Fast DNS Record Management API v1
Manage an existing primary zone's DNS records.
Learn more:
Overview
This API has been deprecated. Use the Edge DNS Zone Management API instead.
Welcome to Akamai’s Enhanced DNS service. Enhanced DNS is designed to integrate easily with your existing DNS infrastructure to provide a secure, high performance, highly available and scalable solution for DNS hosting. As part of this service, Akamai runs name servers in multiple networks and in many geographic locations that are capable of resolving queries for your zones. Akamai’s IP Anycast technology is also capable of providing an unprecedented level of reliability and performance for name resolution.
The Enhanced DNS service supports two types of Zones:
Primary: Akamai will serve the DNS records of your zones without the need for master DNS servers maintained by you.
Secondary: Akamai will serve the DNS records of your zones obtained by performing secured zone transfers from your master name server.
This API focuses on primary zones, specifically the management of DNS records of an existing primary zone.
Record management
Once a primary Enhanced DNS zone is provisioned in Akamai Control Center, a nonbrowser-based client may invoke this API to manage the DNS records of the Zone. To update a zone configuration,
Retrieve the current zone configuration (
GET /config-dns/v1/zones/{zone}).Increment the SOA record’s serial field.
Add new records, remove old ones and update existing records in the Zone configuration as needed.
Submit the full zone configuration (
POST /config-dns/v1/zones/{zone}).
Example: modifying an existing zone record set configuration
Consider the most basic Zone configuration for example.com: a Zone
with a single SOA record and two NS
records:
example.com. 900 IN SOA use4.akamai.com. hostmaster.akamai.com. 1271354824 900 300 604800 180
example.com. 3600 IN NS use4.akam.net.
example.com. 3600 IN NS use3.akam.net.
Our task will be to add a new A Record with the
name www, and an IP address 1.2.3.4:
GET /config-dns/v1/zones/example.com
{
"token": "a184671d5307a388180fbf7f11dbdf46",
"zone": {
"name": "example.com",
"soa": {
"contact": "hostmaster.akamai.com.",
"expire": 604800,
"minimum": 180,
"originserver": "use4.akamai.com.",
"refresh": 900,
"retry": 300,
"serial": 1271354824,
"ttl": 900
},
"ns": [
{
"active": true,
"name": "",
"target": "use4.akam.net.",
"ttl": 3600
},
{
"active": true,
"name": "",
"target": "use3.akam.net.",
"ttl": 3600
}
]
}
}
Note the token field. It is a unique value calculated for every zone
configuration, and must be presented with the Zone submission, which
is used by Control Center to guarantee that the submission modifies the current
configuration. This is to prevent inadvertently overwriting another
client’s submission.
POST /config-dns/v1/zones/example.com
{
"token": "a184671d5307a388180fbf7f11dbdf46",
"zone": {
"name": "example.com",
"soa": {
"contact": "hostmaster.akamai.com.",
"expire": 604800,
"minimum": 180,
"originserver": "use4.akamai.com.",
"refresh": 900,
"retry": 300,
"serial": 1271354825,
"ttl": 900
},
"ns": [
{
"active": true,
"name": "",
"target": "use4.akam.net.",
"ttl": 3600
},
{
"active": true,
"name": "",
"target": "use3.akam.net.",
"ttl": 3600
}
],
"a": [
{
"active": true,
"name": "www",
"target": "1.2.3.4",
"ttl": 3600
}
]
}
}
Example: creating a new zone record set configuration
If a Zone has been created in Control Center, but hasn’t had any
records added yet, attempts to retrieve the Zone will result in a
404 return code, as the Zone’s configuration does not exist yet.
To create, the POST request will look the same as modifying an
existing Zone, with one exception: the token value must be set to
new:
POST /config-dns/v1/zones/example.com
{
"token": "new",
"zone": {
"name": "example.com",
"soa": {
"contact": "hostmaster.akamai.com.",
"expire": 604800,
"minimum": 180,
"originserver": "use4.akamai.com.",
"refresh": 900,
"retry": 300,
"serial": 1271354825,
"ttl": 900
},
"ns": [
{
"active": true,
"name": "",
"target": "use4.akam.net.",
"ttl": 3600
},
{
"active": true,
"name": "",
"target": "use3.akam.net.",
"ttl": 3600
}
],
"a": [
{
"active": true,
"name": "www",
"target": "1.2.3.4",
"ttl": 3600
}
]
}
}
Resources
Akamai’s Enhanced DNS product. This API manages records of Enhanced
DNS Zones of type primary.
API summary
| Operation | Method | Endpoint |
|---|---|---|
| Get a Zone | GET | /config-dns/ |
| Add or Modify a Zone | POST | /config-dns/ |
Get a zone
Returns the complete representation of the zone, which includes all of
the records for the specified zone. Additionally, a token is
returned, which is required when submitting a modified version of the
zone.
NOTE: This resource can return in JSON (
application/json) or XML (application/xml) format. Default: JSON.
