DNS related RFCs

This is an annotated list of Requests for Comments (RFCs) that are relevant to DNS, the Domain Name System.

Some of these documents are also distributed as part of the BIND distribution.


RFC 3403 (Proposed Standard)
Dynamic Delegation Discovery System (DDDS) Part Three: The Domain Name System (DNS) Database by M. Mealling
Obsoletes RFC2915, RFC2168, by making the very generalized NAPTR specification even more generalized.
Oct-2002
RFC 3363 (Informational)
Tradeoffs in Domain Name System (DNS) Support for Internet Protocol version 6 (IPv6) by R. Austein
Opposes RFC 3363, saying that A6 records are superior.
Aug-2002
RFC 3363 (Informational)
Representing Internet Protocol version 6 (IPv6) Addresses in the Domain Name System (DNS) by R. Bush, A. Durand, B. Fink, O. Gudmundsson, T. Hain
Basically comments on RFC2673, RFC2874 to say that AAAA records are better than A6 records.
Aug-2002
RFC 3258 (Informational)
Distributing Authoritative Name Servers via Shared Unicast Addresses by T. Hardie
Describes a little-used method of replacing the current DNS load-sharing and failover strategies with an ANYCAST system. Not recommended.
Apr-2002
RFC 3226 (Proposed Standard)
DNSSEC and IPv6 A6 aware server/resolver message size requirements by O. Gudmundsson
Updates RFC2535, RFC2874.
Dec-2001
RFC 3225 (Proposed Standard)
Indicating Resolver Support of DNSSEC by D. Conrad
Dec-2001
RFC 3197 (Informational)
Applicability Statement for DNS MIB Extensions by R. Austein
Dec-2001
RFC 3172 (Best Current Practice)
Management Guidelines & Operational Requirements for the Address and Routing Parameter Area Domain (arpa) by G. Huston, Ed
Sep-2001
RFC 3152 (Best Current Practice)
Delegation of IP6.ARPA by R. Bush
Updates RFC2874, RFC2772, RFC2766, RFC2553, RFC1886
Sep-2001
RFC 3130 (Informational)
Notes from the State-Of-The-Technology: DNSSEC by E. Lewis
Confirms that DNSSEC is very miportant, but is not ready for production.
Jun-2001
RFC 3110 (Proposed Standard)
RSA/SHA-1 SIGs and RSA KEYs in the Domain Name System (DNS) by D. Eastlake 3rd
How to produce RSA/SHA1 SIG and KEY resource records. Completely replaces RFC2537.
May-2001
RFC 3090 (Proposed Standard)
DNS Security Extension Clarification on Zone Status by E. Lewis and NAI Labs
Redefines a RFC2535 "secured zone" without specifically mentioning the encryption algorithm used.
Mar-2001
RFC 3071 (Informational)
Reflections on the DNS, RFC 1591, and Categories of Domains by J. Klensin
Comments on RFC1591, especially with regards to those ccTLDs run as generic TLDs (for example: .cc, .to, and .tv ).
Feb-2001
RFC 3008 (Proposed Standard)
Domain Name System Security (DNSSEC) Signing Authority by B. Wellington and Nominum
Revised model of the DNSSEC Signing Authority affecting the authorization of keys to sign sets of records. Updates RFC2535.
Nov-2000
RFC 3007 (Proposed Standard)
Secure Domain Name System (DNS) Dynamic Update by D. Eastlake 3rd and Motorola
Extension to RFC2535 and RFC2136 allowing for secure dynamic updates to DNS records. Obsoletes RFC2137
Nov-2000
RFC 2931 (Proposed Standard)
DNS Request and Transaction Signatures ( SIG(0)s ) by D. Eastlake 3rd and Motorola
Minor changes to the signature resource records ( SIG(0)s ) proposed in RFC2535
Sep-2000
RFC 2930 (Proposed Standard)
Secret Key Establishment for DNS (TKEY RR) by D. Eastlake 3rd and Motorola
Transaction Key (TKEY) RR thatcan be used establish shared secret keys between a DNS resolver and server
Sep-2000
RFC 2929 (Best Current Practice)
Domain Name System (DNS) IANA Considerations by D. Eastlake, 3rd, Motorola, E. Brunner-Williams, et al.
