7 Network Working Group M. Mealling
8 Request for Comments: 2915 Network Solutions, Inc.
9 Updates: 2168 R. Daniel
10 Category: Standards Track DATAFUSION, Inc.
14 The Naming Authority Pointer (NAPTR) DNS Resource Record
18 This document specifies an Internet standards track protocol for the
19 Internet community, and requests discussion and suggestions for
20 improvements. Please refer to the current edition of the "Internet
21 Official Protocol Standards" (STD 1) for the standardization state
22 and status of this protocol. Distribution of this memo is unlimited.
26 Copyright (C) The Internet Society (2000). All Rights Reserved.
30 This document describes a Domain Name System (DNS) resource record
31 which specifies a regular expression based rewrite rule that, when
32 applied to an existing string, will produce a new domain label or
33 Uniform Resource Identifier (URI). Depending on the value of the
34 flags field of the resource record, the resulting domain label or URI
35 may be used in subsequent queries for the Naming Authority Pointer
36 (NAPTR) resource records (to delegate the name lookup) or as the
37 output of the entire process for which this system is used (a
38 resolution server for URI resolution, a service URI for ENUM style
39 e.164 number to URI mapping, etc).
41 This allows the DNS to be used to lookup services for a wide variety
42 of resource names (including URIs) which are not in domain name
43 syntax. Reasons for doing this range from URN Resource Discovery
44 Systems to moving out-of-date services to new domains.
46 This document updates the portions of RFC 2168 specifically dealing
47 with the definition of the NAPTR records and how other, non-URI
48 specific applications, might use NAPTR.
58 Mealling & Daniel Standards Track [Page 1]
60 RFC 2915 NAPTR DNS RR September 2000
65 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
66 2. NAPTR RR Format . . . . . . . . . . . . . . . . . . . . . . 3
67 3. Substitution Expression Grammar . . . . . . . . . . . . . . 7
68 4. The Basic NAPTR Algorithm . . . . . . . . . . . . . . . . . 8
69 5. Concerning How NAPTR Uses SRV Records . . . . . . . . . . . 9
70 6. Application Specifications . . . . . . . . . . . . . . . . . 10
71 7. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 10
72 7.1 Example 1 . . . . . . . . . . . . . . . . . . . . . . . . . 10
73 7.2 Example 2 . . . . . . . . . . . . . . . . . . . . . . . . . 12
74 7.3 Example 3 . . . . . . . . . . . . . . . . . . . . . . . . . 13
75 8. DNS Packet Format . . . . . . . . . . . . . . . . . . . . . 13
76 9. Master File Format . . . . . . . . . . . . . . . . . . . . . 14
77 10. Advice for DNS Administrators . . . . . . . . . . . . . . . 14
78 11. Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
79 12. IANA Considerations . . . . . . . . . . . . . . . . . . . . 15
80 13. Security Considerations . . . . . . . . . . . . . . . . . . 15
81 14. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . 16
82 References . . . . . . . . . . . . . . . . . . . . . . . . . 16
83 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 17
84 Full Copyright Statement . . . . . . . . . . . . . . . . . . 18
88 This RR was originally produced by the URN Working Group [3] as a way
89 to encode rule-sets in DNS so that the delegated sections of a URI
90 could be decomposed in such a way that they could be changed and re-
91 delegated over time. The result was a Resource Record that included
92 a regular expression that would be used by a client program to
93 rewrite a string into a domain name. Regular expressions were chosen
94 for their compactness to expressivity ratio allowing for a great deal
95 of information to be encoded in a rather small DNS packet.
97 The function of rewriting a string according to the rules in a record
98 has usefulness in several different applications. This document
99 defines the basic assumptions to which all of those applications must
100 adhere to. It does not define the reasons the rewrite is used, what
101 the expected outcomes are, or what they are used for. Those are
102 specified by applications that define how they use the NAPTR record
103 and algorithms within their contexts.
105 Flags and other fields are also specified in the RR to control the
106 rewrite procedure in various ways or to provide information on how to
107 communicate with the host at the domain name that was the result of
114 Mealling & Daniel Standards Track [Page 2]
116 RFC 2915 NAPTR DNS RR September 2000
119 The final result is a RR that has several fields that interact in a
120 non-trivial but implementable way. This document specifies those
121 fields and their values.
