Comprehensive list of all DNS constants including types, classes, response codes, algorithms, and option codes.
All DNS RR types supported by the library.
const (
// Standard RR Types
TypeNone uint16 = 0
TypeA uint16 = 1 // IPv4 address
TypeNS uint16 = 2 // Name server
TypeMD uint16 = 3 // Mail destination (obsolete)
TypeMF uint16 = 4 // Mail forwarder (obsolete)
TypeCNAME uint16 = 5 // Canonical name
TypeSOA uint16 = 6 // Start of authority
TypeMB uint16 = 7 // Mailbox domain name
TypeMG uint16 = 8 // Mail group member
TypeMR uint16 = 9 // Mail rename domain
TypeNULL uint16 = 10 // Null RR
TypePTR uint16 = 12 // Pointer record
TypeHINFO uint16 = 13 // Host information
TypeMINFO uint16 = 14 // Mailbox information
TypeMX uint16 = 15 // Mail exchange
TypeTXT uint16 = 16 // Text strings
TypeRP uint16 = 17 // Responsible person
TypeAFSDB uint16 = 18 // AFS database location
TypeX25 uint16 = 19 // X.25 address
TypeISDN uint16 = 20 // ISDN address
TypeRT uint16 = 21 // Route through
TypeNSAPPTR uint16 = 23 // NSAP pointer
TypeSIG uint16 = 24 // Signature (obsolete, use RRSIG)
TypeKEY uint16 = 25 // Key (obsolete, use DNSKEY)
TypePX uint16 = 26 // Pointer to X.400 mapping
TypeGPOS uint16 = 27 // Geographical position
TypeAAAA uint16 = 28 // IPv6 address
TypeLOC uint16 = 29 // Location information
TypeNXT uint16 = 30 // Next (obsolete, use NSEC)
TypeEID uint16 = 31 // Endpoint identifier
TypeNIMLOC uint16 = 32 // Nimrod locator
TypeSRV uint16 = 33 // Service locator
TypeATMA uint16 = 34 // ATM address
TypeNAPTR uint16 = 35 // Naming authority pointer
TypeKX uint16 = 36 // Key exchanger
TypeCERT uint16 = 37 // Certificate record
TypeDNAME uint16 = 39 // Delegation name
// DNSSEC Types
TypeDS uint16 = 43 // Delegation signer
TypeSSHFP uint16 = 44 // SSH fingerprint
TypeIPSECKEY uint16 = 45 // IPSEC key
TypeRRSIG uint16 = 46 // Resource record signature
TypeNSEC uint16 = 47 // Next secure record
TypeDNSKEY uint16 = 48 // DNS key
TypeDHCID uint16 = 49 // DHCP identifier
TypeNSEC3 uint16 = 50 // Next secure record v3
TypeNSEC3PARAM uint16 = 51 // NSEC3 parameters
TypeCDS uint16 = 59 // Child DS
TypeCDNSKEY uint16 = 60 // Child DNSKEY
TypeCSYNC uint16 = 62 // Child-to-parent synchronization
TypeZONEMD uint16 = 63 // Message digest for DNS zone
// Security and Certificate Types
TypeTLSA uint16 = 52 // TLS authentication
TypeSMIMEA uint16 = 53 // S/MIME certificate association
TypeOPENPGPKEY uint16 = 61 // OpenPGP key
// Service Discovery
TypeSVCB uint16 = 64 // Service binding
TypeHTTPS uint16 = 65 // HTTPS binding
// Other Types
TypeOPT uint16 = 41 // EDNS0 option (meta-type)
TypeAPL uint16 = 42 // Address prefix list
TypeHIP uint16 = 55 // Host identity protocol
TypeNINFO uint16 = 56 // Node information
TypeRKEY uint16 = 57 // Reserved key
TypeTALINK uint16 = 58 // Trust anchor link
TypeSPF uint16 = 99 // Sender policy framework
TypeUINFO uint16 = 100 // User information
TypeUID uint16 = 101 // User ID
TypeGID uint16 = 102 // Group ID
TypeUNSPEC uint16 = 103 // Unspecified
TypeNID uint16 = 104 // Node identifier
TypeL32 uint16 = 105 // 32-bit locator
TypeL64 uint16 = 106 // 64-bit locator
TypeLP uint16 = 107 // Locator pointer
TypeEUI48 uint16 = 108 // EUI-48 address
TypeEUI64 uint16 = 109 // EUI-64 address
TypeNXNAME uint16 = 128 // NXNAME
TypeURI uint16 = 256 // URI record
TypeCAA uint16 = 257 // Certification authority authorization
TypeAVC uint16 = 258 // Application visibility and control
TypeAMTRELAY uint16 = 260 // Automatic multicast tunneling relay
TypeRESINFO uint16 = 261 // Resolver information
// Meta Types (Query only)
TypeTKEY uint16 = 249 // Transaction key
TypeTSIG uint16 = 250 // Transaction signature
TypeIXFR uint16 = 251 // Incremental zone transfer
TypeAXFR uint16 = 252 // Full zone transfer
TypeMAILB uint16 = 253 // Mailbox related records
TypeMAILA uint16 = 254 // Mail agent records
TypeANY uint16 = 255 // Any type
// Trust Anchor Types
TypeTA uint16 = 32768 // Trust anchor
TypeDLV uint16 = 32769 // DNSSEC lookaside validation
TypeReserved uint16 = 65535 // Reserved
)DNS class values for queries and resource records.
