The Domain Name System protocols are more than 20 years old, and many of the older RFCs are obsolete, but there still exist clients running software implementing the very oldest protocols. Here are the RFCs pertaining to DNS. FAQS.org maintains a list of DNS Protocol Related Documents here (opens in new window).
The following table lists the RFCs that pertain to DNS, along with the broad area(s) covered by the RFC. These are:
- Bgnd – Background information on DNS
- Prot – Describes protocol elements of DNS (excluding wire format of resource records, but including general operation)
- Names – Information about valid DNS names
- Ops – Recommendations for DNS operations
- RR – Definitions of resource records
- Proxy – Standards for DNS proxies
- Stub – Standards for stub resolvers
- Auth – Standards for authoritative servers
- Res – Standards for recursive resolvers
- Xfr – Defines the full (AXFR) and incremental (IXFR) transfer protocol.
- DDNS – Dynamic DNS
- DNSSEC – DNSSEC-related RFCs
Not included in the list are RFCs that, although useful, are not directly related to DNS (e.g. standards concerning randomness etc.)
| RFC | Type | Status | Title | Bgnd | Prot | Names | Ops | RR | Proxy | Stub | Auth | Res | Xfr | DDNS | DNSSEC |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
882 |
Obsolete | Domain Names – Concepts and Facilities | x | x | x | x | |||||||||
| 883 |
Obsolete | Domain Names – Implementation and Specification | x | x | x | x | x | ||||||||
| 920 |
Domain Requirements | x | |||||||||||||
| 973 |
Obsolete | Domain System Changes and Observations | x | x | x | x | |||||||||
| 1032 |
Domain Administrators Guide | x | |||||||||||||
| 1033 |
Domain Administrators Operations Guide | x | |||||||||||||
| 1034 |
Standard | Domain Names – Concepts and Facilities | x | x | x | x | x | x | |||||||
| 1035 |
Standard | Domain Names – Implementation and Specification | x | x | x | x | x | x | |||||||
| 1101 |
DNS Encoding of Network Names and Other Types | x | |||||||||||||
| 1123 |
Standard | Requirements for Internet Hosts – Application and Support | x | x | x | ||||||||||
| 1178 |
Informational | Choosing a Name for Your Computer | x | ||||||||||||
| 1183 |
Experimental | New DNS RR Definitions | x | ||||||||||||
| 1348 |
Experimental | Obsolete | DNS NSAP RRs | x | |||||||||||
| 1401 |
Informational | Correspondence between the IAB and DISA on the use of DNS throughout the Internet | x | ||||||||||||
| 1535 |
Informational | A Security Problem and Proposed Correction With Widely Deployed DNS Software | x | ||||||||||||
| 1536 |
Informational | Common DNS Implementation Errors and Suggested Fixes | x | x | |||||||||||
| 1537 |
Informational | Obsolete | Common DNS Data File Configuration Errors | x | |||||||||||
| 1591 |
Informational | Domain Name System Structure and Delegation | x | ||||||||||||
| 1611 |
Historic | Historic | DNS Server MIB Extensions | x | |||||||||||
| 1612 |
Historic | Historic | DNS Resolver MIB Extensions | x | |||||||||||
| RFC | Type | Status | Title | Bgnd | Prot | Names | Ops | RR | Proxy | Stub | Auth | Res | Xfr | DDNS | DNSSEC |
| 1637 |
Experimental | Obsolete | DNS NSAP Resource Records | x | |||||||||||
| 1664 |
Experimental | Obsolete | Using the Internet DNS to Distribute RFC1327 Mail Address Mapping Tables | x | |||||||||||