123 This document does not define applications that utilizes this rewrite
124 functionality. Instead it specifies just the mechanics of how it is
125 done. Why its done, what the rules concerning the inputs, and the
126 types of rules used are reserved for other documents that fully
127 specify a particular application. This separation is due to several
128 different applications all wanting to take advantage of the rewrite
129 rule lookup process. Each one has vastly different reasons for why
130 and how it uses the service, thus requiring that the definition of
131 the service be generic.
133 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
134 NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL"
135 in this document are to be interpreted as described in RFC 2119.
137 All references to Uniform Resource Identifiers in this document
138 adhere to the 'absoluteURI' production of the "Collected ABNF"
139 found in RFC 2396 [9]. Specifically, the semantics of URI
140 References do not apply since the concept of a Base makes no sense
145 The format of the NAPTR RR is given below. The DNS type code [1] for
148 Domain TTL Class Type Order Preference Flags Service Regexp
152 The domain name to which this resource record refers. This is the
153 'key' for this entry in the rule database. This value will either
154 be the first well known key (<something>.uri.arpa for example) or
155 a new key that is the output of a replacement or regexp rewrite.
156 Beyond this, it has the standard DNS requirements [1].
159 Standard DNS meaning [1].
162 Standard DNS meaning [1].
165 The Type Code [1] for NAPTR is 35.
170 Mealling & Daniel Standards Track [Page 3]
172 RFC 2915 NAPTR DNS RR September 2000
176 A 16-bit unsigned integer specifying the order in which the NAPTR
177 records MUST be processed to ensure the correct ordering of
178 rules. Low numbers are processed before high numbers, and once a
179 NAPTR is found whose rule "matches" the target, the client MUST
180 NOT consider any NAPTRs with a higher value for order (except as
181 noted below for the Flags field).
184 A 16-bit unsigned integer that specifies the order in which NAPTR
185 records with equal "order" values SHOULD be processed, low
186 numbers being processed before high numbers. This is similar to
187 the preference field in an MX record, and is used so domain
188 administrators can direct clients towards more capable hosts or
189 lighter weight protocols. A client MAY look at records with
190 higher preference values if it has a good reason to do so such as
191 not understanding the preferred protocol or service.
193 The important difference between Order and Preference is that
194 once a match is found the client MUST NOT consider records with a
195 different Order but they MAY process records with the same Order
196 but different Preferences. I.e., Preference is used to give weight
197 to rules that are considered the same from an authority
198 standpoint but not from a simple load balancing standpoint.
201 A <character-string> containing flags to control aspects of the
202 rewriting and interpretation of the fields in the record. Flags
203 are single characters from the set [A-Z0-9]. The case of the
204 alphabetic characters is not significant.
206 At this time only four flags, "S", "A", "U", and "P", are
207 defined. The "S", "A" and "U" flags denote a terminal lookup.
208 This means that this NAPTR record is the last one and that the
209 flag determines what the next stage should be. The "S" flag
210 means that the next lookup should be for SRV records [4]. See
211 Section 5 for additional information on how NAPTR uses the SRV
212 record type. "A" means that the next lookup should be for either
213 an A, AAAA, or A6 record. The "U" flag means that the next step
214 is not a DNS lookup but that the output of the Regexp field is an
215 URI that adheres to the 'absoluteURI' production found in the
216 ABNF of RFC 2396 [9]. Since there may be applications that use
217 NAPTR to also lookup aspects of URIs, implementors should be
218 aware that this may cause loop conditions and should act
226 Mealling & Daniel Standards Track [Page 4]
228 RFC 2915 NAPTR DNS RR September 2000
231 The "P" flag says that the remainder of the application side
232 algorithm shall be carried out in a Protocol-specific fashion.
233 The new set of rules is identified by the Protocol specified in
234 the Services field. The record that contains the 'P' flag is the
235 last record that is interpreted by the rules specified in this
236 document. The new rules are dependent on the application for
237 which they are being used and the protocol specified. For
238 example, if the application is a URI RDS and the protocol is WIRE
239 then the new set of rules are governed by the algorithms
240 surrounding the WIRE HTTP specification and not this document.
