NAPTR
Encyclopedia
A Name Authority Pointer (NAPTR) is a type of resource record used in the Domain Name System
(DNS).
) are a subset of Uniform Resource Identifiers (URI
s) used for abstract identifiers, such as a person's name or their telephone number. For URNs to be meaningful, they must be mapped to a concrete resource of some sort. Uniform Resource Locators (URLs) are often used to describe such resources, such as a computer hostname
, or a local file.
As part of the standardization of URNs, NAPTR records were introduced to do just this. NAPTR records map between sets of URNs, URLs and plain domain names and suggest to clients what protocol should be used to talk to the mapped resource. Each NAPTR record contains a service name, a set of flags, a regexp
rule, an order value, a preference and a replacement. Multiple records can be chained together in a cascade to rewrite URIs in fairly sophisticated, but deterministic
ways. These cascading rules have been standardized in RFC2915 and RFC3403.
, where it is used to route phone calls over the Internet. For example, the SIP URN for the US telephone number 1-800-555-1234 would be tel:+1-800-555-1234 and its domain name 4.3.2.1.5.5.5.0.0.8.1.e164.arpa. A SIP client doing a lookup on that name might receive:
$ORIGIN 4.3.2.1.5.5.5.0.0.8.1.e164.arpa.
IN NAPTR 100 10 "U" "E2U+sip" "!^.*$!sip:customer-service@example.com!i" .
IN NAPTR 102 10 "U" "E2U+email" "!^.*$!mailto:information@example.com !i" .
The first record has an order value of 100, which is lower than 102, so it is picked first. Its preference of 10 is unimportant as there are no other rules with order 100. The service name E2U+sip is an ENUM
string indicating that the record can be used in phone number-to-SIP lookups. The client then goes on to apply the regexp rule !^.*$!sip:customer-service@example.com!, which replaces its entire lookup URN tel:+1-800-555-1234 with sip:customer-service@example.com. The "U" flag indicates that the replacement string is a SIP URN, and that no further rules should be applied.
To resolve SIP URN, the client then performs a second NAPTR lookup—on example.com, yielding:
$ORIGIN example.com.
IN NAPTR 100 10 "S" "SIP+D2U" "!^.*$!sip:customer-service@example.com!" _sip._udp.example.com.
IN NAPTR 102 10 "S" "SIP+D2T" "!^.*$!sip:customer-service@example.com!" _sip._tcp.example.com.
As before, the client picks the first record because it has the lowest order value. The regexp rule replaces the lookup URN, this time with the domain name _sip._udp.example.com. The "S" flag indicates that
resulting domain name points to a SRV record
. The client thus finishes with _sip._udp.example.com, for which it can then fetch a SRV record to initiate a VOIP call.
EDNS
is required for NAPTR implementations, as extended-length DNS packets are needed to encapsulate queries returning multiple NAPTR records.
Domain name system
The Domain Name System is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities...
(DNS).
Rationale
Uniform Resource Names (URNsUniform Resource Name
A uniform resource name is a uniform resource identifier that uses the urn scheme and does not imply availability of the identified resource. Both URNs and URLs are URIs, and a particular URI may be a name and a locator at the same time.The functional requirements for uniform resource names are...
) are a subset of Uniform Resource Identifiers (URI
Úri
Úriis a village and commune in the comitatus of Pest in Hungary....
s) used for abstract identifiers, such as a person's name or their telephone number. For URNs to be meaningful, they must be mapped to a concrete resource of some sort. Uniform Resource Locators (URLs) are often used to describe such resources, such as a computer hostname
Hostname
A hostname is a label that is assigned to a device connected to a computer network and that is used to identify the device in various forms of electronic communication such as the World Wide Web, e-mail or Usenet...
, or a local file.
As part of the standardization of URNs, NAPTR records were introduced to do just this. NAPTR records map between sets of URNs, URLs and plain domain names and suggest to clients what protocol should be used to talk to the mapped resource. Each NAPTR record contains a service name, a set of flags, a regexp
Regular expression
In computing, a regular expression provides a concise and flexible means for "matching" strings of text, such as particular characters, words, or patterns of characters. Abbreviations for "regular expression" include "regex" and "regexp"...
rule, an order value, a preference and a replacement. Multiple records can be chained together in a cascade to rewrite URIs in fairly sophisticated, but deterministic
Deterministic system (mathematics)
In mathematics, a deterministic system is a system in which no randomness is involved in the development of future states of the system. A deterministic model will thus always produce the same output from a given starting condition or initial state.-Examples:...
ways. These cascading rules have been standardized in RFC2915 and RFC3403.
Example
A common use for NAPTR records is in SIPSession Initiation Protocol
The Session Initiation Protocol is an IETF-defined signaling protocol widely used for controlling communication sessions such as voice and video calls over Internet Protocol . The protocol can be used for creating, modifying and terminating two-party or multiparty sessions...
, where it is used to route phone calls over the Internet. For example, the SIP URN for the US telephone number 1-800-555-1234 would be tel:+1-800-555-1234 and its domain name 4.3.2.1.5.5.5.0.0.8.1.e164.arpa. A SIP client doing a lookup on that name might receive:
$ORIGIN 4.3.2.1.5.5.5.0.0.8.1.e164.arpa.
IN NAPTR 100 10 "U" "E2U+sip" "!^.*$!sip:customer-service@example.com!i" .
IN NAPTR 102 10 "U" "E2U+email" "!^.*$!
