Which of the following resource record types contains the information a DNS?
Amazon Route 53 supports the DNS record types that are listed in this section. Each record type also includes an example of how to format the 3 element when you are accessing Route 53 using the API. Show
For record types that include a domain name, enter a fully qualified domain name, for example, www.example.com. The trailing dot is optional; Route 53 assumes that the domain name is fully qualified. This means that Route 53 treats www.example.com (without a trailing dot) and www.example.com. (with a trailing dot) as identical. Route 53 provides an extension to DNS functionality known as alias records. Similar to CNAME records, alias records let you route traffic to selected AWS resources, such as CloudFront distributions and Amazon S3 buckets. For more information, including a comparison of alias and CNAME records, see Choosing between alias and non-alias records. A record typeYou use an A record to route traffic to a resource, such as a web server, using an IPv4 address in dotted decimal notation. Example for the Amazon Route 53 console
Example for the Route 53 API
AAAA record typeYou use an AAAA record to route traffic to a resource, such as a web server, using an IPv6 address in colon-separated hexadecimal format. Example for the Amazon Route 53 console
Example for the Route 53 API
CAA record typeA CAA record specifies which certificate authorities (CAs) are allowed to issue certificates for a domain or subdomain. Creating a CAA record helps to prevent the wrong CAs from issuing certificates for your domains. A CAA record isn't a substitute for the security requirements that are specified by your certificate authority, such as the requirement to validate that you're the owner of a domain. You can use CAA records to specify the following:
When you add a CAA record to your hosted zone, you specify three settings separated by spaces: 4Note the following about the format for CAA records:
Authorize a CA to issue a certificate for a domain or subdomainTo authorize a CA to issue a certificate for a domain or subdomain, create a record that has the same name as the domain or subdomain, and specify the following settings:
For example, suppose you want to authorize ca.example.net to issue a certificate for example.com. You create a CAA record for example.com with the following settings:
For information about how to authorize AWS Certificate Manager to issue a certificate, see Configure a CAA record in the AWS Certificate Manager User Guide. Authorize a CA to issue a wildcard certificate for a domain or subdomainTo authorize a CA to issue a wildcard certificate for a domain or subdomain, create a record that has the same name as the domain or subdomain, and specify the following settings. A wildcard certificate applies to the domain or subdomain and all of its subdomains.
For example, suppose you want to authorize ca.example.net to issue a wildcard certificate for example.com, which applies to example.com and all of its subdomains. You create a CAA record for example.com with the following settings:
When you want to authorize a CA to issue a wildcard certificate for a domain or subdomain, create a record that has the same name as the domain or subdomain, and specify the following settings. A wildcard certificate applies to the domain or subdomain and all of its subdomains. Prevent any CA from issuing a certificate for a domain or subdomainTo prevent any CA from issuing a certificate for a domain or subdomain, create a record that has the same name as the domain or subdomain, and specify the following settings:
For example, suppose you don't want any CA to issue a certificate for example.com. You create a CAA record for example.com with the following settings: 6If you don't want any CA to issue a certificate for example.com or its subdomains, you create a CAA record for example.com with the following settings: 7If you create a CAA record for example.com and specify both of the following values, a CA that is using the value ca.example.net can issue the certificate for example.com:
If you want any CA that receives an invalid request for a certificate to contact you, specify the following settings:
For example, if you want any CA that receives an invalid request for a certificate to send email to [email protected], you create a CAA record with the following settings:
Use another setting that is supported by the CAIf your CA supports a feature that isn't defined in the RFC for CAA records, specify the following settings:
For example, suppose your CA supports sending a text message if the CA receives an invalid certificate request. (We aren't aware of any CAs that support this option.) Settings for the record might be the following:
ExamplesExample for the Route 53 console
Example for the Route 53 API 0CNAME record typeA CNAME record maps DNS queries for the name of the current record, such as acme.example.com, to another domain (example.com or example.net) or subdomain (acme.example.com or zenith.example.org). The DNS protocol does not allow you to create a CNAME record for the top node of a DNS namespace, also known as the zone apex. For example, if you register the DNS name example.com, the zone apex is example.com. You cannot create a CNAME record for example.com, but you can create CNAME records for www.example.com, newproduct.example.com, and so on. In addition, if you create a CNAME record for a subdomain, you cannot create any other records for that subdomain. For example, if you create a CNAME for www.example.com, you cannot create any other records for which the value of the Name field is www.example.com. Amazon Route 53 also supports alias records, which allow you to route queries to selected AWS resources, such as CloudFront distributions and Amazon S3 buckets. Aliases are similar in some ways to the CNAME record type; however, you can create an alias for the zone apex. For more information, see Choosing between alias and non-alias records. Example for the Route 53 console 1Example for the Route 53 API 1DS record typeA delegation signer (DS) record refers a zone key for a delegated subdomain zone. You might create a DS record when you establish a chain of trust when you configure DNSSEC signing. For more information about configuring DNSSEC in Route 53, see Configuring DNSSEC signing in Amazon Route 53. The first three values are decimal numbers representing the key tag, algorithm, and digest type. The fourth value is the digest of the zone key. For more information about the DS record format, see RFC 4034. Example for the Route 53 console 3Example for the Route 53 API 3MX record typeAn MX record specifies the names of your mail servers and, if you have two or more mail servers, the priority order. Each value for an MX record contains two values, priority and domain name. Priority An integer that represents the priority for an email server. If you specify only one server, the priority can be any integer between 0 and 65535. If you specify multiple servers, the value that you specify for the priority indicates which email server you want email to be routed to first, second, and so on. The server