DNSKEY : DNS Key record ( RFC 4034)
The key record used in DNSSEC. Uses the same format as the KEY record. |
NSEC : Next-Secure record ( RFC 4034)
Part of DNSSEC—used to prove a name does not exist. Uses the same format as the (obsolete) NXT record. |
CERT : Certificate record ( RFC 4398)
Stores PKIX, SPKI, PGP, etc. |
IPSECKEY : IPSEC Key ( RFC 4025)
Key record that can be used with IPSEC |
RRSIG : DNSSEC signature ( RFC 4034)
Signature for a DNSSEC-secured record set. Uses the same format as the SIG record. |
SIG : Signature ( RFC 2535)
Signature record used in SIG(0) (RFC 2931). Until RFC 3755 was published, the SIG record was part of DNSSEC; now RRSIG is used for that. |
AFSDB : AFS database record ( RFC 1183)
Location of database servers of an AFS cell. This record is commonly used by AFS clients to contact AFS cells outside their local domain. A subtype of this record is used by the obsolete DCE/DFS file system. |
SRV : Service locator ( RFC 2782)
Generalized service location record, used for newer protocols instead of creating protocol-specific records such as MX. |
DLV : DNSSEC Lookaside Validation record ( RFC 4431)
For publishing DNSSEC trust anchors outside of the DNS delegation chain. Uses the same format as the DS record. RFC 5074 describes a way of using these records. |
DNAME : delegation name ( RFC 2672)
DNAME will delegate an entire portion of the DNS tree under a new name. In contrast, the CNAME record creates an alias of a single name. Like the CNAME record, the DNS lookup will continue by retrying the lookup with the new name. |
NSEC3PARAM : NSEC3 parameters ( RFC 5155)
Parameter record for use with NSEC3 |
LOC : Location record ( RFC 1876)
Specifies a geographical location associated with a domain name |
NS : name server record ( RFC 1035)
Delegates a DNS zone to use the given authoritative name servers |
SPF : SPF record ( RFC 4408)
Specified as part of the SPF protocol, as an alternative to storing SPF data in TXT records. Uses the same format as the TXT record. |
DS : Delegation signer ( RFC 4034)
The record used to identify the DNSSEC signing key of a delegated zone |
NAPTR : Naming Authority Pointer ( RFC 3403)
Allows regular expression based rewriting of domain names which can then be used as URIs, further domain names to lookups, etc. |
DHCID : DHCP identifier ( RFC 4701)
Used in conjunction with the FQDN option to DHCP |
NSEC3 : NSEC record version 3 ( RFC 5155)
An extension to DNSSEC that allows proof of nonexistence for a name without permitting zonewalking |