GET /config-dns/
Example: /config-dns/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| Required | |||
zone |
String | example.com |
Domain zone, encapsulating any nested subdomains. |
Status 200 application/json
Response:
{
"token": "a184671d5307a388180fbf7f11dbdf46",
"zone": {
"a": [
{
"active": true,
"name": "arecord",
"target": "1.2.3.5",
"ttl": 3600
},
{
"active": true,
"name": "origin",
"target": "1.2.3.9",
"ttl": 3600
},
{
"active": true,
"name": "arecord",
"target": "1.2.3.4",
"ttl": 3600
}
],
"aaaa": [
{
"active": true,
"name": "ipv6record",
"target": "2001:0db8::ff00:0042:8329",
"ttl": 3600
}
],
"afsdb": [
{
"active": true,
"name": "afsdb",
"subtype": 1,
"target": "example.com.",
"ttl": 7200
}
],
"cname": [
{
"active": true,
"name": "redirect",
"target": "arecord.example.com.",
"ttl": 3600
}
],
"dnskey": [
{
"active": true,
"algorithm": 3,
"flags": 257,
"key": "Av//0/goGKPtaa28nQvPoUwVQ ... i/0hC+1CrmQkuuKtQt98WObuv7q8iQ==",
"name": "dnskey",
"protocol": 7,
"ttl": 7200
}
],
"ds": [
{
"active": true,
"algorithm": 7,
"digest": "909FF0B4DD66F91F56524C4F968D13083BE42380",
"digest_type": 1,
"keytag": 30336,
"name": "ds",
"ttl": 7200
}
],
"hinfo": [
{
"active": true,
"hardware": "INTEL-386",
"name": "hinfo",
"software": "UNIX",
"ttl": 7200
}
],
"id": 11874,
"loc": [
{
"active": true,
"name": "location",
"target": "51 30 12.748 N 0 7 39.611 W 0.00m 0.00m 0.00m 0.00m",
"ttl": 7200
}
],
"mx": [
{
"active": true,
"name": "four",
"priority": 10,
"target": "mx1.akamai.com.",
"ttl": 7200
}
],
"name": "example.com",
"naptr": [
{
"active": true,
"flags": "S",
"name": "naptrrecord",
"order": 0,
"preference": 10,
"regexp": "!^.*$!sip:customer-service@example.com!",
"replacement": ".",
"service": "SIP+D2U",
"ttl": 3600
}
],
"ns": [
{
"active": true,
"name": null,
"target": "use4.akam.net.",
"ttl": 3600
},
{
"active": true,
"name": null,
"target": "use3.akam.net.",
"ttl": 3600
},
{
"active": true,
"name": "five",
"target": "use4.akam.net.",
"ttl": 172800
}
],
"nsec3": [
{
"active": true,
"algorithm": 1,
"flags": 0,
"iterations": 1,
"name": "qdeo8lqu4l81uo67oolpo9h0nv9l13dh",
"next_hashed_owner_name": "R2NUSMGFSEUHT195P59KOU2AI30JR96P",
"salt": "EBD1E0942543A01B",
"ttl": 7200,
"type_bitmaps": "CNAME RRSIG"
}
],
"nsec3param": [
{
"active": true,
"algorithm": 1,
"flags": 0,
"iterations": 1,
"name": "qnsec3param",
"salt": "EBD1E0942543A01B",
"ttl": 7200
}
],
"ptr": [
{
"active": true,
"name": "ptr",
"target": "ptr.example.com.",
"ttl": 7200
}
],
"rp": [
{
"active": true,
"mailbox": "admin.example.com.",
"name": "rp",
"ttl": 7200,
"txt": "txt.example.com."
}
],
"rrsig": [
{
"active": true,
"algorithm": 7,
"expiration": "20120318104101",
"inception": "20120315094101",
"keytag": 63761,
"labels": 3,
"name": "arecord",
"original_ttl": 3600,
"signature": "toCy19QnAb86vRlQjf5 ... z1doJdHEr8PiI+Is9Eafxh+4Idcw8Ysv",
"signer": "example.com.",
"ttl": 7200,
"type_covered": "A"
}
],
"soa": {
"contact": "hostmaster.akamai.com.",
"expire": 604800,
"minimum": 180,
"originserver": "use4.akamai.com.",
"refresh": 900,
"retry": 300,
"serial": 1271354824,
"ttl": 900
},
"spf": [
{
"active": true,
"name": "spf",
"target": "v=spf a -all",
"ttl": 7200
}
],
"srv": [
{
"active": true,
"name": "srv",
"port": 522,
"priority": 10,
"target": "target.akamai.com.",
"ttl": 7200,
"weight": 0
}
],
"sshfp": [
{
"active": true,
"algorithm": 2,
"fingerprint": "123456789ABCDEF67890123456789ABCDEF67890",
"fingerprint_type": 1,
"name": "host",
"ttl": 3600
}
]
"txt": [
{
"active": true,
"name": "text",
"target": "Hello world!",
"ttl": 7200
}
]
}
}
Add or modify a zone
Resource to add or modify zone configuration.