242 The remaining alphabetic flags are reserved for future versions
243 of the NAPTR specification. The numeric flags may be used for
244 local experimentation. The S, A, U and P flags are all mutually
245 exclusive, and resolution libraries MAY signal an error if more
246 than one is given. (Experimental code and code for assisting in
247 the creation of NAPTRs would be more likely to signal such an
248 error than a client such as a browser). It is anticipated that
249 multiple flags will be allowed in the future, so implementers
250 MUST NOT assume that the flags field can only contain 0 or 1
251 characters. Finally, if a client encounters a record with an
252 unknown flag, it MUST ignore it and move to the next record. This
253 test takes precedence even over the "order" field. Since flags
254 can control the interpretation placed on fields, a novel flag
255 might change the interpretation of the regexp and/or replacement
256 fields such that it is impossible to determine if a record
257 matched a given target.
259 The "S", "A", and "U" flags are called 'terminal' flags since
260 they halt the looping rewrite algorithm. If those flags are not
261 present, clients may assume that another NAPTR RR exists at the
262 domain name produced by the current rewrite rule. Since the "P"
263 flag specifies a new algorithm, it may or may not be 'terminal'.
264 Thus, the client cannot assume that another NAPTR exists since
265 this case is determined elsewhere.
267 DNS servers MAY interpret these flags and values and use that
268 information to include appropriate SRV and A,AAAA, or A6 records
269 in the additional information portion of the DNS packet. Clients
270 are encouraged to check for additional information but are not
274 Specifies the service(s) available down this rewrite path. It may
275 also specify the particular protocol that is used to talk with a
276 service. A protocol MUST be specified if the flags field states
277 that the NAPTR is terminal. If a protocol is specified, but the
278 flags field does not state that the NAPTR is terminal, the next
282 Mealling & Daniel Standards Track [Page 5]
284 RFC 2915 NAPTR DNS RR September 2000
287 lookup MUST be for a NAPTR. The client MAY choose not to perform
288 the next lookup if the protocol is unknown, but that behavior
289 MUST NOT be relied upon.
291 The service field may take any of the values below (using the
292 Augmented BNF of RFC 2234 [5]):
294 service_field = [ [protocol] *("+" rs)]
295 protocol = ALPHA *31ALPHANUM
296 rs = ALPHA *31ALPHANUM
297 ; The protocol and rs fields are limited to 32
298 ; characters and must start with an alphabetic.
300 For example, an optional protocol specification followed by 0 or
301 more resolution services. Each resolution service is indicated by
302 an initial '+' character.
304 Note that the empty string is also a valid service field. This
305 will typically be seen at the beginning of a series of rules,
306 when it is impossible to know what services and protocols will be
307 offered by a particular service.
309 The actual format of the service request and response will be
310 determined by the resolution protocol, and is the subject for
311 other documents. Protocols need not offer all services. The
312 labels for service requests shall be formed from the set of
313 characters [A-Z0-9]. The case of the alphabetic characters is
316 The list of "valid" protocols for any given NAPTR record is any
317 protocol that implements some or all of the services defined for
318 a NAPTR application. Currently, THTTP [6] is the only protocol
319 that is known to make that claim at the time of publication. Any
320 other protocol that is to be used must have documentation
323 * how it implements the services of the application
325 * how it is to appear in the NAPTR record (i.e., the string id
328 The list of valid Resolution Services is defined by the documents
329 that specify individual NAPTR based applications.
331 It is worth noting that the interpretation of this field is
332 subject to being changed by new flags, and that the current
333 specification is oriented towards telling clients how to talk
338 Mealling & Daniel Standards Track [Page 6]
340 RFC 2915 NAPTR DNS RR September 2000
344 A STRING containing a substitution expression that is applied to
345 the original string held by the client in order to construct the
346 next domain name to lookup. The grammar of the substitution
347 expression is given in the next section.
349 The regular expressions MUST NOT be used in a cumulative fashion,
350 that is, they should only be applied to the original string held
351 by the client, never to the domain name produced by a previous
352 NAPTR rewrite. The latter is tempting in some applications but
353 experience has shown such use to be extremely fault sensitive,
354 very error prone, and extremely difficult to debug.
