Open In App
Related Articles

DNS Message Format

Improve Article
Save Article
Like Article

DNS allows you to interact with devices on the Internet without having to remember long strings of numbers. Changing of information between client and server is carried out by two types of DNS messages:

  • Query message
  • Response message.

The format is similar for both types of messages. The information is held up in up to five different sections of DNS message format. The query message is having two sections- header and question records. 

The response message consists of five sections:

  •  Header 
  •  Question
  •  Records
  •  Answer records
  •  Authoritative records
  • Additional records
DNS Message Header


The above representation is showing the DNS Message format in which some fields are set to 0s for query messages. 

  • Identification: The identification field is made up of 16 bits which are used to match the response with the request sent from the client-side. The matching is carried out by this field as the server copies the 16-bit value of identification in the response message so the client device can match the queries with the corresponding response received from the server-side.
  • Flags: It is 16 bits and is divided into the following Fields :
DNS Message Format


Here is the description of each subfield of the Flags field:

  • QR (query/response): It is a 1-bit subfield. If its value is 0, the message is of request type and if its value is 1, the message is of response type.
  • opcode: It is a 4-bit subfield that defines the type of query carried by a message. This field value is repeated in the response. Following is the list of opcode values with a brief description:
    • If the value of the opcode subfield is 0 then it is a standard query. 
    • The value 1 corresponds to an inverse of query that implies finding the domain name from the IP Address. 
    • The value 2 refers to the server status request. The value 3 specifies the status reserved and therefore not used.
  • AA: It is an Authoritative Answer. It is a 1-bit subfield that specifies the server is authoritative if the value is 1 otherwise it is non-authoritative for a 0 value.
  • TC: It is Truncation. This is a 1-bit subfield that specifies if the length of the message exceeds the allowed length of 512 bytes, the message is truncated when using UDP services.
  • RD: It is Recursion Desired. It is a 1-bit subfield that specifies if the value is set to 1 in the query message then the server needs to answer the query recursively. Its value is copied to the response message.
  • RA: It is Recursion Available. It is a 1-bit subfield that specifies the availability of recursive response if the value is set to 1 in the response message.
  • Zero: It is a 3-bit reserved subfield set to 0.
  • rCode: It stands for Response Code. It is a 4-bit subfield used to denote whether the query was answered successfully or not. If not answered successfully then the status of error is provided in the response.  Following is the list of values with their error status –
    • The value 0 of rcode indicates no error. 
    • A value of 1 indicates that there is a problem with the format specification.
    • Value 2 indicates server failure.
    • Value 3 refers to the Name Error that implies the name given by the query does not exist in the domain. 
    • Value of 4 indicates that the request type is not supported by the server.
    • The value 5 refers to the nonexecution of queries by the server due to policy reasons.
  • Number of Questions- It is a 16-bit field to specify the count of questions in the Question Section of the message. It is present in both query and response messages.
  • A number of answer RRs- It is a 16-bit field that specifies the count of answer records in the Answer section of the message. This section has a value of 0 in query messages. The server answers the query received from the client. It is available only in response messages.
  • A number of authority RRs- It is a 16-bit field that gives the count of the resource records in the Authoritative section of the message. This section has a value of 0 in query messages. It is available only in response messages. It gives information that comprises domain names about one or more authoritative servers.
  • A number of additional RRs– It is a 16-bit field that holds additional records to keep additional information to help the resolver. This section has a value of 0 in query messages. It is available only in response messages.

For more details please refer to the article Domain Name System (DNS) in Application Layer article.

Whether you're preparing for your first job interview or aiming to upskill in this ever-evolving tech landscape, GeeksforGeeks Courses are your key to success. We provide top-quality content at affordable prices, all geared towards accelerating your growth in a time-bound manner. Join the millions we've already empowered, and we're here to do the same for you. Don't miss out - check it out now!

Last Updated : 20 May, 2022
Like Article
Save Article
Complete Tutorials