Proposed
1 0
Unallocated
DNS EDNS0 Option Codes (OPT)
1-65000
Expert Review
65001-65534
Local/Experimental Use
Olafur Gudmundsson (primary), Frederico AC Neves (secondary), Ray Bellis (secondary), Roy Arends (secondary)
Registrations made by standards-track documents are listed as "Standard,"
and by non-standards-track documents as "Optional." Registrations for
which there are no final specifications are listed as "On-Hold."
0
Reserved
1
LLQ
Optional
2
UL
On-hold
3
NSID
Standard
4
Reserved
5
DAU
Standard
6
DHU
Standard
7
N3U
Standard
8
edns-client-subnet
Optional
9
EDNS EXPIRE
Optional
10
COOKIE
Standard
11
edns-tcp-keepalive
Standard
12
Padding
Standard
13
CHAIN
Standard
14
edns-key-tag
Optional
15
Extended DNS Error
Standard
16
EDNS-Client-Tag
Optional
17
EDNS-Server-Tag
Optional
18
Report-Channel
Standard
19-20291
Unassigned
20292
Umbrella Ident
Optional
20293-26945
Unassigned
26946
DeviceID
Optional
26947-65000
Unassigned
65001-65534
Reserved for Local/Experimental Use
65535
Reserved for future expansion
DNS Header Flags
Standards Action
In DNS query header there is a flag field in the second 16 bit word in
query from bit 5 through bit 11 ( section 4.1.1)
bit 5
AA
Authoritative Answer
bit 6
TC
Truncated Response
bit 7
RD
Recursion Desired
bit 8
RA
Recursion Available
bit 9
Reserved
bit 10
AD
Authentic Data
bit 11
CD
Checking Disabled
EDNS Header Flags (16 bits)
Standards Action
Bit 0
DO
DNSSEC answer OK
Bit 1-15
Reserved
EDNS version Number (8 bits)
Standards Action
0
EDNS version 0
1-255
Unassigned
Child Synchronization (CSYNC) Flags
Standards Action
0
immediate
Immediately process this CSYNC record.
RFC7477, Section 3
1
soaminimum
Require a SOA serial number greater than the one specified.
RFC7477, Section 2.1.1.1
2-15
Unassigned
Underscored and Globally Scoped DNS Node Names
Expert Review
Frederico A C Neves, Paul Wouters
*
_example
RFC8552, Section 4.1.4
HTTPS
_https
NULL
_ta-*
OPENPGPKEY
_openpgpkey
SMIMEA
_smimecert
SRV
_dccp
SRV
_http
SRV
_ipv6
SRV
_ldap
SRV
_ocsp
SRV
_sctp
SRV
_sip
SRV
_tcp
SRV
_udp
SRV
_xmpp
SVCB
_dns
TLSA
_dane
TLSA
_sctp
TLSA
_tcp
TLSA
_udp
TXT
_acme-challenge
TXT
_dmarc
TXT
_domainkey
TXT
_er
TXT
_mta-sts
TXT
_spf
TXT
_sztp
TXT
_tcp
TXT
_udp
TXT
_validation-contactemail
TXT
_validation-contactphone
TXT
_vouch
URI
_acct
URI
_dccp
URI
_email
URI
_ems
URI
_fax
URI
_ft
URI
_h323
URI
_iax
URI
_ical-access
URI
_ical-sched
URI
_ifax
URI
_im
URI
_mms
URI
_pres
URI
_pstn
URI
_sctp
URI
_sip
URI
_sms
URI
_tcp
URI
_udp
URI
_unifmsg
URI
_vcard
URI
_videomsg
URI
_voice
URI
_voicemsg
URI
_vpim
URI
_web
URI
_xmpp
From RFC8552, Section 4.1.3 _ta:
Under the NULL RR, the entry "_ta-*" denotes all node names beginning
with the string "_ta-*". It does NOT refer to a DNS wildcard
specification.