Enumerates current DNS practices with regard to packet formats, opcodes, RCODEs, etc.
Sep-2000
RFC 2915 (Proposed Standard)
The Naming Authority Pointer (NAPTR) DNS Resource Record by P. Vixie,ISC,O. Gudmundsson,NAI Labs, et al.
Proposes a system of mapping arbitrary "resource names" to domains, SRV records and/or URI's. This flexible system is practially a "DNS programming language". Seems to subvert the idea of even having a DNS standard. Obsoleted by RFC3401, RFC3402, RFC3403, RFC3404 Updates
Sep-2000
RFC 2845 (Proposed Standard)
Secret Key Transaction Authentication for DNS (TSIG) by P. Vixie,ISC,O. Gudmundsson,NAI Labs, et al.
Allows for transaction level authentication using shared secrets and one way hashing. Updates RFC1035.
May-2000
RFC 2782 (Proposed Standard)
A DNS RR for specifying the location of services (DNS SRV) by A. Gulbrandsen,Troll Technologies,P. Vixie,ISC,L. Esibov,Microsoft Corp.
Proposes a generic method of discovering service providers based on protocol names, as opposed to inventing a new RR for each service. Obsoletes RFC2052.
Feb-2000
RFC 2694 (Informational)
DNS extensions to Network Address Translators (DNS_ALG) by P. Srisuresh, G. Tsirtsis, P. Akkiraju and A. Heffernan
Proposes an application level gateway for DNS which modifies DNS payload to alter address mapping of hosts. This progressed without input from the DNSIND community, so its non-interoperability with recent DNS protocols such as DNSSEC will probably cause a bunch of problems if this makes it into the field.
Sep-1999
RFC 2673 (Proposed Standard)
Binary Labels in the Domain Name System by M. Crawford
Defines a Bit-String label, which compactly represents a sequence of single bit labels and enables records to be stored at any bit-boundary in a binary-named section of the name tree.
Aug-1999
RFC 2672 (Proposed Standard)
Non-Terminal DNS Name Redirection by M. Crawford
Defines DNAME record, which maps a subtree of the DNS to another domain: like a more general form of CNAME.
Aug-1999
RFC 2671 (Proposed Standard)
Extension mechanisms for DNS (EDNS0) by P. Vixie
Backward compatible mechanisms for growing the DNS protocol, to avoid exhaustion of the limited fixed fields. Note that this standard requires that implementations of newer features must also support all features of older versions. See also dnsind-edns1 for some proposed extensions.
Aug-1999
RFC 2606 (BCP 32)
Reserved Top Level DNS Names by D. Eastlake and A. Panitz
Reserves new top-level and second-level domain names for testing and documentation: .EXAMPLE, .INVALID, .TEST, .LOCALHOST and EXAMPLE.{COM,NET,ORG}.
Jun-1999
RFC 2541 (Informational)
DNS Security Operational Considerations by D. Eastlake
Recommendations on how to manage DNSSEC extensions. Secure DNS is based on cryptographic techniques. A necessary part of the strength of these techniques is careful attention to the operational aspects of key and signature generation, lifetime, size, and storage. In addition, special attention must be paid to the security of the high level zones, particularly the root zone. This document discusses these operational aspects for keys and signatures used in connection with the KEY and SIG DNS resource records.
An HTML version is available.
Mar-1999
RFC 2540 (Experimental)
Detached Domain Name System (DNS) Information by D. Eastlake
Archival and offline storage of DNS information.
An HTML version is available.
Mar-1999
RFC 2539 (Proposed Standard)
Storage of Diffie-Hellman Keys in the Domain Name System (DNS) by D. Eastlake
KEY records for storing Diffie-Hellman keys.
An HTML version is available.
Mar-1999
RFC 2538 (Proposed Standard)
Storing Certificates in the Domain Name System (DNS) by D. Eastlake and O. Gudmundsson
CERT records for storing certificates and related certificate revocation lists.