| 1706 |
Informational | DNS NSAP Resource Records | x | ||||||||||||
| 1712 |
Experimental | DNS Encoding of Geographical Location | x | ||||||||||||
| 1713 |
Informational | Tools for DNS Debugging | x | ||||||||||||
| 1794 |
Informational | DNS Support for Load Balancing | x | ||||||||||||
| 1876 |
Experimental | A Means for Expressing Location Information in the Domain Name System | x | ||||||||||||
| 1886 |
Proposed | Obsolete | DNS Extensions to support IP version 6 | x | x | ||||||||||
| 1912 |
Informational | Common DNS Data File Configuration Errors | x | ||||||||||||
| 1982 |
Proposed | Serial Number Arithmetic | x | x | |||||||||||
| 1995 |
Proposed | Incremental Zone Transfer in DNS | x | x | x | ||||||||||
| 1996 |
Proposed | A Mechanism for Prompt Notification of Zone Changes (DNS NOTIFY) | x | x | x | ||||||||||
| 2010 |
Informational | Obsolete | Operational Criteria for Root Name Servers | x | |||||||||||
| 2052 |
Experimental | Obsolete | A DNS RR for specifying the location of services (DNS SRV) | x | |||||||||||
| 2065 |
Proposed | Obsolete | Domain Name System Security Extensions | x | x | x | x | x | x | ||||||
| 2100 |
Informational | April 1st | The Naming of Hosts | ||||||||||||
| 2136 |
Proposed | Dynamic Updates in the Domain Name System (DNS UPDATE) | x | x | x | ||||||||||
| 2137 |
Proposed | Obsolete | Secure Domain Name System Dynamic Update | x | x | x | |||||||||
| 2163 |
Proposed | Using the Internet DNS to Distribute MIXER Conformant Global Address Mapping (MCGAM) | x | ||||||||||||
| 2168 |
Experimental | Obsolete | Resolution of Uniform Resource Identifiers using the Domain Name System | x | |||||||||||
| RFC | Type | Status | Title | Bgnd | Prot | Names | Ops | RR | Proxy | Stub | Auth | Res | Xfr | DDNS | DNSSEC |
| 2181 |
Proposed | Clarifications to the DNS Specification | x | x | x | x | |||||||||
| 2182 |
BCP | Selection and Operation of Secondary DNS Servers | x | ||||||||||||
| 2230 |
Informational | Key Exchange Delegation Record for the DNS | x | ||||||||||||
| 2308 |
Proposed | Negative Caching of DNS Queries (DNS NCACHE) | x | ||||||||||||
| 2317 |
BCP | Classless IN-ADDR.ARPA delegation | x | ||||||||||||
| 2535 |
Proposed | Obsolete | Domain Name System Security Extensions | x | x | x | x | x | |||||||
| 2536 |
Proposed | DSA KEYs and SIGs in the Domain Name System (DNS) | x | ||||||||||||
| 2537 |
Proposed | Obsolete | RSA/MD5 KEYs and SIGs in the Domain Name System (DNS) | x | |||||||||||
| 2538 |
Proposed | Obsolete | Storing Certificates in the Domain Name System (DNS) | x | |||||||||||
| 2539 |
Proposed | Storage of Diffie-Hellman Keys in the Domain Name System (DNS) | x | ||||||||||||
| 2540 |
Experimental | Detached Domain Name System (DNS) Information | x | ||||||||||||
| 2541 |
Informational | Obsolete | DNS Security Operational Considerations | x | |||||||||||
| 2606 |
BCP | Reserved Top Level DNS Names | x | ||||||||||||
| 2671 |
Proposed | Obsolete | Extension Mechanisms for DNS (EDNS0) | x | x | x | x | ||||||||
| 2672 |
Proposed | Obsolete | Non-Terminal DNS Name Redirection | x | x | x | |||||||||
| 2673 |
Historic | Obsolete | Binary Labels in the Domain Name System | x | x | x | |||||||||
| 2782 |
Proposed | A DNS RR for specifying the location of services (DNS SRV) | x | ||||||||||||