357 The next NAME to query for NAPTR, SRV, or address records
358 depending on the value of the flags field. This MUST be a fully
359 qualified domain-name. Unless and until permitted by future
360 standards action, name compression is not to be used for this
363 3. Substitution Expression Grammar
365 The content of the regexp field is a substitution expression. True
366 sed(1) and Perl style substitution expressions are not appropriate
367 for use in this application for a variety of reasons stemming from
368 internationalization requirements and backref limitations, therefore
369 the contents of the regexp field MUST follow the grammar below:
371 subst_expr = delim-char ere delim-char repl delim-char *flags
372 delim-char = "/" / "!" / ... <Any non-digit or non-flag character
373 other than backslash '\'. All occurances of a delim_char
374 in a subst_expr must be the same character.>
375 ere = POSIX Extended Regular Expression
376 repl = 1 * ( OCTET / backref )
377 backref = "\" 1POS_DIGIT
379 POS_DIGIT = %x31-39 ; 0 is not an allowed backref
381 The definition of a POSIX Extended Regular Expression can be found in
384 The result of applying the substitution expression to the original
385 URI MUST result in either a string that obeys the syntax for DNS
386 domain-names [1] or a URI [9] if the Flags field contains a 'u'.
387 Since it is possible for the regexp field to be improperly specified,
388 such that a non-conforming domain-name can be constructed, client
389 software SHOULD verify that the result is a legal DNS domain-name
390 before making queries on it.
394 Mealling & Daniel Standards Track [Page 7]
396 RFC 2915 NAPTR DNS RR September 2000
399 Backref expressions in the repl portion of the substitution
400 expression are replaced by the (possibly empty) string of characters
401 enclosed by '(' and ')' in the ERE portion of the substitution
402 expression. N is a single digit from 1 through 9, inclusive. It
403 specifies the N'th backref expression, the one that begins with the
404 N'th '(' and continues to the matching ')'. For example, the ERE
408 has backref expressions:
414 \5..\9 = error - no matching subexpression
416 The "i" flag indicates that the ERE matching SHALL be performed in a
417 case-insensitive fashion. Furthermore, any backref replacements MAY
418 be normalized to lower case when the "i" flag is given.
420 The first character in the substitution expression shall be used as
421 the character that delimits the components of the substitution
422 expression. There must be exactly three non-escaped occurrences of
423 the delimiter character in a substitution expression. Since escaped
424 occurrences of the delimiter character will be interpreted as
425 occurrences of that character, digits MUST NOT be used as delimiters.
426 Backrefs would be confused with literal digits were this allowed.
427 Similarly, if flags are specified in the substitution expression, the
428 delimiter character must not also be a flag character.
430 4. The Basic NAPTR Algorithm
432 The behavior and meaning of the flags and services assume an
433 algorithm where the output of one rewrite is a new key that points to
434 another rule. This looping algorithm allows NAPTR records to
435 incrementally specify a complete rule. These incremental rules can
436 be delegated which allows other entities to specify rules so that one
437 entity does not need to understand _all_ rules.
439 The algorithm starts with a string and some known key (domain).
440 NAPTR records for this key are retrieved, those with unknown Flags or
441 inappropriate Services are discarded and the remaining records are
442 sorted by their Order field. Within each value of Order, the records
443 are further sorted by the Preferences field.
445 The records are examined in sorted order until a matching record is
446 found. A record is considered a match iff:
450 Mealling & Daniel Standards Track [Page 8]
452 RFC 2915 NAPTR DNS RR September 2000
455 o it has a Replacement field value instead of a Regexp field value.
457 o or the Regexp field matches the string held by the client.
459 The first match MUST be the match that is used. Once a match is
460 found, the Services field is examined for whether or not this rule
461 advances toward the desired result. If so, the rule is applied to
462 the target string. If not, the process halts. The domain that
463 results from the regular expression is then used as the domain of the
464 next loop through the NAPTR algorithm. Note that the same target
465 string is used throughout the algorithm.
