Join Log in
Score:0
avatar Server

what are valid zone name or valid service name for srv records?

gi flag
John

I've been following a few guides/questions on how to use A records and SRV records to map a domain to a specific ip and port like 1.1.1.1:1889:

https://stackoverflow.com/questions/11433570/how-to-use-srv-or-any-other-record-do-redirect-a-domain

https://stackoverflow.com/questions/19015138/how-to-redirect-dns-to-different-ports

In questions like the ones above, they recommend using SRV records. The only part I'm not clear on is how to determine the correct service name to use in my SRV record? For example, let's say I have these records

mysql.example.com.  86400 IN A 1.1.1.1
mongo.example.com.  86400 IN A 1.1.1.1
www.example.com.  86400 IN A 1.1.1.1
mosquitto.example.com.  86400 IN A 1.1.1.1
_mysql._tcp.example.com. 86400 IN SRV 10 20 3306 mysql.example.com.
_mongo._tcp.example.com. 86400 IN SRV 10 20 27017 mongo.example.com.
_http._tcp.example.com. 86400 IN SRV 10 20 3306 www.example.com.
_mqtt._tcp.example.com. 86400 IN SRV 10 20 3306 mosquitto.example.com.

Are the _mysql, _mongo, _http and _mqtt the correct service names to use in my SRV records? I completely guessed these service names because I wasn't able to find a website that lists all the acceptable service names that can be used.

43
0 + 0
Score:3
Patrick Mevzek avatar Server
cn flag
Patrick Mevzek

First web browsers do not follow SRV records at all, so even if you can design them, they are useless.

Now given the generic process to know what goes into any record, taking SRV as an example.

IANA is the guardian of things so go to https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-4 where you can see for SRV that it is defined in RFC 2782

There it is defined as such:

Here is the format of the SRV RR, whose DNS type code is 33:

   _Service._Proto.Name TTL Class SRV Priority Weight Port Target

with then respectively:

Service

   The symbolic name of the desired service, as defined in Assigned
   Numbers [STD 2] or locally.  An underscore (_) is prepended to
   the service identifier to avoid collisions with DNS labels that
   occur in nature.

and

Proto

   The symbolic name of the desired protocol, with an underscore
   (_) prepended to prevent collisions with DNS labels that occur
   in nature.  _TCP and _UDP are at present the most useful values
   for this field, though any name defined by Assigned Numbers or
   locally may be used (as for Service).  The Proto is case
   insensitive.

[STD 2] reference is RFC 1700 but RFC 3232 obsoleted it to make a database online of possible values... which is again administered by IANA.

It is now there: https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml and do note that it is basically what you find in file /etc/services in any Unix box.

So taking back your examples (your port numbers are wrong in multiple SRV records depicted though):

  • mysql is indeed defined for port 3306 so it is valid as service name and hence in an SRV record
  • for port 27017, the service name is mongodb, not mongo (but do Mongo clients honor SRV records?)
  • http is indeed defined for port 80 so it is a valid service name (and https for port 443)
  • mqtt is defined as valid port name, for port 1883. But same question as above, do clients use SRV records at all?

Do note also that there are in the wild various SRV records not following the above. If they can be published they "work", that is nothing will prevent resolution of them at the DNS level even if they don't use a registered service name as above, as long as some application of course do read them.

For example, you can find lots of example with _sip._tls or _sipfederationtls._tcp online, which are both wrong: tls is not a valid protocol, and sipfederantiontls is not a valid service name (and is in fact too long, as https://www.rfc-editor.org/rfc/rfc6335.html#section-5.1 specifies it should be at most 15 characters long). So some tool/UI may prevent creating those records in a zonefile, and some nameservers may refuse to load them, but in most cases they will work (if applications do consume them).

0 + 0
mazunki avatar
id flag
mazunki
"if applications do consume them": does that mean that the application will actually read the `_minecraft._tcp` value in the SRV field, and only then actually consume it? I was under the impression that as long as the target and port matched, it would work. Can I make up any name for my record, or must I make sure I use the one the client expects?
0
Reply
Patrick Mevzek avatar
cn flag
Patrick Mevzek
If the application does not request resolution of the `SRV` name, then it can't obviously use the results. As for how the `SRV` record is built, no you can not just imagine things, they follow specific patterns... even if, obviously, actors like MS just decided to invent their own. But still it all depends what the client does, if it does `SRV` at all, and if it does, what it expects as service and protocol.
0
Reply
mazunki avatar
id flag
mazunki
From my understanding, then, the application will ask the DNS server «hey, do you have a SRV record for `_myservice._tcp`?», to which the DNS server may answer with a record, or just say «nope, ain't got it». It's not some metadata which gets shipped with the `A`/`AAAA` record, as an addendum.
0
Reply
Patrick Mevzek avatar
cn flag
Patrick Mevzek
Yes, that is how ALL DNS requests work. There is no concept of metadata and attaching one thing to another. A request is one name, one record type sent to one nameserver. A response is either an error, or the data attached for the name and record type.
1
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.