| 2825 |
Informational | A Tangled Web: Issues of I18N, Domain Names, and the Other Internet protocols | x | ||||||||||||
| 2826 |
Informational | IAB Technical Comment on the Unique DNS Root | x | ||||||||||||
| 2845 |
Proposed | Secret Key Transaction Authentication for DNS (TSIG) | x | x | x | x | |||||||||
| RFC | Type | Status | Title | Bgnd | Prot | Names | Ops | RR | Proxy | Stub | Auth | Res | Xfr | DDNS | DNSSEC |
| 2870 |
BCP | Root Name Server Operational Requirements | x | ||||||||||||
| 2874 |
Historic | Historic | DNS Extensions to Support IPv6 Address Aggregation and Renumbering | x | x | x | |||||||||
| 2915 |
Proposed | Obsolete | The Naming Authority Pointer (NAPTR) DNS Resource Record | x | |||||||||||
| 2929 |
BCP | Obsolete | Domain Name System (DNS) IANA Considerations | x | x | x | |||||||||
| 2930 |
Proposed | Secret Key Establishment for DNS (TKEY RR) | x | x | x | x | |||||||||
| 2931 |
Proposed | DNS Request and Transaction Signatures ( SIG(0)s ) | x | x | x | ||||||||||
| 3007 |
Proposed | Secure Domain Name System (DNS) Dynamic Update | x | x | x | x | |||||||||
| 3008 |
Proposed | Obsolete | Domain Name System Security (DNSSEC) Signing Authority | x | |||||||||||
| 3071 |
Informational | Reflections on the DNS, RFC 1591, and Categories of Domains | x | ||||||||||||
| 3090 |
Proposed | Obsolete | DNS Security Extension Clarification on Zone Status | x | x | ||||||||||
| 3110 |
Proposed | RSA/SHA-1 SIGs and RSA KEYs in the Domain Name System (DNS) | x | ||||||||||||
| 3123 |
Experimental | A DNS RR Type for Lists of Address Prefixes (APL RR) | x | ||||||||||||
| 3130 |
Informational | Notes from the State-Of-The-Technology: DNSSEC | x | ||||||||||||
| 3152 |
BCP | Obsolete | Delegation of IP6.ARPA | x | |||||||||||
| 3197 |
Informational | Applicability Statement for DNS MIB Extensions | x | x | |||||||||||
| 3225 |
Proposed | Indicating Resolver Support of DNSSEC | x | x | x | ||||||||||
| 3226 |
Proposed | DNSSEC and IPv6 A6 aware server/resolver message size requirements | x | x | x | ||||||||||
| 3258 |
Informational | Distributing Authoritative Name Servers via Shared Unicast Addresses | x | ||||||||||||
| 3363 |
Informational | Representing Internet Protocol version 6 (IPv6) Addresses in the Domain Name System (DNS) | x | ||||||||||||
| 3364 |
Informational | Tradeoffs in Domain Name System (DNS) Support for Internet Protocol version 6 (IPv6) | x | ||||||||||||
| RFC | Type | Status | Title | Bgnd | Prot | Names | Ops | RR | Proxy | Stub | Auth | Res | Xfr | DDNS | DNSSEC |
| 3403 |
Proposed | Dynamic Delegation Discovery System (DDDS) Part Three: The Domain Name System (DNS) Database | x | x | x | ||||||||||
| 3425 |
Proposed | Obsoleting IQUERY | x | x | x | ||||||||||
| 3445 |
Proposed | Obsolete | Limiting the Scope of the KEY Resource Record (RR) | x | x | ||||||||||
| 3467 |
Informational | Role of the Domain Name System (DNS) | x | ||||||||||||
| 3490 |
Proposed | Obsolete | Internationalizing Domain Names in Applications (IDNA) | x | x | ||||||||||
| 3491 |
Proposed | Obsolete | Nameprep: A Stringprep Profile for Internationalized Domain Names (IDN) | x | x | ||||||||||
| 3492 |
Proposed | Punycode: A Bootstring encoding of Unicode for Internationalized Domain Names in Applications (IDNA) | x | x | |||||||||||