An HTML version is available.
Mar-1999
RFC 2537 (Proposed Standard)
RSA/MD5 KEYs and SIGs in the Domain Name System (DNS) by D. Eastlake
Formats for storing RSA keys and RSA/MD5 signatures using KEY and SIG resource records.
An HTML version is available.
Mar-1999
RFC 2536 (Proposed Standard)
DSA KEYs and SIGs in the Domain Name System (DNS) by D. Eastlake
Storing US Government Digital Signature Algorithm keys and signatures using KEY and SIG resource records.
An HTML version is available.
Mar-1999
RFC 2535 (Proposed Standard) obsoletes RFC 2065; updates RFC 2181, RFC 1035 and RFC 1034
Domain Name System Security Extensions by D. Eastlake
Updated digital signatures for data integrity and authentication in the DNS, incorporating implementation feedback. Digital signatures are included in secured zones as resource records.
An HTML version is available.
Mar-1999
RFC 2517 (Informational)
Building Directories from DNS: Experiences from WWWSeeker by R. Moats and R. Huber
Implementation experience from WWWSeeker and Netfind, for those considering a keyword-like directory to discover domain names.
An HTML version is available.
Feb-1999
RFC 2377 (Informational)
Naming Plan for Internet Directory-Enabled Applications by A. Grimstad, R. Huber, S. Sataluri and M. Wahl
Part 2 of the attempted LDAP takeover of DNS. A sensible naming scheme for LDAP directories, based on the top parts of the DNS name space. See also RFC 2247.
An HTML version is available.
Sep-1998
RFC 2352 (Informational) obsoletes RFC 2240
A Convention For Using Legal Names as Domain Names by O. Vaughan
Proposes creation of uniform second-level domain names for commercial organisations, within the country-specific TLD's. As the editor's preface points out, this document (and the earlier version it replaces) are pretty pointless due to constraints of the real world (as opposed to the fantasy world this document appears to be describing).
May-1998
RFC 2345 (Experimental)
Domain Names and Company Name Retrieval by J. Klensin, T. Wolf and G. Oglesby
Proposes adding extra WHOIS lookup step to browsers to retrieve URLs instead of relying on intuitive domain names. Similar to the keyword feature added by Netscape and Microsoft to their browsers in mid-1998.
May-1998
RFC 2317 (BCP 20)
Classless IN-ADDR.ARPA delegation by H. Eidnes, G. de Groot and P. Vixie
How to do IN-ADDR.ARPA delegations on arbitrary boundaries, in a way compatible with existing software, by using CNAME records and new zones.
An HTML version is available.
Mar-1998
RFC 2308 (Proposed Standard) updates RFC 1034 and RFC 1035
Negative Caching of DNS Queries (DNS NCACHE) by M. Andrews
Recommends that negative caching (the caching of information about non-existence of resource records) becomes mandatory in resolvers. Also redefines the usage of the TTL field in SOA records to be used for negative caching, and adds a $TTL directive to replace its former use.
An HTML version is available.
Mar-1998
RFC 2307 (Experimental)
An Approach for Using LDAP as a Network Information Service by L. Howard
Mapping NIS-type information into LDAP: aliases, users, protocols, etc. Not strictly relevant to DNS.
Mar-1998
RFC 2247 (Proposed Standard)
Using Domains in LDAP/X.500 Distinguished Names by S. Kille, M. Wahl, A. Grimstad, R. Huber and S. Sataluri
Representing domain names as distinguished names (using a new X.500 attribute called DC) so that LDAP can contain DNS information. See also RFC 2377.
An HTML version is available.
Jan-1998
RFC 2240 (Informational) obsoleted by RFC 2352
Nov-1997
RFC 2230 (Informational)
Key Exchange Delegation Record for the DNS by R. Atkinson
KX records for IP security, assuming Secure DNS. KX defines a host willing to act as a key exchanger for a given domain name.
An HTML version is available.
Nov-1997
RFC 2219 (BCP 17)
Use of DNS Aliases for Network Services by M. Hamilton and R. Wright
The IANA name for a protocol should be used as the domain name for the machine that supports that protocol at a site.
