DS : Delegation signer ( RFC 4034)
The record used to identify the DNSSEC signing key of a delegated zone |
|
TA : DNSSEC Trust Authorities (None)
Part of a deployment proposal for DNSSEC without a signed DNS root. See the IANA database and Weiler Spec] for details. Uses the same format as the DS record.
|
NS : name server record ( RFC 1035)
Delegates a DNS zone to use the given authoritative name servers |
IXFR : Incremental Zone Transfer ( RFC 1995)
Requests a zone transfer of the given zone but only differences from a previous serial number. This request may be ignored and a full (AXFR) sent in response if the authoritative server is unable to fulfill the request due to configuration or lack of required deltas. |
KEY : Key record ( RFC 4034)
Used only for TKEY (RFC 2930). Before RFC 3755 was published, this was also used for DNSSEC, but DNSSEC now uses DNSKEY. |
DNAME : delegation name ( RFC 2672)
DNAME will delegate an entire portion of the DNS tree under a new name. In contrast, the CNAME record creates an alias of a single name. Like the CNAME record, the DNS lookup will continue by retrying the lookup with the new name. |
DLV : DNSSEC Lookaside Validation record ( RFC 4431)
For publishing DNSSEC trust anchors outside of the DNS delegation chain. Uses the same format as the DS record. RFC 5074 describes a way of using these records. |
RRSIG : DNSSEC signature ( RFC 4034)
Signature for a DNSSEC-secured record set. Uses the same format as the SIG record. |
TSIG : Transaction Signature ( RFC 2845)
Record that supports one set of security mechanisms for DNS. Used to secure communication between DNS resolvers and Name servers, in contrast to DNSSEC, which secures the actual DNS records from the authoritative name server. |
OPT : Option ( RFC 2671)
This is a 'pseudo DNS record type' needed to support EDNS |
AFSDB : AFS database record ( RFC 1183)
Location of database servers of an AFS cell. This record is commonly used by AFS clients to contact AFS cells outside their local domain. A subtype of this record is used by the obsolete DCE/DFS file system. |
TKEY : Transaction Key ( RFC 2930)
One way of providing a key to be used with TSIG |
CERT : Certificate record ( RFC 4398)
Stores PKIX, SPKI, PGP, etc. |
AAAA : IPv6 address record ( RFC 3596)
Returns a 128-bit IPv6 address, most commonly used to map hostnames to an IP address of the host. |
A : address record ( RFC 1035)
Returns a 32-bit IPv4 address, most commonly used to map hostnames to an IP address of the host, but also used for DNSBLs, storing subnet masks in RFC 1101, etc. |
SOA : start of authority record ( RFC 1035)
Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone. |
NSEC3PARAM : NSEC3 parameters ( RFC 5155)
Parameter record for use with NSEC3 |
NSEC : Next-Secure record ( RFC 4034)
Part of DNSSEC—used to prove a name does not exist. Uses the same format as the (obsolete) NXT record. |
