DNS - Domain Name Server Glossary
DNS - Domain Name System or Domain Name Server terms and abbreviations glossary. DNS works as the yellow pages or phone books of the Internet. It tells your browser where the content for the requested URL is located to retrieve it.
Source: The Men & Mice DNS Glossary
- A Record
- Address Record, assigns an IP address to a domain name. When the domain name system was designed it was recommended that no two A records refer to the same IP address. This is not practical due to the limitations of CNAME records.
- See CNAME record
Term used to describe zones and domain names. Root, written as "." is the ultimate ancestor zone. All top level domains like com, gov, and org are all its children. example.com is the child of com. gomer.example.com is the child of example.com. Com is an ancestor of gomer.exaple.com, as is ".". Another way to think of children is as subdirectories (delegations) of parent directories, or as folders within folders.
- top -
Adjective describing a name server or a response from a name server that is referencing its own native data. The authoritative server contains an entire copy of the zone that is derived from local configuration data, possibly with the help of another authoritative name server for the zone. Data is obtained without the need for caches or the help of any resolver. A server can be authoritative about one zone but not authoritative for another.
Berkeley Internet Name Daemon. The most common DNS software of the internet. Ported to every flavor of Unix and Windows NT (Windows is a Trademark of the Microsoft Corp.). Bind source code is maintained by the Internet Software Consortium
The act of recording authoritative response to resolver queries for future reference. Generally cached records will be purged after a predetermined time.
- Canonical Name
The real name of a host. Used in CNAME records, PTR records, NS records and MX records. A canonical name is something of a fiction because many servers have more then one equally valid name. Basically, any domain name that has an A record.
Classless Inter Domain Routing. Currently subnets are defined by the number of binary bits they have in common. This replaces the older subnet class system. Each octet of the IP address can be broken down into two hexadecimal digits; it takes 8 bits to represent each pair of hexadecimal digits. So a class A subnet which shares the first octet would be an 8 Bit subnet. A class B would be a 16 Bit subnet. A class C subnet would be a 24 bit subnet.
If your ISP provides you with a subnet you will likely have many more bits in common. For example, if you were given a 29 bit subnet, you would have 8 IP addresses, an Identifier address, 6 useable IP addresses, and a broadcast IP address.
- Class A Subnet
A subnet that shares the first octet
- Class B Subnet
A subnet that shares the first and second octets.
- top -
- Class C Subnet
A subnet that shares the first, second, and third octets.
- Classless Subnet Delegation
Tradationally, subnet delegations were intended to fall along subnet classes defined by the number of octets shared in common. Under this system the smallest subnet that could be created was the class c subnet with 256 IP addresses of which 254 are usable. However as time has passed and the demand on IP addresses has grown dramatically, it is no longer practical for providers to devote 256 addresses to customers only intending to use six or seven.
Classless subnets are delegated in the reverse zone of the parent that is delegating. The key tools for the delegation are PTR records, NS records and CNAME records. The NS records declares the existence of the subnet's domain name servers. The PTR records attach canonical names to reverse lookup addresses. CNAME records can be used to create aliases for simplification. The ways that these record types can be used to generate classless subnets varies from the crude:
The ISP delegates each IP address as a class D subnet with one or more NS records for each IP address, The customer must create a zone for each IP address, complete with its own SOA record, duplicates the NS records and a PTR record.
To the elegant: The ISP doesn't delegate at all, instead using one CNAME record for each reverse IP address in its reverse zone. For example: 126.96.36.199.in-addr.arpa. CNAME 9.example.com. The 9 attached to Example.com is an arbitrary label, chosen in this case to match the last digit of the reverse IP address. The customer will simply need a PTR record to resolve 9.example.com to an IP address.
- CNAME Record
Canonical Name Record. Creates an alias of a canonical name. The alias gains all properties of the original, including IP addresses and mail routes. Because of this, it is illegal for there to be any other record with the same owner name as a CNAME record. It is also illegal for any record other than a CNAME record to refer to an alias.