467 This looping is extremely important since it is the method by which
468 complex rules are broken down into manageable delegated chunks. The
469 flags fields simply determine at which point the looping should stop
470 (or other specialized behavior).
472 Since flags are valid at any level of the algorithm, the degenerative
473 case is to never loop but to look up the NAPTR and then stop. In
474 many specialized cases this is all that is needed. Implementors
475 should be aware that the degenerative case should not become the
478 5. Concerning How NAPTR Uses SRV Records
480 When the SRV record type was originally specified it assumed that the
481 client did not know the specific domain-name before hand. The client
482 would construct a domain-name more in the form of a question than the
483 usual case of knowing ahead of time that the domain-name should
484 exist. I.e., if the client wants to know if there is a TCP based
485 HTTP server running at a particular domain, the client would
486 construct the domain-name _http._tcp.somedomain.com and ask the DNS
487 if that records exists. The underscores are used to avoid collisions
488 with potentially 'real' domain-names.
490 In the case of NAPTR, the actual domain-name is specified by the
491 various fields in the NAPTR record. In this case the client isn't
492 asking a question but is instead attempting to get at information
493 that it has been told exists in an SRV record at that particular
494 domain-name. While this usage of SRV is slightly different than the
495 SRV authors originally intended it does not break any of the
496 assumptions concerning what SRV contains. Also, since the NAPTR
497 explicitly spells out the domain-name for which an SRV exists, that
498 domain-name MUST be used in SRV queries with NO transformations. Any
499 given NAPTR record may result in a domain-name to be used for SRV
500 queries that may or may not contain the SRV standardized underscore
506 Mealling & Daniel Standards Track [Page 9]
508 RFC 2915 NAPTR DNS RR September 2000
511 characters. NAPTR applications that make use of SRV MUST NOT attempt
512 to understand these domains or use them according to how the SRV
513 specification structures its query domains.
515 6. Application Specifications
517 It should be noted that the NAPTR algorithm is the basic assumption
518 about how NAPTR works. The reasons for the rewrite and the expected
519 output and its use are specified by documents that define what
520 applications the NAPTR record and algorithm are used for. Any
521 document that defines such an application must define the following:
523 o The first known domain-name or how to build it
525 o The valid Services and Protocols
527 o What the expected use is for the output of the last rewrite
529 o The validity and/or behavior of any 'P' flag protocols.
531 o The general semantics surrounding why and how NAPTR and its
532 algorithm are being used.
536 NOTE: These are examples only. They are taken from ongoing work and
537 may not represent the end result of that work. They are here for
538 pedagogical reasons only.
542 NAPTR was originally specified for use with the a Uniform Resource
543 Name Resolver Discovery System. This example details how a
544 particular URN would use the NAPTR record to find a resolver service.
546 Consider a URN namespace based on MIME Content-Ids. The URN might
549 urn:cid:39CB83F7.A8450130@fake.gatech.edu
551 (Note that this example is chosen for pedagogical purposes, and does
552 not conform to the CID URL scheme.)
554 The first step in the resolution process is to find out about the CID
555 namespace. The namespace identifier [3], 'cid', is extracted from
556 the URN, prepended to urn.arpa. 'cid.urn.arpa' then becomes the first
557 'known' key in the NAPTR algorithm. The NAPTR records for
558 cid.urn.arpa looked up and return a single record:
562 Mealling & Daniel Standards Track [Page 10]
564 RFC 2915 NAPTR DNS RR September 2000
568 ;; order pref flags service regexp replacement
569 IN NAPTR 100 10 "" "" "/urn:cid:.+@([^\.]+\.)(.*)$/\2/i" .
571 There is only one NAPTR response, so ordering the responses is not a
572 problem. The replacement field is empty, so the pattern provided in
573 the regexp field is used. We apply that regexp to the entire URN to
574 see if it matches, which it does. The \2 part of the substitution
575 expression returns the string "gatech.edu". Since the flags field
576 does not contain "s" or "a", the lookup is not terminal and our next
577 probe to DNS is for more NAPTR records where the new domain is '
578 gatech.edu' and the string is the same string as before.