const (
ClassINET = 1 // Internet (IN) - most common
ClassCSNET = 2 // CSNET (obsolete)
ClassCHAOS = 3 // CHAOS
ClassHESIOD = 4 // Hesiod
ClassNONE = 254 // Used in dynamic updates
ClassANY = 255 // Any class (query only)
)DNS response codes indicating query results.
const (
// Standard Response Codes (RFC 1035)
RcodeSuccess = 0 // NoError - No error condition
RcodeFormatError = 1 // FormErr - Format error
RcodeServerFailure = 2 // ServFail - Server failure
RcodeNameError = 3 // NXDomain - Non-existent domain
RcodeNotImplemented = 4 // NotImp - Not implemented
RcodeRefused = 5 // Refused - Query refused
// Dynamic Update Response Codes (RFC 2136)
RcodeYXDomain = 6 // YXDomain - Name exists when it should not
RcodeYXRrset = 7 // YXRRSet - RR set exists when it should not
RcodeNXRrset = 8 // NXRRSet - RR set that should exist does not
RcodeNotAuth = 9 // NotAuth - Server not authoritative for zone
RcodeNotZone = 10 // NotZone - Name not contained in zone
// DSO Response Code (RFC 8490)
RcodeStatefulTypeNotImplemented = 11 // DSOTypeNI - DSO-TYPE not implemented
// EDNS/TSIG Response Codes (RFC 2845, RFC 6891)
RcodeBadSig = 16 // BADSIG/BADVERS - TSIG signature failure or bad OPT version
RcodeBadVers = 16 // Same as RcodeBadSig (context dependent)
RcodeBadKey = 17 // BADKEY - Key not recognized
RcodeBadTime = 18 // BADTIME - Signature out of time window
RcodeBadMode = 19 // BADMODE - Bad TKEY mode
RcodeBadName = 20 // BADNAME - Duplicate key name
RcodeBadAlg = 21 // BADALG - Algorithm not supported
RcodeBadTrunc = 22 // BADTRUNC - Bad truncation
RcodeBadCookie = 23 // BADCOOKIE - Bad/missing server cookie
)DNS message operation codes.
const (
OpcodeQuery = 0 // Standard query
OpcodeIQuery = 1 // Inverse query (obsolete)
OpcodeStatus = 2 // Server status request
OpcodeNotify = 4 // Zone change notification
OpcodeUpdate = 5 // Dynamic update
OpcodeStateful = 6 // DNS stateful operations
)Cryptographic algorithms for DNSSEC signing and validation.
const (
RSAMD5 uint8 = 1 // RSA/MD5 (deprecated)
DH uint8 = 2 // Diffie-Hellman
DSA uint8 = 3 // DSA/SHA1
RSASHA1 uint8 = 5 // RSA/SHA-1
DSANSEC3SHA1 uint8 = 6 // DSA-NSEC3-SHA1
RSASHA1NSEC3SHA1 uint8 = 7 // RSASHA1-NSEC3-SHA1
RSASHA256 uint8 = 8 // RSA/SHA-256
RSASHA512 uint8 = 10 // RSA/SHA-512
ECCGOST uint8 = 12 // GOST R 34.10-2001
ECDSAP256SHA256 uint8 = 13 // ECDSA Curve P-256 with SHA-256
ECDSAP384SHA384 uint8 = 14 // ECDSA Curve P-384 with SHA-384
ED25519 uint8 = 15 // Ed25519
ED448 uint8 = 16 // Ed448
INDIRECT uint8 = 252 // Indirect
PRIVATEDNS uint8 = 253 // Private algorithm
PRIVATEOID uint8 = 254 // Private algorithm OID
)Hash algorithms for DS records.