The process of separating a descendant of a zone into a separate zone. The delegation is accomplished with NS records and if necessary, A records. NS records used for this purpose are called "delegation records", A records used for this purpose are called "glue records."
Records in a delegation are an exception to the rule that a record should only be defined only in the zone that owns the name of the record.
Similar to nslookup. Another command line tool for querying DNS servers. Somewhat unwieldy, bundled with BIND. Like all Unix terms, dig is case sensitive and must always be used in lower case.
- DNS Server
A DNS Server is any piece of software that serves as a name server, a resolver, or both.
- top -
- DNS Spoofing
The basic purpose of spoofing is to confuse a DNS server into giving out bad information. The way it works is that an attacker sends a recursive query to the victim's server, using the victim's server to resolve the query. The answer to the query is in a zone the attacker controls. The answer given by the attacker's name server includes an authoritative record for a domain name controlled by a third party. That authoritative record is FALSE. The victim's server caches the bogus record. (Most modern servers will not cache a fake record because it does not fall in the same parent zone as the record that was requested.)
Once spoofed the victim's resolver will continue to use the false record it has in its cache, potentially misdirecting E-Mail, or any other internet service. This is a potential major security leak for credit card information, trade secrets, and other highly sensitive information.
Recent surveys indicate that 25-30% of servers on the Internet are spoofable. Further readings on DNS spoofing.
Most often used to refer to a domain zone, domain is also used to decribe a zone, or a domain name. This ambiguity results in an unbelieveable number of technical support questions, and is a driving force in the sales rate of "DNS and Bind."
- top -
- Domain Name
A unique designator on the Internet made up of symbols separated by dots, such as: This.is.a.sample.domain.name.com
The individual words or characters between the dots are called labels. The label furthest right represents the top level domain name, com, org, uk and so on. The second most right represents the second level of the domain name, or "second level domain."
Other terms are child and parent. Scrooge.com is the parent of Cratchet.Scrooge.com, Scrooge.com is the child of com.
There are certain rules required in domain name creation.
- The full domain name is limited to 255 characters.
- No label can be longer then 63 characters.
- Labels are made up of letters, numbers and hyphens, and may not start with hyphens. Under certain circumstances, the "/" and "_" characters are allowed.
- Labels are case insensitive.
- A domain name must be defined in its closest ancestral zone (The one with the most labels).
- Domain Name System
The domain name system is a distributed database arranged hierarchically. Its purpose is to provide a layer of abstraction between other Internet services (web, email, etc.) and the numeric addresses (IP addresses) used to uniquely identify any given machine on the Internet. This has several advantages:
- It permits use of names instead of numbers to identify hosts (usually servers). Names are much easier to remember.
- It permits a server to change numeric addresses without requiring notification of everyone on the Internet, by simply retargeting a name to the new numeric address.
- One name can refer to multiple hosts, to share the load.
There are more benefits, of more esoteric nature. This is all accomplished using resource records, which are organized into zones, which are in turn hosted by authoritative name servers.
- top -
- Domain Zone
Any zone that isn't a reverse zone. Root is an exception; root is not a domain zone. Sometimes called a forward domain, or forward zone. This terminology came about because of the ambiguity of the word domain, and use of the term reverse domain, which is now considered archaic.
- Dynamic IP Address
A Dynamic IP address is one that is temporarily assigned to a user by their internet service provider every time the connect. This cuts down on the number if IP addresses large consumer providers need because not all of their customers are using the service at any given time. It also cuts down on bandwidth usage by preventing consumers from hosting servers. Note: Recently a number of co/mpanies have started to offer services aimed at updating DNS for dynamically connected clients.
- Expire Field
Sixth field in an SOA record. Measured in seconds. If the refresh and retry attempts fail after that many seconds the server will stop serving the zone. Typical value is 1 week. Not used by a primary server.
- Forward Domain
Archaic, See Domain Zone
- Forward Zone
See Domain Zone.