580 Note that the rule does not extract the full domain name from the
581 CID, instead it assumes the CID comes from a host and extracts its
582 domain. While all hosts, such as mordred, could have their very own
583 NAPTR, maintaining those records for all the machines at a site as
584 large as Georgia Tech would be an intolerable burden. Wildcards are
585 not appropriate here since they only return results when there is no
586 exactly matching names already in the system.
588 The record returned from the query on "gatech.edu" might look like:
590 ;; order pref flags service regexp replacement
591 IN NAPTR 100 50 "s" "z3950+I2L+I2C" "" _z3950._tcp.gatech.edu.
592 IN NAPTR 100 50 "s" "rcds+I2C" "" _rcds._udp.gatech.edu.
593 IN NAPTR 100 50 "s" "http+I2L+I2C+I2R" "" _http._tcp.gatech.edu.
595 Continuing with the example, note that the values of the order and
596 preference fields are equal in all records, so the client is free to
597 pick any record. The flags field tells us that these are the last
598 NAPTR patterns we should see, and after the rewrite (a simple
599 replacement in this case) we should look up SRV records to get
600 information on the hosts that can provide the necessary service.
602 Assuming we prefer the Z39.50 protocol, our lookup might return:
604 ;; Pref Weight Port Target
605 _z3950._tcp.gatech.edu. IN SRV 0 0 1000 z3950.gatech.edu.
606 IN SRV 0 0 1000 z3950.cc.gatech.edu.
607 IN SRV 0 0 1000 z3950.uga.edu.
609 telling us three hosts that could actually do the resolution, and
610 giving us the port we should use to talk to their Z39.50 server.
612 Recall that the regular expression used \2 to extract a domain name
613 from the CID, and \. for matching the literal '.' characters
614 separating the domain name components. Since '\' is the escape
618 Mealling & Daniel Standards Track [Page 11]
620 RFC 2915 NAPTR DNS RR September 2000
623 character, literal occurances of a backslash must be escaped by
624 another backslash. For the case of the cid.urn.arpa record above,
625 the regular expression entered into the master file should be
626 "/urn:cid:.+@([^\\.]+\\.)(.*)$/\\2/i". When the client code actually
627 receives the record, the pattern will have been converted to
628 "/urn:cid:.+@([^\.]+\.)(.*)$/\2/i".
632 Even if URN systems were in place now, there would still be a
633 tremendous number of URLs. It should be possible to develop a URN
634 resolution system that can also provide location independence for
635 those URLs. This is related to the requirement that URNs be able to
636 grandfather in names from other naming systems, such as ISO Formal
637 Public Identifiers, Library of Congress Call Numbers, ISBNs, ISSNs,
640 The NAPTR RR could also be used for URLs that have already been
641 assigned. Assume we have the URL for a very popular piece of
642 software that the publisher wishes to mirror at multiple sites around
645 Using the rules specified for this application we extract the prefix,
646 "http", and lookup NAPTR records for http.uri.arpa. This might
647 return a record of the form
649 http.uri.arpa. IN NAPTR
650 ;; order pref flags service regexp replacement
651 100 90 "" "" "!http://([^/:]+)!\1!i" .
653 This expression returns everything after the first double slash and
654 before the next slash or colon. (We use the '!' character to delimit
655 the parts of the substitution expression. Otherwise we would have to
656 use backslashes to escape the forward slashes and would have a regexp
657 in the zone file that looked like "/http:\\/\\/([^\\/:]+)/\\1/i".).
659 Applying this pattern to the URL extracts "www.foo.com". Looking up
660 NAPTR records for that might return:
663 ;; order pref flags service regexp replacement
664 IN NAPTR 100 100 "s" "http+I2R" "" _http._tcp.foo.com.
665 IN NAPTR 100 100 "s" "ftp+I2R" "" _ftp._tcp.foo.com.
667 Looking up SRV records for http.tcp.foo.com would return information
668 on the hosts that foo.com has designated to be its mirror sites. The
669 client can then pick one for the user.