| 3596 |
Draft | DNS Extensions to Support IP Version 6 | x | ||||||||||||
| 3597 |
Proposed | Handling of Unknown DNS Resource Record (RR) Types | x | x | x | ||||||||||
| 3645 |
Proposed | Generic Security Service Algorithm for Secret Key Transaction Authentication for DNS (GSS-TSIG) | x | x | x | ||||||||||
| 3655 |
Proposed | Obsolete | Redefinition of DNS Authenticated Data (AD) bit | x | x | x | x | ||||||||
| 3658 |
Proposed | Obsolete | Delegation Signer (DS) Resource Record (RR) | x | x | x | x | ||||||||
| 3696 |
Informational | Application Techniques for Checking and Transformation of Names | x | ||||||||||||
| 3755 |
Proposed | Obsolete | Legacy Resolver Compatibility for Delegation Signer (DS) | x | x | x | x | ||||||||
| 3757 |
Proposed | Obsolete | Domain Name System KEY (DNSKEY) Resource Record (RR) Secure Entry Point (SEP) Flag | x | x | ||||||||||
| 3833 |
Informational | Threat Analysis of the Domain Name System (DNS) | x | ||||||||||||
| 3845 |
Proposed | Obsolete | DNS Security (DNSSEC) NextSECure (NSEC) RDATA Format | x | x | ||||||||||
| 3901 |
BCP | DNS IPv6 Transport Operational Guidelines | x | ||||||||||||
| 4025 |
Proposed | A Method for Storing IPsec Keying Material in DNS | x | ||||||||||||
| 4033 |
Proposed | DNS Security Introduction and Requirements | x | x | |||||||||||
| RFC | Type | Status | Title | Bgnd | Prot | Names | Ops | RR | Proxy | Stub | Auth | Res | Xfr | DDNS | DNSSEC |
| 4034 |
Proposed | Resource Records for the DNS Security Extensions | x | x | |||||||||||
| 4035 |
Proposed | Protocol Modifications for the DNS Security Extensions | x | x | x | x | |||||||||
| 4074 |
Informational | Common Misbehavior Against DNS Queries for IPv6 Addresses | x | ||||||||||||
| 4159 |
BCP | “Deprecation of “ip6.int” | x | x | |||||||||||
| 4185 |
Informational | National and Local Characters for DNS Top Level Domain (TLD) Names | x | ||||||||||||
| 4255 |
Proposed | Using DNS to Securely Publish Secure Shell (SSH) Key Fingerprints | x | ||||||||||||
| 4339 |
Informational | IPv6 Host Configuration of DNS Server Information Approaches | x | ||||||||||||
| 4343 |
Proposed | Domain Name System (DNS) Case Insensitivity Clarification | x | x | x | ||||||||||
| 4367 |
Informational | What’s in a Name: False Assumptions about DNS Names | x | ||||||||||||
| 4398 |
Proposed | Storing Certificates in the Domain Name System (DNS) | x | ||||||||||||
| 4408 |
Experimental | Sender Policy Framework (SPF) for Authorizing Use of Domains in E-Mail, Version 1 | x | ||||||||||||
| 4431 |
Informational | The DNSSEC Lookaside Validation (DLV) DNS Resource Record | x | x | |||||||||||
| 4470 |
Proposed | Minimally Covering NSEC Records and DNSSEC On-line Signing | x | x | x | ||||||||||
| 4471 |
Experimental | Derivation of DNS Name Predecessor and Successor | x | ||||||||||||
| 4472 |
Informational | Operational Considerations and Issues with IPv6 DNS | x | ||||||||||||
| 4509 |
Proposed | Use of SHA-256 in DNSSEC Delegation Signer (DS) Resource Records (Rrs) | x | x | |||||||||||
| 4592 |
Proposed | The Role of Wildcards in the Domain Name System | x | x | x | ||||||||||
| 4635 |
Proposed | HMAC SHA TSIG Algorithm Identifiers | x | x | x | ||||||||||
| 4641 |
Informational | Obsolete | DNSSEC Operational Practices | x | x | ||||||||||