- top -
The process of sending a recursive query sent from a host to a resolver, to a second predetermined resolver. Reasons for forwarding might involve a resolver having little or no net access, or if one resolver has a significantly larger cache.
- Fully Qualified Domain Name
A domain name that extends all the way back to root. Often written as FQDN. gomer.gimboid.com. is an FQDN. A common error is to leave the "." at the end off. gomer.example.com is NOT an FQDN, by leaving out the last "." Root is not included. An FQDN is required any time you reference a domain name outside a zone, optional when referencing names inside the zone. CNAME records, NS records, and MX records might refer to names outside the zone, they often require an FQDN
Note: If you put an unqualified domain name in any resource record, the name of the zone the record is in is appended, complete with the dot, to form a fully qualified domain name.
So if an MX record in exampe.com, pointing to Gomer.example.com does not include the final "." it will be appended as Gomer.example.com.example.com. However, if the MX record in the example had merely pointed to "Gomer", the auto-append would have created gomer.example.com.
- Fully Qualified Host Name
See Fully Qualified Domain Name.
- Glue Record
A glue record is an A record that is created as part of a delegation. If a zone is delegated to a name server whose hostname is a Descendant of that particular zone, then a glue record for that hostname must be included in the delegation.
- top -
Base 16 math. Computers normally "think" in base two math, called binary. The only two digits are 1 and 0. So in binary the number 5 would be represented by. 101 (1 in the fours place, and one in the ones place.) This binary thinking is generally translated into base 16 math. That is to say, you can have a single digit number as high as 15. Single digit numbers higher then 9 are usually represented by letters A-F. So the hexadecimal number C5 translates to 197 in normal base 10 math; 12 in the 16's place and 5 in the ones place.
- HINFO Record
Host Information Record. Strictly informational, not functional. Used to declare the computer type and operating system of a host.
A host is any machine on any network. On TCP/IP networks, each host has one or more unique IP addresses.
- Hostmaster field
The second field of an SOA record. Informational only, it holds the E-Mail address of the person responsible for maintaining the zone. Originally formatted as if it was a Hostname, the @ symbol was an invalid character.
The @ symbol was replaced by a ". ", and any "." preceding the "@" was replaced by "\.". Examples:
Relatively recently, the rules were changed to permit arbitrary characters in the Hostmaster field. Thus, the above rule is no longer necessary; however, it is still used by the majority of hostmasters, and it is assumed by many DNS validators.
- top -
A Hostname is any domain name that has one or more IP addresses associated with it. The association is created by placing an A record in the zone that owns the domain name. Zone A owns domain name D if: There are no other zones in the line of ancestry between A and D.
- IP Address
A unique identifier number for any host on any TCP/IP network, including the Internet. An IP address is made up of four octets. Each octet has a value between 0-255
- Iterative query
A request, usually made by a resolver, for any information a server already has in memory for a certain domain name.
An element of a domain name. No label can be longer then 63 characters. Labels are made up of letters, numbers and hyphens, but may not start with hyphens. Labels in a domain name are separated from each other by "."'s. Labels are case insensitive. For Example: WWW.All.These.8.labels.are.very-good.gov
- Lame Delegation
When an NS record points to an incorrect host. This can be caused when:
- A zone is delegated to a server that has not been properly configured to be authoritative for the zone.
- A server that is authoritative for the zone has an NS record that points to another that is not authoritative for the zone.
This will cause resolvers to direct queries to servers that will not respond authoritatively, if at all. This causes unnecessary network traffic and extra work for servers. 1/4th of all zones have lame delegations (source Domain Health Survey).
- Lame Server
See Lame Delegation.
- LOC Record
Location Record. Experimental, proposed in 1996. Informational, not functional. Used to give latitude and longitude, in degrees minutes and seconds, altitude in meters, and dimensions (in terms of meters) of a host. Of no practical use except to hi-tech thieves with a GPS tracker
- top -
- Mail Relay
The process of sending a message from one point to another through an intermediary. Any mail server that supports this should have some kind of filter system in place to avoid unauthorized use by spammers. Mail servers without this protection are open to hijacking. More on mail relay.
