AXFR : Full Zone Transfer ( RFC 1035)
Transfer entire zone file from the master name server to secondary name servers. |
HIP : Host Identity Protocol ( RFC 5205)
Method of separating the end-point identifier and locator roles of IP addresses. |
TKEY : Transaction Key ( RFC 2930)
One way of providing a key to be used with TSIG |
NS : name server record ( RFC 1035)
Delegates a DNS zone to use the given authoritative name servers |
MX : mail exchange record ( RFC 1035)
Maps a domain name to a list of mail exchange servers for that domain |
KEY : Key record ( RFC 4034)
Used only for TKEY (RFC 2930). Before RFC 3755 was published, this was also used for DNSSEC, but DNSSEC now uses DNSKEY. |
NAPTR : Naming Authority Pointer ( RFC 3403)
Allows regular expression based rewriting of domain names which can then be used as URIs, further domain names to lookups, etc. |
SOA : start of authority record ( RFC 1035)
Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone. |
SPF : SPF record ( RFC 4408)
Specified as part of the SPF protocol, as an alternative to storing SPF data in TXT records. Uses the same format as the TXT record. |
SSHFP : SSH Public Key Fingerprint ( RFC 4255)
Resource record for publishing SSH public host key fingerprints in the DNS System, in order to aid in verifying the authenticity of the host. |
NSEC3 : NSEC record version 3 ( RFC 5155)
An extension to DNSSEC that allows proof of nonexistence for a name without permitting zonewalking |
TXT : Text record ( RFC 1035)
Originally for arbitrary human-readable text in a DNS record. Since the early 1990s, however, this record more often carries machine-readable data, such as specified by RFC 1464, opportunistic encryption, Sender Policy Framework, DomainKeys, DNS-SD, etc. |
* : All cached records ( RFC 1035)
Returns all records of all types known to the name server. If the name server does not have any information on the name, the request will be forwarded on. The records returned may not be complete. For example, if there is both an A and an MX for a name, but the name server has only the A record cached, only the A record will be returned. |
NSEC : Next-Secure record ( RFC 4034)
Part of DNSSEC—used to prove a name does not exist. Uses the same format as the (obsolete) NXT record. |
DNAME : delegation name ( RFC 2672)
DNAME will delegate an entire portion of the DNS tree under a new name. In contrast, the CNAME record creates an alias of a single name. Like the CNAME record, the DNS lookup will continue by retrying the lookup with the new name. |
DLV : DNSSEC Lookaside Validation record ( RFC 4431)
For publishing DNSSEC trust anchors outside of the DNS delegation chain. Uses the same format as the DS record. RFC 5074 describes a way of using these records. |
SRV : Service locator ( RFC 2782)
Generalized service location record, used for newer protocols instead of creating protocol-specific records such as MX. |
CERT : Certificate record ( RFC 4398)
Stores PKIX, SPKI, PGP, etc. |