674 Mealling & Daniel Standards Track [Page 12]
676 RFC 2915 NAPTR DNS RR September 2000
681 A non-URI example is the ENUM application which uses a NAPTR record
682 to map an e.164 telephone number to a URI. In order to convert the
683 phone number to a domain name for the first iteration all characters
684 other than digits are removed from the the telephone number, the
685 entire number is inverted, periods are put between each digit and the
686 string ".e164.arpa" is put on the left-hand side. For example, the
687 E.164 phone number "+1-770-555-1212" converted to a domain-name it
688 would be "2.1.2.1.5.5.5.0.7.7.1.e164.arpa."
690 For this example telephone number we might get back the following
693 $ORIGIN 2.1.2.1.5.5.5.0.7.7.1.e164.arpa.
694 IN NAPTR 100 10 "u" "sip+E2U" "!^.*$!sip:information@tele2.se!" .
695 IN NAPTR 102 10 "u" "mailto+E2U" "!^.*$!mailto:information@tele2.se!" .
697 This application uses the same 'u' flag as the URI Resolution
698 application. This flag states that the Rule is terminal and that the
699 output is a URI which contains the information needed to contact that
700 telephone service. ENUM also uses the same format for its Service
701 field except that it defines the 'E2U' service instead of the 'I2*'
702 services that URI resolution uses. The example above states that the
703 available protocols used to access that telephone's service are
704 either the Session Initiation Protocol or SMTP mail.
708 The packet format for the NAPTR record is:
711 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
712 +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
714 +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
716 +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
718 +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
720 +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
722 +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
725 +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
730 Mealling & Daniel Standards Track [Page 13]
732 RFC 2915 NAPTR DNS RR September 2000
737 FLAGS A <character-string> which contains various flags.
739 SERVICES A <character-string> which contains protocol and service
742 REGEXP A <character-string> which contains a regular expression.
744 REPLACEMENT A <domain-name> which specifies the new value in the
745 case where the regular expression is a simple replacement
748 <character-string> and <domain-name> as used here are defined in
751 9. Master File Format
753 The master file format follows the standard rules in RFC-1035 [1].
754 Order and preference, being 16-bit unsigned integers, shall be an
755 integer between 0 and 65535. The Flags and Services and Regexp
756 fields are all quoted <character-string>s. Since the Regexp field
757 can contain numerous backslashes and thus should be treated with
758 care. See Section 10 for how to correctly enter and escape the
761 10. Advice for DNS Administrators
763 Beware of regular expressions. Not only are they difficult to get
764 correct on their own, but there is the previously mentioned
765 interaction with DNS. Any backslashes in a regexp must be entered
766 twice in a zone file in order to appear once in a query response.
767 More seriously, the need for double backslashes has probably not been
768 tested by all implementors of DNS servers.
770 The "a" flag allows the next lookup to be for address records (A,
771 AAAA, A6) rather than SRV records. Since there is no place for a
772 port specification in the NAPTR record, when the "A" flag is used the
773 specified protocol must be running on its default port.
775 The URN Syntax draft defines a canonical form for each URN, which
776 requires %encoding characters outside a limited repertoire. The
777 regular expressions MUST be written to operate on that canonical
778 form. Since international character sets will end up with extensive
779 use of %encoded characters, regular expressions operating on them
780 will be essentially impossible to read or write by hand.
786 Mealling & Daniel Standards Track [Page 14]
788 RFC 2915 NAPTR DNS RR September 2000
793 o A client MUST process multiple NAPTR records in the order
794 specified by the "order" field, it MUST NOT simply use the first
795 record that provides a known protocol and service combination.
797 o When multiple RRs have the same "order" and all other criteria
798 being equal, the client should use the value of the preference
799 field to select the next NAPTR to consider. However, because it
800 will often be the case where preferred protocols or services
801 exist, clients may use this additional criteria to sort
804 o If the lookup after a rewrite fails, clients are strongly
805 encouraged to report a failure, rather than backing up to pursue
808 o Note that SRV RRs impose additional requirements on clients.
810 12. IANA Considerations
812 The only registration function that impacts the IANA is for the
813 values that are standardized for the Services and Flags fields. To
814 extend the valid values of the Flags field beyond what is specified
815 in this document requires a published specification that is approved
818 The values for the Services field will be determined by the
819 application that makes use of the NAPTR record. Those values must be
820 specified in a published specification and approved by the IESG.