- Master Server
See Primary Server.
- Minimum Field
Seventh field in an SOA Record. The default TTL for every record in the zone. Can be overridden for any particular record. Typical values range from eight hours to four days. When changes are being made to a zone, often set at ten minutes or less.
- MX Record
Mail Exchange Record. Creates a mail route for a domain name. A domain name can have multiple mail routes, each assigned a priority number. The mail route with the lowest number identifies the server responsible for the domain. Other mail servers listed will be used as backups.
- Name Server
A name server is software that runs on a host that can be set to authoritatively answer queries for records in a zone.
- Negative Caching
A DNS resolver with negative caching will remember when it is told that a domain does not exist.
When iteratively querying a server in the ancestral line of the record that:
- Doesn't have the record.
- Has no relevant delegations.
The server will respond with an authoritative negative response. A resolver with negative caching will cache the negative response for a set time period, usually ten minutes. The resolver will reply with a non-authoritative negatives response to the query for that set period
- top -
- NS Record
Name Server Record. An NS record declares that a given zone is served by a given name server. Every NS record is either a delegation record or an authority Record. If the name of the NS record is the name of the zone it appears in, it is an authority record. If the name of the NS record is that of a descendant zone, then it is a delegation record.
BIND, a common Un*x DNS server, uses NS records in hint files for telling resolvers where to find root servers.
Standard tool for querying name servers in command line operating systems like Un*x and NT.
An octet is one of the four numbers making up an IP address. Octets values can range from 0 to 255. Each octet can be expressed as 8 binary bits, hence the name octet. An octet can also be represented by 2 digits of Hexadecimal.
The ancestor that is appended to an unqualified domain name to form a fully qualified domain name. Usually set to the zone name.
- top -
A zone owns itself and all descendant names that are not delegated. A server for a zone can respond authoritatively for any domain name owned by the zone.
- Primary Field
The first field of an SOA record. This field is informational only and has no function. It is intended to hold the hostname of the primary server.
- Primary Server
Also called a master server. An authoritative name server that gets its zone data from local configuration, not from an outside source. This term is used in terms of a specific zone. The primary server of one zone could be a secondary server in regards to another zone. Despite a common misconception, from a resolver's point of view, primary and secondary servers are equal in authority and priority.
- PTR Record
Pointer Record. Also called a reverse record. A PTR record associates an IP address with a canonical name. PTR records should point to a name that can be resolved back to the IP address. The name of the pointer record is not the IP address itself, but is the IP address' four IP octets in reverse order followed by IN-ADDR.ARPA. for Example: 192.168.0.1 becomes 188.8.131.52.IN-ADDR.ARPA.
A request for records of a certain name to be sent to a certain DNS server. A query is properly answered by:
- An answer section, containing any records the server has that answer the query
- An authority section, containing NS records indicating where to look for more information
- An additional section, containing any additional records that might be useful in interpreting the answer and authority sections. This typically includes A records that give the IP addresses for hosts named in the first two sections.
See, Resource Record.
- Record Class
There are three schemes for record systems, Internet, Hesiod, and Chaos. Hesiod is only used at M.I.T, and maybe not even there anymore. Chaos is almost extinct, BIND uses it to check its version number, but that's about it. Internet is the system that 99.999% of servers use.
- top -
- Recursive Query
A recursive query is a request from a host to a resolver to find data on other name servers.
- Refresh Field
Fourth field in an SOA record. Refresh determines the number of seconds between a successful check on the serial number on the zone of the primary, and the next attempt. Usually around 2-24 hours. Not used by a primary server.
A resolver is a host capable of performing a recursive search of the Domain Name System to locate records that would answer a query. It does this by querying name servers, including the root servers. In other words, a resolver is a DNS server that looks up DNS records on behalf of a client machine.