The first record has an order value of 100, which is lower than 102, so it is picked first. Its preference of 10 is unimportant as there are no other rules with order 100. The service name E2U+sip is an ENUM
Enum
ENUM or enum may refer to:* E.164 NUmber Mapping, a suite of protocols to unify the telephone system with the Internet* An enumerated type, a data type consisting of a set of named values...
string indicating that the record can be used in phone number-to-SIP lookups. The client then goes on to apply the regexp rule !^.*$!sip:customer-service@example.com!, which replaces its entire lookup URN tel:+1-800-555-1234 with sip:customer-service@example.com. The "U" flag indicates that the replacement string is a SIP URN, and that no further rules should be applied.
To resolve SIP URN, the client then performs a second NAPTR lookup—on example.com, yielding:
$ORIGIN example.com.
IN NAPTR 100 10 "S" "SIP+D2U" "!^.*$!sip:customer-service@example.com!" _sip._udp.example.com.
IN NAPTR 102 10 "S" "SIP+D2T" "!^.*$!sip:customer-service@example.com!" _sip._tcp.example.com.
As before, the client picks the first record because it has the lowest order value. The regexp rule replaces the lookup URN, this time with the domain name _sip._udp.example.com. The "S" flag indicates that
resulting domain name points to a SRV record
SRV record
A Service record is a specification of data in the Domain Name System defining the location, i.e. the hostname and port number, of servers for specified services. It is defined in RFC 2782, and its type code is 33...
. The client thus finishes with _sip._udp.example.com, for which it can then fetch a SRV record to initiate a VOIP call.
Support
| Vendor | Product | NAPTR support? |
|---|---|---|
| ISC Internet Systems Consortium Internet Systems Consortium, Inc., also known as ISC, is a Delaware-registered, 501 public benefit non-profit corporation dedicated to supporting the infrastructure of the universal connected self-organizing Internet by developing and maintaining core production quality software, protocols, and... |
BIND BIND BIND , or named , is the most widely used DNS software on the Internet.On Unix-like operating systems it is the de facto standard.Originally written by four graduate students at the Computer Systems Research Group at the University of California, Berkeley , the name originates as an acronym from... |
Yes |
| Cisco Systems Cisco Systems Cisco Systems, Inc. is an American multinational corporation headquartered in San Jose, California, United States, that designs and sells consumer electronics, networking, voice, and communications technology and services. Cisco has more than 70,000 employees and annual revenue of US$... |
CNR Cisco Network Registrar The Cisco Network Registrar is a Cisco software product that includes components for Domain Name System services, Dynamic Host Configuration Protocol services, Trivial File Transfer Protocol services, and Simple Network Management Protocol functions... |
Yes |
| Daniel Bernstein | djbdns Djbdns The djbdns software package is a DNS implementation created by Daniel J. Bernstein due to his frustrations with repeated BIND security holes. A $1000 prize for the first person to find a privilege escalation security hole in djbdns was awarded in March 2009 to Matthew Dempsky., djbdns's tinydns... |
No (requires patch) |
| Microsoft Microsoft Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions... |
Windows Server 2003 Windows Server 2003 Windows Server 2003 is a server operating system produced by Microsoft, introduced on 24 April 2003. An updated version, Windows Server 2003 R2, was released to manufacturing on 6 December 2005... DNS Server |
No |
| Microsoft Microsoft Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions... |
Windows Server 2008 R2 Windows Server 2008 R2 Windows Server 2008 R2 is a server operating system produced by Microsoft. It was released to manufacturing on July 22, 2009 and launched on October 22, 2009. According to the Windows Server Team blog, the retail availability was September 14, 2009. It is built on Windows NT 6.1, the same core... DNS Server |
Yes |
| Bert Hubert Bert Hubert Bert Hubert is a Dutch open source software developer. He is best known for being the principal author of the popular open source DNS server suite PowerDNS... |
PowerDNS PowerDNS PowerDNS is a DNS server, written in C++ and licensed under the GPL. It runs on most Unix derivatives and on Microsoft Windows. PowerDNS features a large number of different backends ranging from simple BIND style zonefiles to relational databases and load balancing/failover algorithms... |
Yes |
| NLnet NLnet NLnets history started in April 1982 with the announcement of a major initiative to develop and provide network services in Europe under the name EUnet.Stichting NLnet was formally established as a "stichting" in February 1989... Labs |
NSD NSD In Internet computing, NSD is an open-source server program for the Domain Name System. It was developed by NLnet Labs of Amsterdam in cooperation with the RIPE NCC, from scratch as an authoritative name server... |
Yes |
| Sam Trenholme | MaraDNS MaraDNS MaraDNS is a security-aware Domain Name System implementation. Along with BIND, NSD, djbdns, and PowerDNS, it is one of a small number of DNS servers with published source code... |
Yes (as of version 1.4) |
| Unixservice, LLC. | unxsBind MysqlBind mysqlBind/unxsBind is a DNS management software system. It supports ISC BIND DNS and is distributed as open source software under the GNU General Public License.mysqlBind/unxsBind has been in use since the late 1990s... |
Yes |
EDNS
EDNS
Extension mechanisms for DNS is a specification for expanding the size of several parameters of the Domain Name System protocol which had size restrictions that the Internet engineering community deemed too limited for increasing functionality of the protocol...
is required for NAPTR implementations, as extended-length DNS packets are needed to encapsulate queries returning multiple NAPTR records.