An HTML version is available.
Oct-1997
RFC 2182 (BCP 16)
Selection and Operation of Secondary DNS Servers by R. Elz, R. Bush, S. Bradner and M. Patton
How to select secondary servers.
An HTML version is available.
Jul-1997
RFC 2181 (Proposed Standard) updates RFC 1034, RFC 1035 and RFC 1123; updated by RFC 2535
Clarifications to the DNS Specification by R. Elz and R. Bush
Clarifications regarding multi-homed servers, TTLs, zone cuts, SOA records, the TC (truncated) flag, authoritative/canonical names, and valid labels.
An HTML version is available.
Jul-1997
RFC 2168 (Experimental)
Resolution of Uniform Resource Identifiers using the Domain Name System by R. Daniel and M. Mealling
Defines NAPTR (Naming Authority Pointer) record type, which maps URI namespace identifiers to domain names.
Jun-1997
RFC 2163 (Proposed Standard) obsoletes RFC 1664
Using the Internet DNS to Distribute MIXER Conformant Global Address Mapping (MCGAM) by C. Allocchio
Update to RFC 1664, on storing information in the DNS for mapping between X.400 and RFC 822 email addressing. Defines new PX record and .X42D.xx second-level domain names for each country-specific TLD xx.
Jan-1998
RFC 2146 (Informational) obsoletes RFC 1816
U.S. Government Internet Domain Names by Federal Networking Council
Registration procedures in the .GOV top-level domain, and first steps in its migration to .FED.US.
May-1997
RFC 2142 (Proposed Standard)
Mailbox Names for Common Services, Roles and Functions by D. Crocker
Mandates addresses such as ABUSE@domain for complaints to ISPs, HOSTMASTER@domain as a standard contact for DNS issues, and LIST-REQUEST@domain for all mailing lists.
An HTML version is available.
May-1997
RFC 2137 (Proposed Standard) updates RFC 1035
Secure Domain Name System Dynamic Update by D. Eastlake 3rd
Security for dynamic updates. Ignores existing protocols in popular use.
An HTML version is available.
Apr-1997
RFC 2136 (Proposed Standard) updates RFC 1035
Dynamic Updates in the Domain Name System (DNS UPDATE) by P. Vixie (editor), S. Thomson, Y. Rekhter and J. Bound
Atomic record-level addition and deletion of DNS information: WINS done properly.
An HTML version is available.
Apr-1997
RFC 2065 (Proposed Standard) updates RFC 1034 and RFC 1035; obsoleted by RFC 2535
Domain Name System Security Extensions by D. Eastlake 3rd and C. Kaufman
Digital signatures for data integrity and authentication in the DNS.
An HTML version is available.
Jan-1997
RFC 2053 (Informational)
The AM (Armenia) Domain by E. Der-Danieliantz
Procedures for registering in the AM TLD.
Oct-1996
RFC 2052 (Experimental) updates RFC 1035 and RFC 1183
A DNS RR for specifying the location of services (DNS SRV) by A. Gulbrandsen and P. Vixie
Generalised MX records for services other than mail.
Oct-1996
RFC 2010 (Informational)
Operational Criteria for Root Name Servers by B. Manning and P. Vixie
Requirements for root name servers.
An HTML version is available.
Oct-1996
RFC 1996 (Proposed Standard) updates RFC 1035
Notify: a mechanism for prompt notification of authority zone changes by P. Vixie
Describes NOTIFY opcode for advising slave servers that the master's data has been changed.
An HTML version is available.
Aug-1996
RFC 1995 (Proposed Standard) updates RFC 1035
Incremental Zone Transfer in DNS by M. Ohta
A mechanism for use with NOTIFY which allows transferring only that part of the zone that changed.
An HTML version is available.
Aug-1996
RFC 1982 (Proposed Standard) updates RFC 1034 and RFC 1035
Serial Number Arithmetic by R. Elz and R. Bush
Defines how serial numbers are compared to determine if a zone has been updated.
An HTML version is available.