- Resource Record
One unit of data in the domain name system. A resource record defines some attribute for a domain name such as an IP address, a string of text, or a mail route. A resource record consists of five components:
- A Resource record starts with a domain name , usually a fully qualified domain name. If anything other then a fully qualified domain name is used, the name of the zone the record is in will automaticly be appended to the end of the name.
- Second is the TTL, in seconds, defaults to the minimum value determined in the SOA record.
- Third is the Record class: Internet, Hesiod, or Chaos.
- Fourth is the record type: CNAME, PTR, A, etc.
- Fifth is the record data: (depends on record type) If the record data includes a domain name that is not a Fully Qualified Domain Name it goes through the same appending process as the domain name at the start of the record. Many servers will permit comments as a sixth component.
- Retry field
Fifth field in an SOA record. If a refresh attempt fails, a server will retry after this many seconds. Not used by a primary server.
- top -
- Reverse Domain
Archaic, see Reverse Zone.
- Reverse Record
See PTR Record.
- Reverse Zone
A reverse zone is a zone whose purpose is the mapping of IP addresses to names. Nearly all reverse zones are descended from the IN-ADDR.ARPA zone. The process of mapping IP addresses to names is useful:
- For use in tracing routes on the internet to identify routers between source and destination. Assigning names on the train stations between point A and point B.
- For Chat and FTP servers it is useful to restrict access to hosts in certain zones.
- To reverse the tide of SPAM, some mail servers will not connect to a mail server whose reverse record is misconfigured.
- Root Server
There are currently 13 servers that are authoritative for the root zone. They are named a.root-servers.net - m.root-servers.net. Every resolver must have the IP addresses of one or more of these root servers coded in so that it can resolve domain name.
- Root Zone
The ancestor of all zones, the parent of the top level domains. It is written as ". ". Root (as it is often called) has no labels.
- Round Robin Load Sharing
Primitive load sharing system without any fault tolerance. A native feature of most major servers; If multiple resource records of the same name and type are found, all will be sent; However, their order will be rotated for successive queries.
For example, identical A records could point to different IP Addresses. This works for load sharing because web browsers and other clients usually only expect only one record of the appropriate type in response, and ignore further records after the first. Can cause problems with PTR records, causing mail delivery problems because IP addresses might not resolve back to the name expected.
- top -
- RP Record
Responsible Person. Informational, not functional. Used to indicate the person responsible for the domain.
- Secondary Server
Sometimes called a slave server: A secondary name server is an authoritative name server that gets its data from outside sources, usually a zone transfer from a primary server. This term only applies to relations with a specific zone, a secondary server for one zone could be a primary for another. Despite a common misconception, from a resolvers point of view, primary and secondary servers are equal in authority and priority.
- Serial Number Field
Third Field in an SOA record. Used by a secondary server to determine if it requires a zone transfer from the primary server. If the Secondary's Number is lower than the Primary's, then the secondary server knows that its records are out of date. Not used by a primary server.
See Secondary Server.
- top -
- SOA Record
Start of Authority Record. The SOA is the first record in every properly configured zone. The SOA record contains information about the zone in a string of fields. The SOA record tells the server to be authoritative for the zone.
- SRV Record
SRV Record: Also known as a Service record. An SRV record is intended to provide information on available services. A SRV record has four fields and a unique system for naming. The naming system is an underscore followed by the name of the service, followed by a period, and underscore, and then the protocol, another dot, and then the name of the domain. The four fields are.
- Priority, just a in MX records
- Weight, used to determine relative capacity between to SRV fields with the priority. Hits will be assigned proportionately by weight, allowing a powerful and a weak server to share appropriate loads.
- Port, the port of the service offered
For Example: _http._tcp.example.com. SRV 10 5 80. www.example.com
- Static IP Address
A static IP Address is an IP addressis an IP address assigned by a service provider that never changes. This requires that the service provider keep at least one IP address per customer. Because their IP address remains fixed, static IP addresses can be used for hosting name servers.
Any child of a domain zone.