822 13. Security Considerations
824 The interactions with DNSSEC are currently being studied. It is
825 expected that NAPTR records will be signed with SIG records once the
826 DNSSEC work is deployed.
828 The rewrite rules make identifiers from other namespaces subject to
829 the same attacks as normal domain names. Since they have not been
830 easily resolvable before, this may or may not be considered a
833 Regular expressions should be checked for sanity, not blindly passed
834 to something like PERL.
836 This document has discussed a way of locating a service, but has not
837 discussed any detail of how the communication with that service takes
838 place. There are significant security considerations attached to the
842 Mealling & Daniel Standards Track [Page 15]
844 RFC 2915 NAPTR DNS RR September 2000
847 communication with a service. Those considerations are outside the
848 scope of this document, and must be addressed by the specifications
849 for particular communication protocols.
853 The editors would like to thank Keith Moore for all his consultations
854 during the development of this memo. We would also like to thank
855 Paul Vixie for his assistance in debugging our implementation, and
856 his answers on our questions. Finally, we would like to acknowledge
857 our enormous intellectual debt to the participants in the Knoxville
858 series of meetings, as well as to the participants in the URI and URN
863 [1] Mockapetris, P., "Domain names - implementation and
864 specification", STD 13, RFC 1035, November 1987.
866 [2] Mockapetris, P., "Domain names - concepts and facilities", STD
867 13, RFC 1034, November 1987.
869 [3] Moats, R., "URN Syntax", RFC 2141, May 1997.
871 [4] Gulbrandsen, A., Vixie, P. and L. Esibov, "A DNS RR for
872 specifying the location of services (DNS SRV)", RFC 2782,
875 [5] Crocker, D., "Augmented BNF for Syntax Specifications: ABNF",
876 RFC 2234, November 1997.
878 [6] Daniel, R., "A Trivial Convention for using HTTP in URN
879 Resolution", RFC 2169, June 1997.
881 [7] Daniel, R. and M. Mealling, "Resolution of Uniform Resource
882 Identifiers using the Domain Name System", RFC 2168, June 1997.
884 [8] IEEE, "IEEE Standard for Information Technology - Portable
885 Operating System Interface (POSIX) - Part 2: Shell and Utilities
886 (Vol. 1)", IEEE Std 1003.2-1992, January 1993.
888 [9] Berners-Lee, T., Fielding, R.T. and L. Masinter, "Uniform
889 Resource Identifiers (URI): Generic Syntax", RFC 2396, August
898 Mealling & Daniel Standards Track [Page 16]
900 RFC 2915 NAPTR DNS RR September 2000
906 Network Solutions, Inc.
907 505 Huntmar Park Drive
911 Phone: +1 770 921 2251
912 EMail: michaelm@netsol.com
913 URI: http://www.netsol.com
918 139 Townsend Street, Ste. 100
919 San Francisco, CA 94107
922 Phone: +1 415 222 0100
923 EMail: rdaniel@datafusion.net
924 URI: http://www.datafusion.net
954 Mealling & Daniel Standards Track [Page 17]
956 RFC 2915 NAPTR DNS RR September 2000
959 Full Copyright Statement
961 Copyright (C) The Internet Society (2000). All Rights Reserved.
963 This document and translations of it may be copied and furnished to
964 others, and derivative works that comment on or otherwise explain it
965 or assist in its implementation may be prepared, copied, published
966 and distributed, in whole or in part, without restriction of any
967 kind, provided that the above copyright notice and this paragraph are
968 included on all such copies and derivative works. However, this
969 document itself may not be modified in any way, such as by removing
970 the copyright notice or references to the Internet Society or other
971 Internet organizations, except as needed for the purpose of
972 developing Internet standards in which case the procedures for
973 copyrights defined in the Internet Standards process must be
974 followed, or as required to translate it into languages other than
977 The limited permissions granted above are perpetual and will not be
978 revoked by the Internet Society or its successors or assigns.
980 This document and the information contained herein is provided on an
981 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
982 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
983 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
984 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
985 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
989 Funding for the RFC Editor function is currently provided by the
1010 Mealling & Daniel Standards Track [Page 18]
projects / FreeBSD / releng / 7.2.git / blob