You're learning why you shouldn't use the same domain name for your Active Directory as you're using for your external Internet presence.
The "A" records for the domain referring to the domain controllers are used for DFS to resolve the name of the domain to a domain controller (primarily for client computers to access the SYSVOL). If you delete those "A" records you're going to see group policy break, amongst other things.
If you can't rename the AD domain, I think you're stuck putting IIS (or some other HTTP server) up on those boxes to redirect client computers to the right host.
This is why I name my AD domains "ad.domain.com". You should have a really, really good reason before you create a DNS zone on a private DNS server that matches a zone that the Internet has authoritative DNS servers for already. You've done that, and added Active Directory into the mix.
TXT records are free-form text records and can be used for things like describing hosts. Can also be used for application specific goals, like DNSBL and SPF. Nowadays, they're widely used to accomplish both these goals.
SRV records are service records and are a kind of extension of MX records and are a little more complex than TXT records. While MX records are used to define which servers will handle the e-mail for a specific domain, giving different weights to different records, SRV records are used to provide things such as the protocol and the port. A SRV record has the following form:
_Service._Proto.Name TTL Class SRV Priority Weight Port Target
Service: the symbolic name of the desired service.
Proto: the transport protocol of the desired service; this is usually either TCP or UDP.
Name: the domain name for which this record is valid.
TTL: standard DNS time to live field.
Class: standard DNS class field (this is always IN).
Priority: the priority of the target host, lower value means more preferred.
Weight: A relative weight for records with the same priority.
Port: the TCP or UDP port on which the service is to be found.
Target: the canonical hostname of the machine providing the service.
One typical example of usage of SRV records is when using the XMPP protocol. For instance, if you have a foobar.com domain, the A record would be used to define the servers where your web contents are and the SRV records would be used to define where your XMPP server is. Typically, they will be located in different addresses.
More info about SRV records here.
Best Answer
First web browsers do not follow
SRV
records at all, so even if you can design them, they are useless.Now given the generic process to know what goes into any record, taking
SRV
as an example.IANA is the guardian of things so go to https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-4 where you can see for
SRV
that it is defined in RFC 2782There it is defined as such:
with then respectively:
and
[STD 2] reference is RFC 1700 but RFC 3232 obsoleted it to make a database online of possible values... which is again administered by IANA.
It is now there: https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml and do note that it is basically what you find in file
/etc/services
in any Unix box.So taking back your examples (your port numbers are wrong in multiple
SRV
records depicted though):mysql
is indeed defined for port3306
so it is valid as service name and hence in anSRV
record27017
, the service name ismongodb
, notmongo
(but do Mongo clients honorSRV
records?)http
is indeed defined for port80
so it is a valid service name (andhttps
for port 443)mqtt
is defined as valid port name, for port1883
. But same question as above, do clients useSRV
records at all?Do note also that there are in the wild various
SRV
records not following the above. If they can be published they "work", that is nothing will prevent resolution of them at the DNS level even if they don't use a registered service name as above, as long as some application of course do read them.For example, you can find lots of example with
_sip._tls
or_sipfederationtls._tcp
online, which are both wrong:tls
is not a valid protocol, andsipfederantiontls
is not a valid service name (and is in fact too long, as https://www.rfc-editor.org/rfc/rfc6335.html#section-5.1 specifies it should be at most 15 characters long). So some tool/UI may prevent creating those records in a zonefile, and some nameservers may refuse to load them, but in most cases they will work (if applications do consume them).