- top -
A contiguous string of IP addresses. The first IP address in a subnet is used to identify the subnet, the last IP address in the subnet is always used as a broadcast address. Anything sent to the last address is sent to every host on the subnet.
- Subnet Class
Traditionally subnets have been broken down into three size classes based on the 4 octets that make up an IP address. For example: 123.001.002.178.
Class A was any subnet that shared the first octet. Apple for example has a class A subnet. The first octet was 0017. All IP addresses starting with 17 are controlled by Apple. A class A subnet has over 16 Million possible IP addresses. Apple thus effectively controls 1/255th of the Internet.
Class B subnets share the first two octets. Class C subnets share the first three octets, effectively giving a class C subnet 254 possible IP addresses. (Remember that the first and last IP addresses are used as a network number and a broadcast address.)
See Top Level Domain
- Top Level Domain
Any zone owned by the root servers. You can also think of this as the first label in any domain name other than root (which has no labels)
For Example: com, edu, gov, mil, net, org, int, arpa, country codes.
- top -
A common analogy for the branching structure of the Domain Name System. Under this analogy various domain names are referred to as nodes.
Time To Live, the number of seconds remaining on a cached record before it is purged. For authoritative records the TTL is fixed at a specific length. If a record is cached, the server providing the record will provide the time remaining on the TTL rather then the original length it was given
- TXT Record
Text Record: Strictly informational, not functional. Used to provide up to 255 characters of free form text, hopefully about the zone. Multiple TXT records are permitted but their order is not necessarily retained, a bad forum for presenting War and Peace.
- Unqualified Domain Name
A domain name that is intentionally written incompletely with the understanding that some ancestor domain name will be appended to form a fully qualified domain name.
- top -
Denoted with an "*".
Allows one record to stand in for a number of other records: Of the same type, Pointing to same data, In the same zone.
Wildcard is used in the name field of a record. The "*" must be the only symbol in its label, and it must be the left most label.
The wildcard will be used in the response to any query for its type of record that:
- The asterisk in the wildcard could be expaned into a group of labels that would match the query. (This is called pattern matching.)
- There are no records of any type which excatly match the domain name of the query
- No ancestor of the domain name used in the query meets meets A. and not B.
For Example: example.com, an ISP, offers web space to its 1 billion subscribers using www.example.com/account name, and also wants to offer that as account.gimboid.com. By using a Wildcard. By setting up a CNAME record: *.example.com. CNAME www.example.com.
And a corresponding A record for www.example.com, they save themselves the bother of generating 1 billion CNAME records.
Because wildcards are a commonly misunderstood concept, below are examples of queries that would, and would not, acivate a wildcard.
|@||SOA|| ns1 (|
- top -
Lets double check, to see, if you got it right. Which of the following query names will match the wildcard (*.example.com. CNAME www.example.com.) if the query type is A (Pattern Matching)?
For two reasons, there is another record by that name, and because the name doesn't fit the wild card pattern, there is no child label in front of example.com to match the *
No record of that name, and meets the *.example.com pattern
ns2.example.com is specificly provided for so it won't match a wildcard.
No record of that name, and meets the *.example.com pattern
ssl.gimboid.com is provided for, the fact that www.ssl.example.com isn't is irrelevant.
No record of that name, and meets the *.example.com pattern. remember that * can match more then one label.
Even if the record is of another type, if there is an existing name match the wildcard won't be used.
- top -
- WKS Record
Well Known Service Record. Experimental, not yet adopted or used by any browser. WKS is generalized version of the MX record. Which is not just for mail but for any service. Examples would be POP, HTTP and FTP. If adopted, it will allow greater flexibility in resolving names from IP addresses and will lessen some of the problems cause by native round robin load sharing in servers.
Any domain name that has been delegated by an ancestor zone. Also includes all descendant domain names that have not been delegated.
- Zone Transfer
A special type of query that asks a name server for the entire contents of a Zone. Cached records are never reported in a zone transfer. Zone transfers are usually used by secondary servers to update its own zone data from its primary server.
- top -