When modifying a zone, the
tokenprovided needs to match the current token for the zone configuration. The token is provided by the GET method for this resource.When adding a new zone, set the
tokenvalue tonew.The SOA record’s serial number needs to be greater than the existing SOA serial number in Control Center.
NOTE: This resource supports JSON or XML format. Default: JSON.
POST /config-dns/
Example: /config-dns/
Content-Type: application/json
Request:
{
"token": "a184671d5307a388180fbf7f11dbdf46",
"zone": {
"a": [
{
"active": true,
"name": "arecord",
"target": "1.2.3.5",
"ttl": 3600
},
{
"active": true,
"name": "origin",
"target": "1.2.3.9",
"ttl": 3600
},
{
"active": true,
"name": "arecord",
"target": "1.2.3.4",
"ttl": 3600
}
],
"aaaa": [
{
"active": true,
"name": "ipv6record",
"target": "2001:0db8::ff00:0042:8329",
"ttl": 3600
}
],
"afsdb": [
{
"active": true,
"name": "afsdb",
"subtype": 1,
"target": "example.com.",
"ttl": 7200
}
],
"cname": [
{
"active": true,
"name": "redirect",
"target": "arecord.example.com.",
"ttl": 3600
}
],
"dnskey": [
{
"active": true,
"algorithm": 3,
"flags": 257,
"key": "Av//0/goGKPtaa28nQvPoUwVQ ... i/0hC+1CrmQkuuKtQt98WObuv7q8iQ==",
"name": "dnskey",
"protocol": 7,
"ttl": 7200
}
],
"ds": [
{
"active": true,
"algorithm": 7,
"digest": "909FF0B4DD66F91F56524C4F968D13083BE42380",
"digest_type": 1,
"keytag": 30336,
"name": "ds",
"ttl": 7200
}
],
"hinfo": [
{
"active": true,
"hardware": "INTEL-386",
"name": "hinfo",
"software": "UNIX",
"ttl": 7200
}
],
"id": 11874,
"loc": [
{
"active": true,
"name": "location",
"target": "51 30 12.748 N 0 7 39.611 W 0.00m 0.00m 0.00m 0.00m",
"ttl": 7200
}
],
"mx": [
{
"active": true,
"name": "four",
"priority": 10,
"target": "mx1.akamai.com.",
"ttl": 7200
}
],
"name": "example.com",
"naptr": [
{
"active": true,
"flags": "S",
"name": "naptrrecord",
"order": 0,
"preference": 10,
"regexp": "!^.*$!sip:customer-service@example.com!",
"replacement": ".",
"service": "SIP+D2U",
"ttl": 3600
}
],
"ns": [
{
"active": true,
"name": null,
"target": "use4.akam.net.",
"ttl": 3600
},
{
"active": true,
"name": null,
"target": "use3.akam.net.",
"ttl": 3600
},
{
"active": true,
"name": "five",
"target": "use4.akam.net.",
"ttl": 172800
}
],
"nsec3": [
{
"active": true,
"algorithm": 1,
"flags": 0,
"iterations": 1,
"name": "qdeo8lqu4l81uo67oolpo9h0nv9l13dh",
"next_hashed_owner_name": "R2NUSMGFSEUHT195P59KOU2AI30JR96P",
"salt": "EBD1E0942543A01B",
"ttl": 7200,
"type_bitmaps": "CNAME RRSIG"
}
],
"nsec3param": [
{
"active": true,
"algorithm": 1,
"flags": 0,
"iterations": 1,
"name": "qnsec3param",
"salt": "EBD1E0942543A01B",
"ttl": 7200
}
],
"ptr": [
{
"active": true,
"name": "ptr",
"target": "ptr.example.com.",
"ttl": 7200
}
],
"rp": [
{
"active": true,
"mailbox": "admin.example.com.",
"name": "rp",
"ttl": 7200,
"txt": "txt.example.com."
}
],
"rrsig": [
{
"active": true,
"algorithm": 7,
"expiration": "20120318104101",
"inception": "20120315094101",
"keytag": 63761,
"labels": 3,
"name": "arecord",
"original_ttl": 3600,
"signature": "toCy19QnAb86vRlQjf5 ... z1doJdHEr8PiI+Is9Eafxh+4Idcw8Ysv",
"signer": "example.com.",
"ttl": 7200,
"type_covered": "A"
}
],
"soa": {
"contact": "hostmaster.akamai.com.",
"expire": 604800,
"minimum": 180,
"originserver": "use4.akamai.com.",
"refresh": 900,
"retry": 300,
"serial": 1271354824,
"ttl": 900
},
"spf": [
{
"active": true,
"name": "spf",
"target": "v=spf a -all",
"ttl": 7200
}
],
"srv": [
{
"active": true,
"name": "srv",
"port": 522,
"priority": 10,
"target": "target.akamai.com.",
"ttl": 7200,
"weight": 0
}
],
"sshfp": [
{
"active": true,
"algorithm": 2,
"fingerprint": "123456789ABCDEF67890123456789ABCDEF67890",
"fingerprint_type": 1,
"name": "host",
"ttl": 3600
}
]
"txt": [
{
"active": true,
"name": "text",
"target": "Hello world!",
"ttl": 7200
}
]
}
}
POST /config-dns/
Example: /config-dns/
Content-Type: text/dns
Request:
example.com. 900 IN SOA use4.akamai.com. hostmaster.akamai.com. 1271354824 900 300 604800 180
example.com. 3600 IN NS use4.akam.net.