| 4697 |
BCP | Observed DNS Resolution Misbehavior | x | ||||||||||||
| RFC | Type | Status | Title | Bgnd | Prot | Names | Ops | RR | Proxy | Stub | Auth | Res | Xfr | DDNS | DNSSEC |
| 4701 |
Proposed | A DNS Resource Record (RR) for Encoding Dynamic Host Configuration Protocol (DHCP) Information (DHCID RR) | x | ||||||||||||
| 4892 |
Informational | Requirements for a Mechanism Identifying a Name Server Instance | x | ||||||||||||
| 4955 |
Proposed | DNS Security (DNSSEC) Experiments | x | x | |||||||||||
| 4956 |
Experimental | DNS Security (DNSSEC) Opt-In | x | x | x | x | x | x | |||||||
| 4986 |
Informational | Requirements Related to DNS Security (DNSSEC) Trust Anchor Rollover | x | ||||||||||||
| 5001 |
Proposed | DNS Name Server Identifier (NSID) Option | x | x | x | ||||||||||
| 5011 |
Standard | Automated Updates of DNS Security (DNSSEC) Trust Anchors | x | x | x | x | |||||||||
| 5074 |
Informational | DNSSEC Lookaside Validation (DLV) | x | x | |||||||||||
| 5155 |
Proposed | DNS Security (DNSSEC) Hashed Authenticated Denial of Existence | x | x | x | x | |||||||||
| 5205 |
Experimental | Host Identity Protocol (HIP) Domain Name System (DNS) Extension | x | ||||||||||||
| 5358 |
BCP | Preventing Use of Recursive Nameservers in Reflector Attacks | x | x | |||||||||||
| 5395 |
BCP | Obsolete | Domain Name System (DNS) IANA Considerations | x | |||||||||||
| 5452 |
Proposed | Measures for Making DNS More Resilient against Forged Answers | x | x | |||||||||||
| 5507 |
Informational | Design Choices When Expanding the DNS | x | ||||||||||||
| 5625 |
BCP | DNS Proxy Implementation Guidelines | x | ||||||||||||
| 5702 |
Proposed | Use of SHA-2 Algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC | x | x | |||||||||||
| 5855 |
BCP | Nameservers for IPv4 and IPv6 Reverse Zones | x | ||||||||||||
| 5864 |
Proposed | DNS SRV Resource Records for AFS | x | ||||||||||||
| 5890 |
Proposed | Internationalized Domain Names for Applications (IDNA): Definitions and Document Framework | x | x | |||||||||||
| 5891 |
Proposed | Internationalized Domain Names for Applications (IDNA): Protocol | x | x | |||||||||||
| RFC | Type | Status | Title | Bgnd | Prot | Names | Ops | RR | Proxy | Stub | Auth | Res | Xfr | DDNS | DNSSEC |
| 5933 |
Proposed | Use of GOST Signature Algorithms in DNSKEY and RRSIG Resource Records for DNSSEC | x | x | |||||||||||
| 5936 |
Proposed | DNS Zone Transfer Protocol (AXFR) | x | ||||||||||||
| 5966 |
Proposed | DNS Transport over TCP – Implementation Requirements | x | x | x | ||||||||||
| 6014 |
Proposed | Cryptographic Algorithm Identifier Allocation for DNSSEC | x | x | |||||||||||
| 6147 |
Proposed | DNS64: DNS Extensions for Network Address Translation from IPv6 Clients to IPv4 Servers | x | x | x | ||||||||||
| 6168 |
Informational | Requirements for Management of Name Servers for the DNS | x | x | |||||||||||
| 6195 |
BCP | Obsolete | Domain Name System (DNS) IANA Considerations | x | |||||||||||
| 6303 |
BCP | Locally Served DNS Zones | x | ||||||||||||
| 6304 |
Informational | AS112 Nameserver Operations | x | ||||||||||||
| 6305 |
Informational | I’m Being Attacked by PRISONER.IANA.ORG! | x | ||||||||||||
| 6335 |
