Editing Domain Name System (section)

==Structure {{anchor|The domain name space}}==
===Domain name space===
The domain name space consists of a [[Tree (data structure)|tree data structure]]. Each node or leaf in the tree has a ''label'' and zero or more ''resource records'' (RR), which hold information associated with the domain name.  The domain name itself consists of the label, concatenated with the name of its parent node on the right, separated by a dot.{{Ref RFC|1034|rsection=3.1}}

The tree sub-divides into ''zones'' beginning at the [[DNS root zone|root zone]].  A [[DNS zone]] may consist of as many domains and subdomains as the zone manager chooses.  DNS can also be partitioned according to ''class'' where the separate classes can be thought of as an array of parallel namespace trees.{{Ref RFC|1034|rsection=4.2}}

[[Image:Domain name space.svg|right|thumb|400px|The hierarchical Domain Name System for class ''Internet'', organized into zones, each served by a name server]]

Administrative responsibility for any zone may be divided by creating additional zones. Authority over the new zone is said to be ''delegated'' to a designated name server. The parent zone ceases to be authoritative for the new zone.{{Ref RFC|1034|rsection=4.2}}

===Domain name syntax, internationalization===
The definitive descriptions of the rules for forming domain names appear in RFC 1035, RFC 1123, RFC 2181, and RFC 5892.  A [[domain name]] consists of one or more parts, technically called ''labels'', that are conventionally [[concatenated]], and delimited by dots, such as example.com.

The right-most label conveys the [[top-level domain]]; for example, the domain name www.example.com belongs to the top-level domain ''com''.

The hierarchy of domains descends from right to left; each label to the left specifies a subdivision, or [[subdomain]] of the domain to the right. For example, the label ''example'' specifies a subdomain of the ''com'' domain, and ''www'' is a subdomain of example.com. This tree of subdivisions may have up to 127 levels.<ref>{{Cite book|title=International Domain Name Law: ICANN and the UDRP|last=Lindsay|first=David|publisher=Bloomsbury Publishing|year=2007|isbn=978-1-84113-584-7|pages=8}}</ref>

A label may contain zero to 63 characters, because the length is only allowed to take 6 bits. The null label of length zero is reserved for the root zone. The full domain name may not exceed the length of 253 characters in its textual representation (or 254 with the trailing dot).<ref name=rfc1034/> In the internal binary representation of the DNS this maximum length of 253 requires 255 octets of storage, as it also stores the length of the first of many labels and adds last null byte.<ref name=rfc1035/> 255 length is only achieved with at least 6 labels (counting the last null label).{{Citation needed|date=November 2024}}

Although no technical limitation exists to prevent domain name labels from using any character that is representable by an octet, hostnames use a preferred format and character set. The characters allowed in labels are a subset of the [[ASCII]] character set, consisting of characters ''a'' through ''z'', ''A'' through ''Z'', digits ''0'' through ''9'', and hyphen. This rule is known as the ''LDH rule'' (letters, digits, hyphen). Domain names are interpreted in a case-independent manner.{{Ref RFC|4343}} Labels may not start or end with a hyphen.{{Ref RFC|3696}} An additional rule requires that top-level domain names should not be all-numeric.<ref name=rfc3696 />

The limited set of ASCII characters permitted in the DNS prevented the representation of names and words of many languages in their native alphabets or scripts. To make this possible, [[ICANN]] approved the [[Internationalized domain name|Internationalizing Domain Names in Applications]] (IDNA) system, by which user applications, such as web browsers, map [[Unicode]] strings into the valid DNS character set using [[Punycode]]. In 2009, ICANN approved the installation of internationalized domain name [[Country code top-level domain|country code top-level domains (''ccTLD''s)]]. In addition, many [[domain name registry|registries]] of the existing top-level domain names ([[Top-level domain|''TLD'']]s) have adopted the IDNA system, guided by RFC 5890, RFC 5891, RFC 5892, RFC 5893.

===Name servers===
The Domain Name System is maintained by a [[distributed database]] system, which uses the [[client–server model]]. The nodes of this database are the [[name server]]s. Each domain has at least one authoritative DNS server that publishes information about that domain and the name servers of any domains subordinate to it. The top of the hierarchy is served by the [[root name server]]s, the servers to query when looking up (''resolving'') a [[Top-level domain|TLD]].

====Authoritative name server====
An ''authoritative'' name server is a name server that only gives [[Name server#Authoritative answer|answers]] to DNS queries from data that have been configured by an original source, for example, the domain administrator or by dynamic DNS methods, in contrast to answers obtained via a query to another name server that only maintains a cache of data.

An authoritative name server can either be a ''primary'' server or a ''secondary'' server. Historically the terms [[Master/slave (technology)|''master/slave'']] and ''primary/secondary'' were sometimes used interchangeably<ref>{{Cite journal|last1=Fujiwara|first1=Kazunori|last2=Sullivan|first2=Andrew|last3=Hoffman|first3=Paul|title=DNS Terminology|url=https://www.rfc-editor.org/rfc/rfc9499.html#section-6-4.42|access-date=2024-07-01|website=tools.ietf.org|year=2024 |doi=10.17487/RFC9499 |language=en|url-access=subscription}}</ref> but the current practice is to use the latter form. A primary server is a server that stores the original copies of all zone records. A secondary server uses a special [[AXFR|automatic updating mechanism]] in the DNS protocol in communication with its primary to maintain an identical copy of the primary records.

Every DNS zone must be assigned a set of authoritative name servers. This set of servers is stored in the parent domain zone with name server (NS) records.

An authoritative server indicates its status of supplying definitive answers, deemed ''authoritative'', by setting a protocol flag, called the "''Authoritative Answer''" (''AA'') [[bit]] in its responses.<ref name="rfc1035" /> This flag is usually reproduced prominently in the output of DNS administration query tools, such as [[Domain Information Groper|dig]], to indicate ''that the responding name server is an authority for the domain name in question.''<ref name="rfc1035" />

When a name server is designated as the authoritative server for a domain name for which it does not have authoritative data, it presents a type of error called a "lame delegation" or "lame response".<ref>{{Cite book|last1=Nemeth|first1=Evi|url=https://books.google.com/books?id=GB_O89fnz_sC&dq=%22lame+delegation%22&pg=PA475|title=Linux Administration Handbook|last2=Snyder|first2=Garth|last3=Hein|first3=Trent R.|date=2006-10-30|publisher=Addison-Wesley Professional|isbn=978-0-13-700275-7|language=en}}</ref><ref>{{Cite book|last1=Bissyande|first1=Tegawendé F.|url=https://books.google.com/books?id=YjE5DwAAQBAJ&dq=%22lame+delegation%22&pg=PA235|title=e-Infrastructure and e-Services for Developing Countries: 8th International Conference, AFRICOMM 2016, Ouagadougou, Burkina Faso, December 6-7, 2016, Proceedings|last2=Sie|first2=Oumarou|date=2017-10-09|publisher=Springer|isbn=978-3-319-66742-3|language=en}}</ref>