example.com. 3600 IN NS use3.akam.net.
afsdb.example.com. 7200 IN AFSDB 1 example.com.
arecord.example.com. 3600 IN A 1.2.3.5
arecord.example.com. 3600 IN A 1.2.3.4
arecord.example.com. 3600 IN RRSIG A 7 3 3600 20120318104101 20120315094101 63761 example.com. toCy19QnAb86vRlQjf5ARG3wQ7CbH4B4wJ5B6OO7C7/1TP0JXUuOcQ5xMs3NLuzwo2VqqRBBQ1ZlmpIhJ9ceGYYpd7IWEIdbyeZo1PqiQc25HfVObGgyks4RVdN3q4mIxHwqzuWzz1doJdHEr8PiI+Is9Eafxh+4Idcw8Ysv
dnskey.example.com. 7200 IN DNSKEY 257 7 3 Av//0/goGKPtaa28nQvPoUwVQelORVnzzZH/obPaLxWO5cwYjEXQWzkadfO5pxdeydYTFqGQsTd8c/V0UtCLlRzz5ZGU+pMewlpjtz9n3Ea9O4cCoXdcRrTj4wFQbK+h50iI8Cbcog7H76vgfAU9vSIueBwlWFvId9ehPUlbaL6KVBr5WFvHnUwCjVsUIvRwGKVOixFsthMUf+hPSp2Fx8OHvyw9oQ/TR/QEwj3cGpnbGVvtFzLlo4FdsLoktoLNbvsDxetTzCFRG2GvChmzoQ9xwwQOWiSu5THgTHskiuZPZ2x2UAZGPER0P6A6i/0hC+1CrmQkuuKtQt98WObuv7q8iQ==
ds.example.com. 7200 IN DS 30336 7 1 909FF0B4DD66F91F56524C4F968D13083BE42380
five.example.com. 172800 IN NS use4.akam.net.
four.example.com. 7200 IN MX 10 mx1.akamai.com.
hinfo.example.com. 7200 IN HINFO "INTEL-386" "UNIX"
host.example.com. 3600 IN SSHFP 2 1 123456789ABCDEF67890123456789ABCDEF67890
ipv6record.example.com. 3600 IN AAAA 2001:db8:0:0:0:ff00:42:8329
location.example.com. 0 IN LOC 51 30 12.748 N 0 7 39.611 W 0m 0m 0m 0m
naptrrecord.example.com. 3600 IN NAPTR 0 10 "S" "SIP+D2U" "!^.*$!sip:customer-service@example.com!" .
origin.example.com. 3600 IN A 1.2.3.9
ptr.example.com. 7200 IN PTR ptr.example.com.
qdeo8lqu4l81uo67oolpo9h0nv9l13dh.example.com. 7200 IN NSEC3 1 0 1 EBD1E0942543A01B R2NUSMGFSEUHT195P59KOU2AI30JR96P CNAME RRSIG
qnsec3param.example.com. 7200 IN NSEC3PARAM 1 0 1 EBD1E0942543A01B
redirect.example.com. 3600 IN CNAME arecord.example.com.
rp.example.com. 7200 IN RP admin.example.com. txt.example.com.
spf.example.com. 7200 IN SPF "v=spf a -all"
srv.example.com. 7200 IN SRV 10 0 522 target.akamai.com.
text.example.com. 7200 IN TXT "Hello world!"
| Parameter | Type | Sample | Description |
|---|---|---|---|
| Required | |||
zone |
String | example.com |
Domain zone, encapsulating any nested subdomains. |
Status 204
Headers:
Location: /config-dns/config-dns/v1/zones/example.com
Data
This section provides details on the API’s data members. The API supports the following record types:
The API also supports the following record types for customers who have enabled DNSSEC support:
A
Address record. Represents a 32-bit IPv4 address.
| Member | Type | Description |
|---|---|---|
name |
String | The name of the record. The name is an owner name, that is, the name of the node to which this resource record pertains. |
ttl |
Number | The TTL is a 32-bit signed integer that specifies the time interval that the resource record may be cached before the source of the information should be consulted again. Zero values are interpreted to mean that the RR can only be used for the transaction in progress, and should not be cached. Zero values can also be used for extremely volatile data. |
active |
Boolean | Setting the state to inactive omits the record from DNS query results, and might be useful, for example, during maintenance. |
target |
String | An IPv4 address, for example, 1.2.3.4. |
AAAA
IPv6 address record. Represents a 128-bit IPv6 address.
