4.2.2 Description of the DOMAIN Object

Below is the object template for the domain object. It lists all possible attributes allowed in this object type.

Attribute Name    Presence       Repeat       Indexed
domain: mandatory single primary/lookup
descr: mandatory multiple
org: optional multiple inverse
admin-c: mandatory multiple inverse
tech-c: mandatory multiple inverse
zone-c: mandatory multiple inverse
nserver: mandatory multiple inverse
ds-rdata: optional multiple inverse
remarks: optional multiple
notify: optional multiple inverse
mnt-by: mandatory multiple inverse
changed: optional multiple
created: generated single
last-modified: generated single
source: mandatory single

The domain object is mainly for registering reverse delegations (number-to-name translations) in both the RIPE Database and the DNS zone files. The RIPE Database is used as the management database for producing the DNS zones. No forward domain names are stored in the RIPE Database. IANA provides information about forward domains.

Reverse DNS delegations allow applications to map to a domain name from an IP address. Reverse delegation is achieved by use of the special domain names in-addr.arpa (IPv4) and ip6.arpa (IPv6).

The domain object is also used for registering ENUM delegations using the domain name e164.arpa.

For IPv4 addresses, a dash is allowed in the fourth octet of the reverse address. This allows for reverse DNS delegations for address space that doesn't fall on octet boundaries as specified in RFC 2317. A dash is not allowed in any other octet. For example:

IPv4 address range -

reverse delegation

This is created in the RIPE Database as a single object, including the dash in the range. The DNS provisioning software handles the dash notation and propagates this delegation to the zone file. The range 0-255 is a special case and is not allowed in the fourth octet. Modification and deletion can be performed on this single object in the database. Any change is propagated into the zone file by the DNS provisioning software.

Reverse DNS zones in the RIPE Database do not allow child objects. From a DNS view, only the parent object is effective. Business rules in the database software check for hierarchies when a reverse domain object is being created. If either a less or more specific domain object already exists, the creation of the new object is rejected. Description of Attributes Specific to the DOMAIN Object

  • “domain:” - This is the reverse delegation address or range. It can be for IPv4 or IPv6 addresses or an ENUM phone number. If a trailing dot is included it will be removed from the stored record.
  • “descr:” - A short description related to the object.
  • “zone-c:” - This attribute references the primary key, or NIC Handle, of either a role or person object. It should always reference a role object, except in the role object where it optionally references nested role objects or a person object.
  • “nserver:” - The "nserver:" attributes in each domain object define the officially delegated DNS nameservers (the ‘NS' in DNS zone contents). The nameserver name can optionally be followed by an IPv4 or IPv6 address as a glue record.
  • “ds-rdata:” – This attribute holds information about a signed delegation record for DNS Security Extensions (DNSSEC).