const (
SHA1 uint8 = 1 // SHA-1 (RFC 4034)
SHA256 uint8 = 2 // SHA-256 (RFC 4509)
GOST94 uint8 = 3 // GOST R 34.11-94 (RFC 5933)
SHA384 uint8 = 4 // SHA-384 (experimental)
SHA512 uint8 = 5 // SHA-512 (experimental)
)Flags for DNSKEY resource records.
const (
SEP = 1 // Secure Entry Point (bit 15)
REVOKE = 1 << 7 // Key revoked (bit 8)
ZONE = 1 << 8 // Zone key (bit 7)
)Extended DNS option codes for OPT records.
const (
EDNS0LLQ = 0x1 // Long lived queries
EDNS0UL = 0x2 // Update lease
EDNS0NSID = 0x3 // Name server identifier (RFC 5001)
EDNS0ESU = 0x4 // ENUM source URI
EDNS0DAU = 0x5 // DNSSEC algorithm understood
EDNS0DHU = 0x6 // DS hash understood
EDNS0N3U = 0x7 // NSEC3 hash understood
EDNS0SUBNET = 0x8 // Client subnet (RFC 7871)
EDNS0EXPIRE = 0x9 // EDNS0 expire
EDNS0COOKIE = 0xa // DNS cookie (RFC 7873)
EDNS0TCPKEEPALIVE = 0xb // TCP keepalive (RFC 7828)
EDNS0PADDING = 0xc // EDNS0 padding (RFC 7830)
EDNS0EDE = 0xf // Extended DNS errors (RFC 8914)
EDNS0LOCALSTART = 0xFDE9 // Local/experimental use start
EDNS0LOCALEND = 0xFFFE // Local/experimental use end
)EDNS0 Extended DNS Error (EDE) information codes (RFC 8914).
const (
ExtendedErrorCodeOther uint16 = 0 // Other error
ExtendedErrorCodeUnsupportedDNSKEYAlgorithm uint16 = 1 // Unsupported DNSKEY algorithm
ExtendedErrorCodeUnsupportedDSDigestType uint16 = 2 // Unsupported DS digest type
ExtendedErrorCodeStaleAnswer uint16 = 3 // Stale answer
ExtendedErrorCodeForgedAnswer uint16 = 4 // Forged answer
ExtendedErrorCodeDNSSECIndeterminate uint16 = 5 // DNSSEC indeterminate
ExtendedErrorCodeDNSBogus uint16 = 6 // DNSSEC bogus
ExtendedErrorCodeSignatureExpired uint16 = 7 // Signature expired
ExtendedErrorCodeSignatureNotYetValid uint16 = 8 // Signature not yet valid
ExtendedErrorCodeDNSKEYMissing uint16 = 9 // DNSKEY missing
ExtendedErrorCodeRRSIGsMissing uint16 = 10 // RRSIGs missing
ExtendedErrorCodeNoZoneKeyBitSet uint16 = 11 // No zone key bit set
ExtendedErrorCodeNSECMissing uint16 = 12 // NSEC missing
ExtendedErrorCodeCachedError uint16 = 13 // Cached error
ExtendedErrorCodeNotReady uint16 = 14 // Not ready
ExtendedErrorCodeBlocked uint16 = 15 // Blocked
ExtendedErrorCodeCensored uint16 = 16 // Censored
ExtendedErrorCodeFiltered uint16 = 17 // Filtered
ExtendedErrorCodeProhibited uint16 = 18 // Prohibited
ExtendedErrorCodeStaleNXDOMAINAnswer uint16 = 19 // Stale NXDOMAIN answer
ExtendedErrorCodeNotAuthoritative uint16 = 20 // Not authoritative
ExtendedErrorCodeNotSupported uint16 = 21 // Not supported
ExtendedErrorCodeNoReachableAuthority uint16 = 22 // No reachable authority
ExtendedErrorCodeNetworkError uint16 = 23 // Network error
ExtendedErrorCodeInvalidData uint16 = 24 // Invalid data
ExtendedErrorCodeSignatureExpiredBeforeValid uint16 = 25 // Signature expired before valid
ExtendedErrorCodeTooEarly uint16 = 26 // Too early
ExtendedErrorCodeUnsupportedNSEC3IterValue uint16 = 27 // Unsupported NSEC3 iterations value
ExtendedErrorCodeUnableToConformToPolicy uint16 = 28 // Unable to conform to policy
ExtendedErrorCodeSynthesized uint16 = 29 // Synthesized
ExtendedErrorCodeInvalidQueryType uint16 = 30 // Invalid query type
)HMAC algorithm domain names for TSIG authentication.