| Member | Type | Description |
|---|---|---|
name |
String | The name of the record. The name is an owner name, that is, the name of the node to which this resource record pertains. |
ttl |
Number | The TTL is a 32-bit signed integer that specifies the time interval that the resource record may be cached before the source of the information should be consulted again. Zero values are interpreted to mean that the RR can only be used for the transaction in progress, and should not be cached. Zero values can also be used for extremely volatile data. |
active |
Boolean | Setting the state to inactive omits the record from DNS query results, and might be useful, for example, during maintenance. |
target |
String | An IPv4 address, for example, 2001:0db8::ff00:0042:8329. |
AFSDB
AFS database record. Represents the location of database servers of an AFS cell. This record is commonly used by AFS clients to contact AFS cells outside their local domain. A subtype of this record is used by the obsolete DCE/DFS file system.
| Member | Type | Description |
|---|---|---|
name |
String | The name of the record. The name is an owner name, that is, the name of the node to which this resource record pertains. |
ttl |
Number | The TTL is a 32-bit signed integer that specifies the time interval that the resource record may be cached before the source of the information should be consulted again. Zero values are interpreted to mean that the RR can only be used for the transaction in progress, and should not be cached. Zero values can also be used for extremely volatile data. |
active |
Boolean | Setting the state to inactive omits the record from DNS query results, and might be useful, for example, during maintenance. |
target |
String | A domain name of a host that has a server for the cell named by the owner name of the resource record. |
subtype |
Number | An integer between 0 and 65535, indicating the type of service provided by the host. |
CNAME
Canonical name record. Represents an alias of one name to another: the DNS lookup will continue by retrying the lookup with the new name.
| Member | Type | Description |
|---|---|---|
name |
String | The name of the record. The name is an owner name, that is, the name of the node to which this resource record pertains. |
ttl |
Number | The TTL is a 32-bit signed integer that specifies the time interval that the resource record may be cached before the source of the information should be consulted again. Zero values are interpreted to mean that the RR can only be used for the transaction in progress, and should not be cached. Zero values can also be used for extremely volatile data. |
active |
Boolean | Setting the state to inactive omits the record from DNS query results, and might be useful, for example, during maintenance. |
target |
String | A domain name that specifies the canonical or primary name for the owner. The owner name is an alias. |
DNSKEY
DNS Key record, the key record used in DNSSEC. Uses the same format as the KEY record. It requires DNSSEC.
| Member | Type | Description |
|---|---|---|
name |
String | The name of the record. The name is an owner name, that is, the name of the node to which this resource record pertains. |
ttl |
Number | The TTL is a 32-bit signed integer that specifies the time interval that the resource record may be cached before the source of the information should be consulted again. Zero values are interpreted to mean that the RR can only be used for the transaction in progress, and should not be cached. Zero values can also be used for extremely volatile data. |
active |
Boolean | Setting the state to inactive omits the record from DNS query results, and might be useful, for example, during maintenance. |
flags |
Number | flags. |
protocol |
Number | Must have the value 3. The DNSKEY resource record must be treated as invalid during signature verification if it contains a value other than 3. |
algorithm |
Number | The public key’s cryptographic algorithm and determine the format of the public key field. |
key |
String | Base 64 encoded value representing the public key, the format of which depends on the algorithm being used. |
DS
Delegation signer record. The record used to identify the DNSSEC signing key of a delegated zone. It requires DNSSEC.
| Member | Type | Description |
|---|---|---|
name |
String | The name of the record. The name is an owner name, that is, the name of the node to which this resource record pertains. |
ttl |
Number | The TTL is a 32-bit signed integer that specifies the time interval that the resource record may be cached before the source of the information should be consulted again. Zero values are interpreted to mean that the RR can only be used for the transaction in progress, and should not be cached. Zero values can also be used for extremely volatile data. |
active |
Boolean | Setting the state to inactive omits the record from DNS query results, and might be useful, for example, during maintenance. |
keytag |
Number | The key tag of the DNSKEY resource record referred to by the DS record, in network byte order. |
algorithm |
Number | The algorithm number of the DNSKEY resource record referred to by the DS record. |
digest_type |
Number | Identifies the algorithm used to construct the digest. |
digest |
String | The base 16 encoded DS record refers to a DNSKEY RR by including a digest of that DNSKEY RR. The digest is calculated by concatenating the canonical form of the fully qualified owner name of the DNSKEY RR with the DNSKEY RDATA, and then applying the digest algorithm. |
HINFO
Host Information record. Describes the CPU and OS of a host.
| Member | Type | Description |
|---|---|---|
name |
String | The name of the record. The name is an owner name, that is, the name of the node to which this resource record pertains. |
ttl |
Number | The TTL is a 32-bit signed integer that specifies the time interval that the resource record may be cached before the source of the information should be consulted again. Zero values are interpreted to mean that the RR can only be used for the transaction in progress, and should not be cached. Zero values can also be used for extremely volatile data. |
active |
Boolean | Setting the state to inactive omits the record from DNS query results, and might be useful, for example, during maintenance. |
hardware |
String | Type of hardware the host uses. A machine name or CPU type may be up to 40 characters taken from the set of uppercase letters, digits, and the two punctuation characters hyphen and slash. It must start with a letter, and end with a letter. |
software |
String | Type of software the host uses. A system name may be up to 40 characters taken from the set of uppercase letters, digits, and the two punctuation characters hyphen and slash. It must start with a letter, and end with a letter or digit. |
LOC
Location record. Specifies a geographical location associated with a domain name.