DSO Type Codes
0x0004-0x003F
Standards Action
0x0040-0xF7FF
Expert Review
0xF800-0xFBFF
Experimental/Local Use
0xFC00-0xFFFF
Standards Action
Ted Lemon, Sara Dickinson, John Dickinson
0x0000
Reserved
NO
Standards Track
0x0001
KeepAlive
OK
Standards Track
0x0002
RetryDelay
NO
Standards Track
0x0003
EncryptionPadding
NA
Standards Track
0x0004-0x003F
Unassigned, reserved for DSO session-management TLVs
NO
0x0040
SUBSCRIBE
OK
Standards Track
RF8765, Section 6.2
0x0041
PUSH
NO
Standards Track
RF8765, Section 6.3
0x0042
UNSUBSCRIBE
NO
Standards Track
RF8765, Section 6.4
0x0043
RECONFIRM
NO
Standards Track
RF8765, Section 6.5
0x0044-0xF7FF
Unassigned
NO
0xF800-0xFBFF
Reserved for Experimental/Local Use
NO
0xFC00-0xFFFF
Reserved for future expansion
NO
Extended DNS Error Codes
0-49151
First Come First Served
49152-65535
Private Use
0
Other Error
RFC8914, Section 4.1
1
Unsupported DNSKEY Algorithm
RFC8914, Section 4.2
2
Unsupported DS Digest Type
RFC8914, Section 4.3
3
Stale Answer
RFC8914, Section 4.4
4
Forged Answer
RFC8914, Section 4.5
5
DNSSEC Indeterminate
RFC8914, Section 4.6
6
DNSSEC Bogus
RFC8914, Section 4.7
7
Signature Expired
RFC8914, Section 4.8
8
Signature Not Yet Valid
RFC8914, Section 4.9
9
DNSKEY Missing
RFC8914, Section 4.10
10
RRSIGs Missing
RFC8914, Section 4.11
11
No Zone Key Bit Set
RFC8914, Section 4.12
12
NSEC Missing
RFC8914, Section 4.13
13
Cached Error
RFC8914, Section 4.14
14
Not Ready
RFC8914, Section 4.15
15
Blocked
RFC8914, Section 4.16
16
Censored
RFC8914, Section 4.17
17
Filtered
RFC8914, Section 4.18
18
Prohibited
RFC8914, Section 4.19
19
Stale NXDomain Answer
RFC8914, Section 4.20
20
Not Authoritative
RFC8914, Section 4.21
21
Not Supported
RFC8914, Section 4.22
22
No Reachable Authority
RFC8914, Section 4.23
23
Network Error
RFC8914, Section 4.24
24
Invalid Data
RFC8914, Section 4.25
25
Signature Expired before Valid
26
Too Early
27
Unsupported NSEC3 Iterations Value
28
Unable to conform to policy
29
Synthesized
30-49151
Unassigned
49152-65535
Reserved for Private Use
RFC8914, Section 5.2
ZONEMD Schemes
1-239
Specification Required
240-254
Private Use
Warren Kumari, Duane Wessels, Wes Hardaker
0
Reserved
1
Simple ZONEMD collation
SIMPLE
2-239
Unassigned
240-254
Reserved for Private Use
N/A
255
Reserved
ZONEMD Hash Algorithms
1-239
Specification Required
240-254
Private Use
Warren Kumari, Duane Wessels, Wes Hardaker
0
Reserved
1
SHA-384
SHA384
2
SHA-512
SHA512
3-239
Unassigned
240-254
Reserved for Private Use
N/A
255
Reserved
DNS Server Cookie Methods
Ondřej Surý, Donald Eastlake
A Server Cookie method (construction and pseudorandom algorithm)
is determined by the Version in the first byte of the Cookie and by
the Cookie size. Server Cookie size is limited to the inclusive
range of 8 to 32 bytes.
Version 1-239, Size 8-32
Expert Review
Version 240-254, Size 8-32
Private Use
0
8-32
Reserved
1
8-15
Unassigned
1
16
SipHash-2-4
1
17-32
Unassigned
2-239
8-32
Unassigned
240-254
8-32
Reserved for Private Use
255
8-32
Reserved
DNS-over-QUIC Error Codes
provisional (greater than 0x3f)
Expert Review
provisional registration Date field update
First Come First Served
permanent, 0x00-0x3f
Standards Action or IESG Approval
permanent, greater than 0x3f
Specification Required
Sara Dickinson, Christian Huitema
0x0
DOQ_NO_ERROR
No error
permanent
RFC9250, Section 4.3
2022-04-01
0x1
DOQ_INTERNAL_ERROR
Implementation error
permanent
RFC9250, Section 4.3
2022-04-01
0x2
DOQ_PROTOCOL_ERROR
Generic protocol violation
permanent
RFC9250, Section 4.3
2022-04-01
0x3
DOQ_REQUEST_CANCELLED
Request cancelled by client
permanent
RFC9250, Section 4.3
2022-04-01
0x4
DOQ_EXCESSIVE_LOAD
Closing a connection for excessive load
permanent
RFC9250, Section 4.3
2022-04-01
0x5
DOQ_UNSPECIFIED_ERROR
No error reason specified
permanent
RFC9250, Section 4.3
2022-04-01
0xd098ea5e
DOQ_ERROR_RESERVED
Alternative error code used for tests
permanent
RFC9250, Section 4.3
2022-04-01
DNS Catalog Zones Properties
property prefix ends in the label "ext"
Private Use
all other property prefixes
Expert Review
Peter Thomassen, Ondřej Surý, Willem Toorop
This registry applies to Catalog Zones schema version "2" as specified
in .
zones
List of member zones
Standards Track
version
Schema version
Standards Track
coo
Change of Ownership
Standards Track
group
Group
Standards Track
*.ext
Custom properties
Private Use
Cisco CIE DNS team
mailto:cie-eng.dns-team&cisco.com
2021-08-31
Donald E. Eastlake, III
mailto:d3e3e3&gmail.com
1997-11
DPRIVE working group
mailto:dns-privacy&ietf.org
2022-04-01
Jim Reid
mailto:jim&telnic.org
2008-01-21
Michael Patton
mailto:map&bbn.com
1995-06
Otto Moerbeek
mailto:otto.moerbeek&powerdns.com
2023-03-29
Sam Weiler
mailto:weiler+iana&tislabs.com
2005-12
Willem Toorop
mailto:willem&nlnetlabs.nl
2022-02-11
Wolfgang Riedel
mailto:wolfgang&cisco.com
2016-02-26
Wouter Wijngaards
mailto:wouter&nlnetlabs.nl
2010-02-17