const (
HmacSHA1 = "hmac-sha1."
HmacSHA224 = "hmac-sha224."
HmacSHA256 = "hmac-sha256."
HmacSHA384 = "hmac-sha384."
HmacSHA512 = "hmac-sha512."
HmacMD5 = "hmac-md5.sig-alg.reg.int." // Deprecated
)Certificate types for CERT resource records (RFC 4398).
const (
CertPKIX = 1 // X.509 as per PKIX
CertSPKI = 2 // SPKI certificate
CertPGP = 3 // OpenPGP packet
CertIPIX = 4 // URL of an X.509 data object
CertISPKI = 5 // SPKI certificate from IANA
CertIPGP = 6 // OpenPGP packet from IANA
CertACPKIX = 7 // Attribute certificate
CertIACPKIX = 8 // URL of an attribute certificate
CertURI = 253 // URI private
CertOID = 254 // OID private
)Service binding parameter keys for SVCB and HTTPS records (RFC 9460, RFC 9461, RFC 9540).
const (
SVCB_MANDATORY SVCBKey = 0 // Mandatory keys
SVCB_ALPN SVCBKey = 1 // Application-layer protocol negotiation
SVCB_NO_DEFAULT_ALPN SVCBKey = 2 // No default ALPN
SVCB_PORT SVCBKey = 3 // Port number
SVCB_IPV4HINT SVCBKey = 4 // IPv4 address hints
SVCB_ECHCONFIG SVCBKey = 5 // Encrypted ClientHello config
SVCB_IPV6HINT SVCBKey = 6 // IPv6 address hints
SVCB_DOHPATH SVCBKey = 7 // DNS over HTTPS path (RFC 9461)
SVCB_OHTTP SVCBKey = 8 // Oblivious HTTP (RFC 9540)
)Zone digest hash algorithms (RFC 8976).
const (
ZoneMDSchemeSimple = 1 // Simple ZONEMD scheme
ZoneMDHashAlgSHA384 = 1 // SHA-384
ZoneMDHashAlgSHA512 = 2 // SHA-512
)Gateway types for IPSECKEY records (RFC 4025).
const (
IPSECGatewayNone uint8 = 0 // No gateway
IPSECGatewayIPv4 uint8 = 1 // IPv4 address
IPSECGatewayIPv6 uint8 = 2 // IPv6 address
IPSECGatewayHost uint8 = 3 // Domain name
)Discovery types for AMTRELAY records (RFC 8777).
const (
AMTRELAYNone = 0 // No relay
AMTRELAYIPv4 = 1 // IPv4 address
AMTRELAYIPv6 = 2 // IPv6 address
AMTRELAYHost = 3 // Domain name
)Location record constants (RFC 1876).
const (
LOC_EQUATOR = 1 << 31 // Equator reference (2^31)
LOC_PRIMEMERIDIAN = 1 << 31 // Prime meridian reference (2^31)
LOC_HOURS = 60 * 1000
LOC_DEGREES = 60 * LOC_HOURS
LOC_ALTITUDEBASE = 100000
)DNS Stateful Operations types (RFC 8490).
const (
StatefulTypeKeepAlive uint16 = 1 // Keep-alive
StatefulTypeRetryDelay uint16 = 2 // Retry delay
StatefulTypeEncryptionPadding uint16 = 3 // Encryption padding
)Internal bit flags used in DNS message headers.
const (
_QR = 1 << 15 // Query/Response (response=1)
_AA = 1 << 10 // Authoritative answer
_TC = 1 << 9 // Truncated
_RD = 1 << 8 // Recursion desired
_RA = 1 << 7 // Recursion available
_Z = 1 << 6 // Reserved (must be zero)
_AD = 1 << 5 // Authenticated data
_CD = 1 << 4 // Checking disabled
)EDNS0 flags for the OPT record.