| Member | Type | Description |
|---|---|---|
name |
String | The name of the record. The name is an owner name, that is, the name of the node to which this resource record pertains. |
ttl |
Number | The TTL is a 32-bit signed integer that specifies the time interval that the resource record may be cached before the source of the information should be consulted again. Zero values are interpreted to mean that the RR can only be used for the transaction in progress, and should not be cached. Zero values can also be used for extremely volatile data. |
active |
Boolean | Setting the state to inactive omits the record from DNS query results, and might be useful, for example, during maintenance. |
target |
String | A geographical location associated with a domain name. |
MX
Mail exchange record. Maps a domain name to a list of message transfer agents for that domain.
| Member | Type | Description |
|---|---|---|
name |
String | The name of the record. The name is an owner name, that is, the name of the node to which this resource record pertains. |
ttl |
Number | The TTL is a 32-bit signed integer that specifies the time interval that the resource record may be cached before the source of the information should be consulted again. Zero values are interpreted to mean that the RR can only be used for the transaction in progress, and should not be cached. Zero values can also be used for extremely volatile data. |
active |
Boolean | Setting the state to inactive omits the record from DNS query results, and might be useful, for example, during maintenance. |
target |
String | A domain name that specifies a host willing to act as a mail exchange for the owner name. |
priority |
String | The preference value given to the MX record among MX records. When a mailer needs to send mail to a certain DNS domain, it first contacts a DNS server for that domain and retrieves all the MX records. It then contacts the mailer with the lowest preference value. |
NAPTR
Naming Authority Pointer. Allows regular expression based rewriting of domain names which can then be used as URIs, further domain names to lookups, etc.
| Member | Type | Description |
|---|---|---|
name |
String | The name of the record. The name is an owner name, that is, the name of the node to which this resource record pertains. |
ttl |
Number | The TTL is a 32-bit signed integer that specifies the time interval that the resource record may be cached before the source of the information should be consulted again. Zero values are interpreted to mean that the RR can only be used for the transaction in progress, and should not be cached. Zero values can also be used for extremely volatile data. |
active |
Boolean | Setting the state to inactive omits the record from DNS query results, and might be useful, for example, during maintenance. |
order |
Number | A 16-bit unsigned integer specifying the order in which the NAPTR records MUST be processed to ensure the correct ordering ofrules. Low numbers are processed before high numbers, and once a NAPTR is found whose rule “matches” the target, the client MUST NOT consider any NAPTRs with a higher value for order (except as noted below for the Flags field). |
preference |
Number | A 16-bit unsigned integer that specifies the order in which NAPTR records with equal order values should be processed, low numbers being processed before high numbers. |
flags |
String | A <character-string> containing flags to control aspects of the rewriting and interpretation of the fields in the record. Flags are single characters from the set [A-Z0-9]. The case of the alphabetic characters is not significant. |
service |
String | Specifies the services available down this rewrite path. |
regexp |
String | A String containing a substitution expression that is applied to the original string held by the client in order to construct the next domain name to lookup. |
replacement |
String | The next NAME to query for NAPTR, SRV, or address records depending on the value of the flags field. This MUST be a fully qualified domain-name. |
NS
Name server record. Delegates a DNS zone to use the given authoritative name servers.
| Member | Type | Description |
|---|---|---|
name |
String | The name of the record. The name is an owner name, that is, the name of the node to which this resource record pertains. |
ttl |
Number | The TTL is a 32-bit signed integer that specifies the time interval that the resource record may be cached before the source of the information should be consulted again. Zero values are interpreted to mean that the RR can only be used for the transaction in progress, and should not be cached. Zero values can also be used for extremely volatile data. |
active |
Boolean | Setting the state to inactive omits the record from DNS query results, and might be useful, for example, during maintenance. |
target |
String | A domain name that specifies an authoritative host for the specified class and domain. |
NSEC3
NSEC record version 3. An extension to DNSSEC that allows proof of nonexistence for a name without permitting zonewalking. It requires DNSSEC.
| Member | Type | Description |
|---|---|---|
name |
String | The name of the record. The name is an owner name, that is, the name of the node to which this resource record pertains. |
ttl |
Number | The TTL is a 32-bit signed integer that specifies the time interval that the resource record may be cached before the source of the information should be consulted again. Zero values are interpreted to mean that the RR can only be used for the transaction in progress, and should not be cached. Zero values can also be used for extremely volatile data. |
active |
Boolean | Setting the state to inactive omits the record from DNS query results, and might be useful, for example, during maintenance. |
algorithm |
Number | The cryptographic hash algorithm used to construct the hash-value. |
flags |
Number | The 8 one-bit flags that can be used to indicate different processing. All undefined flags must be zero. |
iterations |
Number | The number of additional times the hash function has been performed. |
salt |
String | The base 16 encoded salt value, which is appended to the original owner name before hashing in order to defend against pre-calculated dictionary attacks. |
next_hashed_owner_name |
String | Base 32 encoded. The next hashed owner name in hash order. This value is in binary format. Given the ordered set of all hashed owner names, the Next Hashed Owner Name field contains the hash of an owner name that immediately follows the owner name of the given NSEC3 RR. |
type_bitmaps |
String | The resource record set types that exist at the original owner name of the NSEC3 RR. |
NSEC3PARAM
NSEC3 members, for use with NSEC3. It requires DNSSEC.