with the lowest value for the priority takes precedence. For example, if you have two email servers and you specify values of 10 and 20 for the priority, email always goes to the server with a priority of 10 unless it's unavailable. If you specify values of 10 and 10, email is routed to the two servers approximately equally. Domain nameThe domain name of the email server. Specify the name (such as mail.example.com) of an A or AAAA record. In RFC 2181, Clarifications to the DNS Specification, section 10.3 forbids specifying the name of a CNAME record for the domain name value. (When the RFC mentions "alias," it means a CNAME record, not a Route 53 alias record.) Example for the Amazon Route 53 console 5Example for the Route 53 API 5NAPTR record typeA Name Authority Pointer (NAPTR) is a type of record that is used by Dynamic Delegation Discovery System (DDDS) applications to convert one value to another or to replace one value with another. For example, one common use is to convert phone numbers into SIP URIs. The 3 element for an NAPTR record consists of six space-separated values:Order When you specify more than one record, the sequence that you want the DDDS application to evaluate records in. Valid values: 0-65535. PreferenceWhen you specify two or more records that have the same Order, your preference for the sequence that those records are evaluated in. For example, if two records have an Order of 1, the DDDS application first evaluates the record that has the lower Preference. Valid values: 0-65535. FlagsA setting that is specific to DDDS applications. Values currently defined in RFC 3404are uppercase- and lowercase letters "A", "P", "S", and "U", and the empty string, "". Enclose Flags in quotation marks. ServiceA setting that is specific to DDDS applications. Enclose Service in quotation marks. For more information, see the applicable RFCs: RegexpA regular expression that the DDDS application uses to convert an input value into an output value. For example, an IP phone system might use a regular expression to convert a phone number that is entered by a user into a SIP URI. Enclose Regexp in quotation marks. Specify either a value for Regexp or a value for Replacement, but not both. The regular expression can include any of the following printable ASCII characters:
Specify all other values, such as internationalized domain names, in octal format. For the syntax for Regexp, see ReplacementThe fully qualified domain name (FQDN) of the next domain name that you want the DDDS application to submit a DNS query for. The DDDS application replaces the input value with the value that you specify for Replacement, if any. Specify either a value for Regexp or a value for Replacement, but not both. If you specify a value for Regexp, specify a dot (.) for Replacement. The domain name can include a-z, 0-9, and - (hyphen). For more information about DDDS applications and about NAPTR records, see the following RFCs: Example for the Amazon Route 53 console 7Example for the Route 53 API 8An NS record identifies the name servers for the hosted zone. Note the following:
For more information about NS records, see NS and SOA records that Amazon Route 53 creates for a public hosted zone. Example for the Amazon Route 53 console 9Example for the Route 53 API 9PTR record typeA PTR record maps an IP address to the corresponding domain name. Example for the Amazon Route 53 console 1Example for the Route 53 API 1SOA record typeA start of authority (SOA) record provides information about a domain and the corresponding Amazon Route 53 hosted zone. For information about the fields in an SOA record, see NS and SOA records that Amazon Route 53 creates for a public hosted zone. Example for the Route 53 console 3Example for the Route 53 API 3SPF record typeSPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create records for which the record type is SPF. RFC 7208, Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1, has been updated to say, "...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it." In RFC 7208, see section 14.1, . Instead of an SPF record, we recommend that you create a TXT record that contains the applicable value. For more information about valid values, see the Wikipedia article Sender Policy Framework. Example for the Amazon Route 53 console 5Example for the Route 53 API 5SRV record typeAn SRV record 3 element consists of four space-separated values. The first three values are decimal numbers representing priority, weight, and port. The fourth value is a domain name. SRV records are used for accessing services, such as a service for email or communications. For information about SRV record format, refer to the documentation for the service that you want to connect to.Example for the Amazon Route 53 console 7Example for the Route 53 API 7TXT record typeA TXT record contains one or more strings that are enclosed in double quotation marks ( 5). When you use the simple routing policy, include all values for a domain (example.com) or subdomain (www.example.com) in the same TXT record.Entering TXT record valuesA single string can include up to 255 characters, including the following:
If you need to enter a value longer than 255 characters, break the value into strings of 255 characters or fewer, and enclose each string in double quotation marks ( 5). In the console, list all the strings on the same line: 9For the API, include all the strings in the same 3 element: 9The maximum length of a value in a TXT record is 4,000 characters. To enter more than one TXT value, enter one value per row. Special characters in a TXT record valueIf your TXT record contains any of the following characters, you must specify the characters by using escape codes in the format 8 9:
For example, if the value of your TXT record is 0, you specify 1.For a mapping between ASCII characters and octal codes, perform an internet search for "ascii octal codes." One useful reference is ASCII Code - The extended ASCII table. To include a quotation mark ( 5) in a string, put a backslash ( 8) character before the quotation mark: 4.
Which of the following resource record types contains the information a DNS server?Name Server records (NS Record)—specifies that a DNS Zone, such as “example.com” is delegated to a specific Authoritative Name Server, and provides the address of the name server. Reverse-lookup Pointer records (PTR Record)—allows a DNS resolver to provide an IP address and receive a hostname (reverse DNS lookup).
What are DNS resource record types?The following resource record types are commonly used in DNS:. Start of authority (SOA). Name server (NS). Pointer record (PTR). Address (A). IPv6 Address (AAAA). Mail exchange (MX). Canonical name (CNAME). Windows Internet Naming Service (WINS). Which of the following is a DNS record?DNS servers store records. When a DNS query is sent by a device, that query gets a response from those records with the help of DNS servers and resolvers. There are eight records that you see again and again: A, AAAA, CNAME, PTR, NS, MX, SOA, and TXT.
What are the 3 types of DNS?There are three main kinds of DNS Servers — primary servers, secondary servers, and caching servers.
|