const (
_DO = 1 << 15 // DNSSEC OK
_CO = 1 << 14 // Compact answers OK
)// TypeToString maps type codes to names
var TypeToString map[uint16]string
// StringToType maps type names to codes
var StringToType map[string]uint16// ClassToString maps class codes to names
var ClassToString map[uint16]string
// StringToClass maps class names to codes
var StringToClass map[string]uint16// RcodeToString maps rcode values to names
var RcodeToString map[int]string// OpcodeToString maps opcode values to names
var OpcodeToString map[int]string// AlgorithmToString maps algorithm IDs to names
var AlgorithmToString map[uint8]string
// StringToAlgorithm maps algorithm names to IDs
var StringToAlgorithm map[string]uint8
// AlgorithmToHash maps algorithm IDs to crypto.Hash
var AlgorithmToHash map[uint8]crypto.Hash// HashToString maps hash algorithm IDs to names
var HashToString map[uint8]string
// StringToHash maps hash algorithm names to IDs
var StringToHash map[string]uint8// CertTypeToString maps cert type codes to names
var CertTypeToString map[uint16]string
// StringToCertType maps cert type names to codes
var StringToCertType map[string]uint16// ExtendedErrorCodeToString maps EDE codes to descriptions
var ExtendedErrorCodeToString map[uint16]string
// StringToExtendedErrorCode maps descriptions to EDE codes
var StringToExtendedErrorCode map[string]uint16// StatefulTypeToString maps DSO type codes to names
var StatefulTypeToString map[uint16]string// Using type constants
m := new(dns.Msg)
m.SetQuestion("example.com.", dns.TypeA)
// Convert type to string
typeName := dns.TypeToString[dns.TypeA]
fmt.Println(typeName) // Output: A
// Convert string to type
typeCode := dns.StringToType["AAAA"]
fmt.Println(typeCode) // Output: 28
// Check if type is a meta-type
if qtype == dns.TypeAXFR || qtype == dns.TypeIXFR {
fmt.Println("Zone transfer request")
}// Check response code
if r.Rcode == dns.RcodeSuccess {
fmt.Println("Query successful")
} else if r.Rcode == dns.RcodeNameError {
fmt.Println("Domain does not exist")
}
// Convert to string
rcodeName := dns.RcodeToString[r.Rcode]
fmt.Printf("Response: %s\n", rcodeName)
// Set error response
m := new(dns.Msg)
m.SetRcode(request, dns.RcodeRefused)// Create DNSKEY with algorithm
key := &dns.DNSKEY{
Hdr: dns.RR_Header{
Name: "example.com.",
Rrtype: dns.TypeDNSKEY,
Class: dns.ClassINET,
Ttl: 3600,
},
Flags: dns.ZONE | dns.SEP,
Protocol: 3,
Algorithm: dns.ECDSAP256SHA256,
PublicKey: "base64key...",
}
// Get algorithm name
algoName := dns.AlgorithmToString[key.Algorithm]
fmt.Println(algoName) // Output: ECDSAP256SHA256
// Get hash for algorithm
hash := dns.AlgorithmToHash[dns.RSASHA256]
// hash is crypto.SHA256// Add EDNS0 option
opt := &dns.OPT{
Hdr: dns.RR_Header{Name: ".", Rrtype: dns.TypeOPT},
}
opt.SetUDPSize(4096)
// Add subnet option
subnet := &dns.EDNS0_SUBNET{
Code: dns.EDNS0SUBNET,
Family: 1, // IPv4
SourceNetmask: 24,
Address: net.ParseIP("192.0.2.1"),
}
opt.Option = append(opt.Option, subnet)
// Add extended error
ede := &dns.EDNS0_EDE{
InfoCode: dns.ExtendedErrorCodeDNSBogus,
ExtraText: "DNSSEC validation failed",
}
opt.Option = append(opt.Option, ede)
// Get error description
desc := dns.ExtendedErrorCodeToString[dns.ExtendedErrorCodeDNSBogus]