| Member | Type | Description |
|---|---|---|
name |
String | The name of the record. The name is an owner name, that is, the name of the node to which this resource record pertains. |
ttl |
Number | The TTL is a 32-bit signed integer that specifies the time interval that the resource record may be cached before the source of the information should be consulted again. Zero values are interpreted to mean that the RR can only be used for the transaction in progress, and should not be cached. Zero values can also be used for extremely volatile data. |
active |
Boolean | Setting the state to inactive omits the record from DNS query results, and might be useful, for example, during maintenance. |
algorithm |
Number | The cryptographic hash algorithm used to construct the hash-value. |
flags |
Number | The 8 one-bit flags that can be used to indicate different processing. All undefined flags must be zero. |
iterations |
Number | The number of additional times the hash function has been performed. |
salt |
String | The base 16 encoded salt value, which is appended to the original owner name before hashing in order to defend against pre-calculated dictionary attacks. |
PTR
Pointer to a canonical name. Unlike a CNAME, DNS processing does NOT proceed, just the name is returned. The most common use is for implementing reverse DNS lookups.
| Member | Type | Description |
|---|---|---|
name |
String | The name of the record. The name is an owner name, that is, the name of the node to which this resource record pertains. |
ttl |
Number | The TTL is a 32-bit signed integer that specifies the time interval that the resource record may be cached before the source of the information should be consulted again. Zero values are interpreted to mean that the RR can only be used for the transaction in progress, and should not be cached. Zero values can also be used for extremely volatile data. |
active |
Boolean | Setting the state to inactive omits the record from DNS query results, and might be useful, for example, during maintenance. |
target |
String | A domain name that points to some location in the domain name space. |
RP
Responsible person. Information about people responsible for the
domain. Usually an email address with the @ replaced by a .
| Member | Type | Description |
|---|---|---|
name |
String | The name of the record. The name is an owner name, that is, the name of the node to which this resource record pertains. |
ttl |
Number | The TTL is a 32-bit signed integer that specifies the time interval that the resource record may be cached before the source of the information should be consulted again. Zero values are interpreted to mean that the RR can only be used for the transaction in progress, and should not be cached. Zero values can also be used for extremely volatile data. |
active |
Boolean | Setting the state to inactive omits the record from DNS query results, and might be useful, for example, during maintenance. |
mailbox |
String | A domain name that specifies the mailbox for the responsible person. |
txt |
String | A domain name for which TXT resource records exist. |
RRSIG
DNSSEC signature. Signature for a DNSSEC-secured record set. Uses the same format as the SIG record. It requires DNSSEC.
| Member | Type | Description |
|---|---|---|
name |
String | The name of the record. The name is an owner name, that is, the name of the node to which this resource record pertains. |
ttl |
Number | The TTL is a 32-bit signed integer that specifies the time interval that the resource record may be cached before the source of the information should be consulted again. Zero values are interpreted to mean that the RR can only be used for the transaction in progress, and should not be cached. Zero values can also be used for extremely volatile data. |
active |
Boolean | Setting the state to inactive omits the record from DNS query results, and might be useful, for example, during maintenance. |
type_covered |
String | The resource record set type covered by this signature. |
algorithm |
Number | The Algorithm Number field identifies the cryptographic algorithm used to create the signature. |
original_ttl |
Number | The TTL of the covered record set as it appears in the authoritative zone. |
expiration |
String | The end point of this signature’s validity. The signature cannot be used for authentication past this point. |
inception |
String | The start point of this signature’s validity. The signature cannot be used for authentication prior to this point. |
keytag |
Number | The Key Tag field contains the key tag value of the DNSKEY RR that validates this signature, in network byte order. |
signer |
String | The owner of the DSNKEY resource record who validates this signature. |
signature |
String | The base 64 encoded cryptographic signature that covers the RRSIG RDATA and covered record set. Format depends on the TSIG algorithm in use. |
labels |
Number | The Labels field specifies the number of labels in the original RRSIG RR owner name. The significance of this field is that a validator uses it to determine whether the answer was synthesized from a wildcard. If so, it can be used to determine what owner name was used in generating the signature. |
SOA
Start of a zone of authority record. Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone.
