Articles in this section

See more

Common DNS Request Types

Avatar
Daniel Cheung
  • Updated
Follow

Overview

 

 

This article explains the DNS Request Types that can be collected and listed in a report. Each record type has its own purpose in the DNS infrastructure. When thinking DNS, the first record type that comes to mind is the A Record which is the IPv4 IP address belonging to the hostname of the domain. 

Note:

This list is by no means exhaustive.  A more complete list, including the relevant RFC for each record type can be found here: https://en.wikipedia.org/wiki/List_of_DNS_record_types

 

 

 

 

DNS Lookup Types, Descriptions, & Functions

 

 

 DNS  Lookup  Type

 Description 

Function
 A  IPv4 address record

 Returns a 32-bit IP address, which typically maps a domain’s hostname to an IP address, but also used for DNSBLs  and storing subnet masks
 AAAA  IPv6 address record

 Returns a 128-bit IP address that maps a domain’s hostname to an IP address
 ANY  All cached records

 Returns all records of all types known to the name server
 CNAME  Canonical name record

 Alias of one name to another: the DNS lookup will continue by retrying the lookup with the new name
 MX  Mail exchange record

 Maps a domain name to a list of message transfer agents for that domain
 NS  Name server record

 Delegates a DNS zone to use the specified authoritative name servers
 PTR  Pointer record

 Pointer to a canonical name that returns the name only and is used for implementing reverse DNS lookups
 SIG  Signature

 Signature record
 SOA  Start of authority  record

 Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain  administrator, the domain serial number, and several timers relating to refreshing the zone
 SRV  Service locator

 Generalized service location record, used for newer protocols instead of creating protocol-specific records such as MX
 TXT  Text record

 Carries extra data, sometimes human-readable, most of the time machine-readable such as opportunistic encryption,  DomainKeys, DNS-SD, etc.

 

Note:

With regards to blocked domains (for security threats, not content filtering), please note that Cisco Umbrella blocks A, AAAA, ANY, CNAME, PTR, SRV, and TXT records (ANY, PTR, and TXT were added as of September 2015), so queries for other record types (MX and SIG) will be allowed, even though the category is blocked. Also, TXT records will not be blocked by content filtering.

Related articles

Comments

0 comments

Please sign in to leave a comment.