fmt.Println(desc) // Output: DNSSEC Bogus// Create TSIG with algorithm
m := new(dns.Msg)
m.SetQuestion("example.com.", dns.TypeA)
m.SetTsig("key-name.", dns.HmacSHA256, 300, time.Now().Unix())
// Check algorithm
tsig := m.IsTsig()
if tsig != nil {
switch tsig.Algorithm {
case dns.HmacSHA256:
fmt.Println("Using HMAC-SHA256")
case dns.HmacSHA512:
fmt.Println("Using HMAC-SHA512")
}
}// Create CERT record
cert := &dns.CERT{
Hdr: dns.RR_Header{
Name: "example.com.",
Rrtype: dns.TypeCERT,
Class: dns.ClassINET,
Ttl: 3600,
},
Type: dns.CertPKIX,
KeyTag: 12345,
Algorithm: dns.RSASHA256,
Certificate: "base64cert...",
}
// Get certificate type name
certType := dns.CertTypeToString[cert.Type]
fmt.Println(certType) // Output: PKIX// Create HTTPS record with parameters
https := &dns.HTTPS{
SVCB: dns.SVCB{
Hdr: dns.RR_Header{
Name: "example.com.",
Rrtype: dns.TypeHTTPS,
Class: dns.ClassINET,
Ttl: 3600,
},
Priority: 1,
Target: "svc.example.com.",
Value: []dns.SVCBKeyValue{
&dns.SVCBAlpn{Alpn: []string{"h3", "h2"}},
&dns.SVCBPort{Port: 443},
&dns.SVCBIPv4Hint{Hint: []net.IP{net.ParseIP("192.0.2.1")}},
},
},
}
// SVCB key names
fmt.Println(dns.SVCB_ALPN.String()) // Output: alpn
fmt.Println(dns.SVCB_PORT.String()) // Output: port
fmt.Println(dns.SVCB_DOHPATH.String()) // Output: dohpath// Check opcode
switch m.Opcode {
case dns.OpcodeQuery:
fmt.Println("Standard query")
case dns.OpcodeUpdate:
fmt.Println("Dynamic update")
case dns.OpcodeNotify:
fmt.Println("Zone change notification")
}
// Get opcode name
opName := dns.OpcodeToString[m.Opcode]
fmt.Printf("Operation: %s\n", opName)// Create LOC record with constants
loc := &dns.LOC{
Hdr: dns.RR_Header{
Name: "example.com.",
Rrtype: dns.TypeLOC,
Class: dns.ClassINET,
Ttl: 3600,
},
Version: 0,
Size: 0x12, // 1 meter
HorizPre: 0x16, // 10000 meters
VertPre: 0x13, // 10 meters
Latitude: dns.LOC_EQUATOR + 37*dns.LOC_DEGREES + 46*dns.LOC_HOURS + 30*1000,
Longitude: dns.LOC_PRIMEMERIDIAN - 122*dns.LOC_DEGREES - 25*dns.LOC_HOURS - 0*1000,
Altitude: dns.LOC_ALTITUDEBASE + 5000, // 50 meters above sea level
}// Create query with specific class
m := new(dns.Msg)
m.Question = []dns.Question{{
Name: "example.com.",
Qtype: dns.TypeTXT,
Qclass: dns.ClassCHAOS,
}}
// Convert class to string
className := dns.ClassToString[dns.ClassINET]
fmt.Println(className) // Output: IN
// Convert string to class
classCode := dns.StringToClass["CH"]
fmt.Println(classCode) // Output: 3 (ClassCHAOS)// Return extended error in response
m := new(dns.Msg)
m.SetReply(request)
m.Rcode = dns.RcodeServerFailure
// Add OPT with EDE
opt := &dns.OPT{
Hdr: dns.RR_Header{Name: ".", Rrtype: dns.TypeOPT},
}
opt.SetUDPSize(1232)
ede := &dns.EDNS0_EDE{
InfoCode: dns.ExtendedErrorCodeNetworkError,
ExtraText: "Connection to upstream failed",
}
opt.Option = append(opt.Option, ede)
m.Extra = append(m.Extra, opt)
// Get description
desc := dns.ExtendedErrorCodeToString[ede.InfoCode]
fmt.Printf("Error: %s - %s\n", desc, ede.ExtraText)
// Output: Error: Network Error - Connection to upstream failedThe following constants are deprecated and should not be used in new code:
RSAMD5 - Use RSASHA256 or strongerHmacMD5 - Use HmacSHA256 or strongerTypeSIG - Use TypeRRSIG for DNSSECTypeKEY - Use TypeDNSKEY for DNSSECTypeNXT - Use TypeNSEC for DNSSEC