| Member | Type | Description |
|---|---|---|
ttl |
Number | A signed integer between 0 and 214748364 that specifies the time interval that the resource record may be cached before the source of the information should be consulted again. Zero values are interpreted to mean that the RR can only be used for a transaction in progress, and should not be cached. For example, SOA records are always distributed with a zero TTL to prohibit caching. Zero values can also be used for extremely volatile data. |
originserver |
String | The domain name of the name server that was the original or primary source of data for this zone. |
contact |
String | A domain name that specifies the mailbox of this person responsible for this zone. |
serial |
Number | The unsigned version number between 0 and 214748364 of the original copy of the zone. |
refresh |
Number | A time interval between 0 and 214748364 before the zone should be refreshed. |
retry |
Number | A time interval between 0 and 214748364 that should elapse before a failed refresh should be retried. |
expire |
Number | A time value between 0 and 214748364 that specifies the upper limit on the time interval that can elapse before the zone is no longer authoritative. |
minimum |
Number | The unsigned minimum TTL between 0 and 214748364 that should be exported with any resource record from this zone. |
SPF
Sender Policy Framework. Specified as part of the SPF protocol as an alternative to of storing SPF data in TXT records. Uses the same format as the earlier TXT record.
| Member | Type | Description |
|---|---|---|
name |
String | The name of the record. The name is an owner name, that is, the name of the node to which this resource record pertains. |
ttl |
Number | The TTL is a 32-bit signed integer that specifies the time interval that the resource record may be cached before the source of the information should be consulted again. Zero values are interpreted to mean that the RR can only be used for the transaction in progress, and should not be cached. Zero values can also be used for extremely volatile data. |
active |
Boolean | Setting the state to inactive omits the record from DNS query results, and might be useful, for example, during maintenance. |
target |
String | Indicates which hosts are, and are not, authorized to use a domain name for the “HELO” and “MAIL FROM” identities. |
SRV
Service locator. Generalized service location record, used for newer protocols instead of creating protocol-specific records such as MX.
| Member | Type | Description |
|---|---|---|
name |
String | The name of the record. The name is an owner name, that is, the name of the node to which this resource record pertains. |
ttl |
Number | The TTL is a 32-bit signed integer that specifies the time interval that the resource record may be cached before the source of the information should be consulted again. Zero values are interpreted to mean that the RR can only be used for the transaction in progress, and should not be cached. Zero values can also be used for extremely volatile data. |
active |
Boolean | Setting the state to inactive omits the record from DNS query results, and might be useful, for example, during maintenance. |
target |
String | The domain name of the target host. |
priority |
Number | A 16-bit integer that specifies the preference given to this resource record among others at the same owner. Lower values are preferred. |
weight |
Number | A server selection mechanism, specifying a relative weight for entries with the same priority. Larger weights should be given a proportionately higher probability of being selected. The range of this number is 0–65535, a 16-bit unsigned integer in network byte order. Domain administrators should use Weight 0 when there isn’t any server selection to do, to make the RR easier to read for humans. In the presence of records containing weights greater than 0, records with weight 0 should have a very small chance of being selected. |
port |
Number | he port on this target of this service. The range of this number is 0–65535, a 16-bit unsigned integer in network byte order. |
SSHFP
SSH Public Key Fingerprint. Resource record for publishing SSH public host key fingerprints in the DNS System, in order to aid in verifying the authenticity of the host.
| Member | Type | Description |
|---|---|---|
name |
String | The name of the record. The name is an owner name, that is, the name of the node to which this resource record pertains. |
ttl |
Number | The TTL is a 32-bit signed integer that specifies the time interval that the resource record may be cached before the source of the information should be consulted again. Zero values are interpreted to mean that the RR can only be used for the transaction in progress, and should not be cached. Zero values can also be used for extremely volatile data. |
active |
Boolean | Setting the state to inactive omits the record from DNS query results, and might be useful, for example, during maintenance. |
algorithm |
Number | Describes the algorithm of the public key. The following values are assigned: 0 = reserved; 1 = RSA; 2 = DSS, 3 = ECDSA |
fingerprint_type |
Number | Describes the message-digest algorithm used to calculate the fingerprint of the public key. The following values are assigned: 0 = reserved, 1 = SHA-1, 2 = SHA-256 |
fingerprint |
String | The base 16 encoded fingerprint as calculated over the public key blob. The message-digest algorithm is presumed to produce an opaque octet string output, which is placed as-is in the RDATA fingerprint field. |
TXT
Text record. Originally for arbitrary human-readable text in a DNS record. Since the early 1990s, however, this record more often carries machine-readable data.
| Member | Type | Description |
|---|---|---|
name |
String | The name of the record. The name is an owner name, that is, the name of the node to which this resource record pertains. |
ttl |
Number | The TTL is a 32-bit signed integer that specifies the time interval that the resource record may be cached before the source of the information should be consulted again. Zero values are interpreted to mean that the RR can only be used for the transaction in progress, and should not be cached. Zero values can also be used for extremely volatile data. |
active |
Boolean | Setting the state to inactive omits the record from DNS query results, and might be useful, for example, during maintenance. |
target |
String | One or more character strings. TXT RRs are used to hold descriptive text. The semantics of the text depends on the domain where it is found. |