BCP | Internet Assigned Numbers Authority (IANA) Procedures for the Management of the Service Name and Transport Protocol Port Number Registry | x | ||||||||||||
| 6563 |
Informational | Moving A6 to Historic Status | x | ||||||||||||
| 6604 |
Proposed | xNAME RCODE and Status Bits Clarification | x | x | x | ||||||||||
| 6605 |
Proposed | Elliptic Curve Digital Signature Algorithm (DSA) for DNSSEC | x | x | |||||||||||
| 6672 |
Proposed | DNAME Redirection in the DNS | x | x | x | ||||||||||
| 6698 |
Proposed | The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA | x | ||||||||||||
| 6725 |
Proposed | DNS Security (DNSSEC) DNSKEY Algorithm IANA Registry Updates | x | ||||||||||||
| 6742 |
Experimental | DNS Resource Records for the Identifier-Locator Network Protocol (ILNP) | x | x | x | ||||||||||
| 6761 |
Proposed | Special-Use Domain Names | x | x | |||||||||||
| 6781 |
Informational | DNSSEC Operational Practices, Version 2 | x | x | |||||||||||
| RFC | Type | Status | Title | Bgnd | Prot | Names | Ops | RR | Proxy | Stub | Auth | Res | Xfr | DDNS | DNSSEC |
| 6804 |
Historic | Historic | DISCOVER: Supporting Multicast DNS Queries | x | |||||||||||
| 6840 |
Proposed | Clarifications and Implementation Notes for DNS Security (DNSSEC) | x | x | x | ||||||||||
| 6841 |
Informational | A Framework for DNSSEC Policies and DNSSEC Practice Statements | x | x | |||||||||||
| 6844 |
Proposed | DNS Certification Authority Authorization (CAA) Resource Record | x | ||||||||||||
| 6891 |
Standard | Extension Mechanisms for DNS (EDNS(0)) | x | x | x | ||||||||||
| 6895 |
BCP | Domain Name System (DNS) IANA Considerations | x | ||||||||||||
| 6912 |
Informational | Principles for Unicode Code Point Inclusion in Labels in the DNS | x | ||||||||||||
| 6944 |
Proposed | Applicability Statement: DNS Security (DNSSEC) DNSKEY Algorithm Implementation Status | x | ||||||||||||
| 6975 |
Proposed | Signaling Cryptographic Algorithm Understanding in DNS Security Extensions (DNSSEC) | x | x | x | x | |||||||||
| 7043 |
Informational | Resource Records for EUI-48 and EUI-64 Addresses in the DNS | x | ||||||||||||
| 7085 |
Informational | Top-Level Domains That Are Already Dotless | x | x | x | ||||||||||
| 7218 |
Standard | Adding Acronyms to Simplify Conversations about DNS-Based Authentication of Named Entities (DANE) | x | ||||||||||||
| 7314 |
Informational | Extension Mechanisms for DNS (EDNS) EXPIRE Option | x | ||||||||||||
| 7344 |
Informational | Automating DNSSEC Delegation Trust Maintenance | x | x | x | x | |||||||||
| 7477 |
Standard | Child-to-Parent Synchronization in DNS | x | x | x | ||||||||||
| 7534 |
Informational | AS112 Nameserver Operations | x | ||||||||||||
| 7535 |
Informational | AS112 Redirection Using DNAME | x | ||||||||||||
| 7583 |
Informational | DNSSEC Key Rollover Timing Considerations | x | x | |||||||||||
| 7626 |
Informational | DNS Privacy Considerations | x | ||||||||||||
| 7646 |
Informational | Definition and Use of DNSSEC Negative Trust Anchors | x | x | x | ||||||||||
| RFC | Type | Status | Title | Bgnd | Prot | Names | Ops | RR | Proxy | Stub | Auth | Res | Xfr | DDNS | DNSSEC |
| 7671 |
Standard | The DNS-Based Authentication of Named Entities (DANE) Protocol: Updates and Operational Guidance | x | x | x | ||||||||||
| 7686 |
Standard | The “.onion” Special-Use Domain Name | x | x |