Aug-1996
RFC 1956 (Informational)
Registration in the MIL Domain by D. Engebretson and R. Plzak
Describes the registration policy of the US Department of Defense domain.
Jun-1996
RFC 1912 (Informational) obsoletes RFC 1537
Common DNS Operational and Configuration Errors by D. Barr
Errors and common practice in operation of servers and format of data.
An HTML version is available.
Feb-1996
RFC 1886 (Proposed Standard)
DNS Extensions to support IP version 6 by S. Thomson and C. Huitema
Backward-compatible IPv6 DNS extensions, including new AAAA record type and new domain IP6.INT.
Dec-1995
RFC 1884 (Proposed Standard)
IP Version 6 Addressing Architecture edited by R. Hinden and S. Deering
All about IPv6 addresses.
Dec-1995
RFC 1876 (Experimental) updates RFC 1034 and RFC 1035; obsoletes RFC 1712
A Means for Expressing Location Information in the Domain Name System by C. Davis, P. Vixie, T. Goodwin and I. Dickinson
Geographical location LOC records.
Jan-1996
RFC 1816 (Informational) obsoletes RFC 1811, obsoleted by RFC 2146
Aug-1995
RFC 1811 (Informational) obsoleted by RFC 1816
Jun-1995
RFC 1794 (Informational)
DNS Support for Load Balancing by T. Brisco
DNS support for balancing loads of many types.
Apr-1995
RFC 1713 (Informational: FYI 27)
Tools for DNS debugging by A. Romao
Overview of some DNS tools. Now severely out of date; an IETF effort is underway to update it.
An HTML version is available.
Nov-1994
RFC 1712 (Experimental) obsoleted by RFC 1876
DNS Encoding of Geographical Location by C. Farrell, M. Schulze, S. Pleitner and D. Baldoni
Paul Vixie wrote: `deprecated and retracted by its authors but the RFC editors accidentally published it anyway'.
Nov-1994
RFC 1706 (Informational) updates RFC 1034 and RFC 1035; obsoletes RFC 1348 and RFC 1637
DNS NSAP Resource Records by B. Manning and R. Colella
How to add OSI-style NSAPs to the DNS using PTR records.
Oct-1994
RFC 1664 (Experimental) obsoleted by RFC 2163
Using the Internet DNS to Distribute RFC1327 Mail Address Mapping Tables by C. Allocchio, A. Bonito, B. Cole, S. Giordano and R. Hagens
Mapping information for converting between X.400 and SMTP addressing into the DNS.
Aug-1994
RFC 1637 (Experimental) obsoletes RFC 1348; obsoleted by RFC 1706
Jun-1994
RFC 1612 (Proposed Standard)
DNS Resolver MIB Extensions by R. Austein and J. Saperia
Interfacing SNMP to the client side of DNS, waiting to be implemented.
May-1994
RFC 1611 (Proposed Standard)
DNS Server MIB Extensions by R. Austein and J. Saperia
Interfacing SNMP to the server side of DNS, waiting to be implemented.
May-1994
RFC 1591 (Informational)
Domain Name System Structure and Delegation by J. Postel
Administrative and management details about the DNS name space.
Mar-1994
RFC 1537 (Informational) obsoleted by RFC 1912
Oct-1993
RFC 1536 (Informational)
Common DNS Implementation Errors and Suggested Fixes by A. Kumar, J. Postel, C. Neuman, P. Danzig and S. Miller
What to fix and how to fix it, for developers.
Oct-1993
RFC 1535 (Informational)
A Security Problem and Proposed Correction With Widely Deployed DNS Software by E. Gavron
Highlights subversion possibilities with default resolver search lists. In general, resolver search lists should never add domain names to a basic search string unless the domains are managed by a trusted party. This means that commonly used search string members such as .COM are dangerous and should not be used. Six years later, several large software companies still haven't understood this.
Oct-1993
RFC 1480 (Informational) obsoletes RFC 1386
The US Domain by A. Cooper and J. Postel
Policies and procedures related to the .US top-level domain.
Jun-1993
RFC 1464 (Experimental)
Using the Domain Name System To Store Arbitrary String Attributes by R. Rosenbaum
Using TXT records to store arbitrary strings in the DNS.
May-1993
RFC 1386 (Informational) obsoleted by RFC 1480
Jun-1993
RFC 1348 (Experimental) updates RFC 1034 and RFC 1035; obsoleted by RFC 1706
Jul-1992
RFC 1183 (Experimental) updates RFC 1034 and RFC 1035; updated by RFC 2052
New DNS RR Definitions by C. Everhart, L. Mamakos and R. Ullmann and edited by P. Mockapetris
New resource records, not widely used.
Oct-1990
RFC 1178 (Informational: FYI 5)
Choosing a Name for Your Computer by D. Libes
Good advice to keep in mind when naming computers, especially as to what names to avoid.
Aug-1990
RFC 1123 (Standard: STD 3) updated by RFC 2181
Requirements for Internet Hosts -- Application and Support edited by R. Braden
Includes chapter 6, about DNS.
Oct-1989
RFC 1122 (Standard: STD 3) updates RFC 1034 and RFC 1035
Requirements for Internet Hosts -- Communication Layers edited by R. Braden
Section 4 discusses UDP and TCP issues that have important low-level effects on DNS.
Oct-1989
RFC 1101 (Unknown, Proposed Standard?) updates RFC 1034 and RFC 1035
DNS Encoding of Network Names and Other Types by P. Mockapetris
How to add network names and netmasks to the DNS.
Apr-1989
RFC 1035 (Standard: STD 13) updated by RFCs 1101, 1122, 1183, 1706, 1876, 1982, 1995, 1996, 2052, 2136, 2137, 2181, 2308 and 2535; obsoletes RFCs 882, 883 and 973
Domain Names--Implementation and Specification by P. Mockapetris
Mechanics of the DNS. An HTML version with graphic illustrations is available (thanks to Russ Nelson).
A local copy is also available.
Nov-1987
RFC 1034 (Standard: STD 13) updated by RFCs 1101, 1122, 1183, 1706, 1876, 1982, 2181, 2308 and 2535; obsoletes RFCs 882, 883 and 973
Domain Names--Concepts and Facilities by P. Mockapetris
Reference guide, covers just about everything.
Nov-1987
RFC 1033 updated by RFC 1912
Domain Administrators Operations Guide by M. Lottor
How-to guide, now somewhat out of date.
Nov-1987
RFC 1032
Domain Administrator's Guide by M. Stahl
Explains role of domain administrator.
Nov-1987
RFC 974 (Standard: STD 14)
Mail Routing and the Domain System by Craig Partridge
Describes MX record processing.
Jan-1986
RFC 973 updates RFC 882 and RFC 883; obsoleted by RFC 1034 and RFC 1035
Jan-1986
RFC 921 updates RFC 897 and RFC 881
Domain name system implementation schedule - revised by J. Postel
Documents the 1983-4 plan to switch over to DNS.
Oct-1984
RFC 920
Domain Requirements by J. Postel and J. Reynolds
Administrative document about domains. Will become historical shortly.
Oct-1984
RFC 897 updates RFC 881; updated by RFC 921
Domain name system implementation schedule by J. Postel
Documents the 1983-4 plan to switch over to DNS.
Feb-1984
RFC 883 updated by RFC 973; obsoleted by RFC 1034 and RFC 1035
Nov-1983
RFC 882 updated by RFC 973; obsoleted by RFC 1034 and RFC 1035
Nov-1983
RFC 881 updated by RFC 897 and RFC 921
The Domain Names Plan and Schedule by J. Postel
Documents the 1983-4 plan to switch over to DNS.
Nov-1983
RFC 819
The Domain Naming Convention for Internet User Applications by Z. Su and J. Postel
Documents the original structural ideas of DNS.
Aug-1982
RFC 811
Hostnames Server by K. Harrenstien, V. White and E. Feinler
The original centralised hostname lookup server.
Mar-1982
RFC 805
Computer Mail Meeting Notes by J. Postel
The decision to introduce DNS-type names for mail addressing.
Feb-1982