Let's start taking a look at some RFCs:
- "Host software MUST handle host names of up to 63 characters and SHOULD handle host names of up to 255 characters." http://www.ietf.org/rfc/rfc1123.txt
- "To simplify implementations, the total length of a domain name (i.e., label octets and label length octets) is restricted to 255 octets or less." http://www.ietf.org/rfc/rfc1035.txt
- "A full domain name is limited to 255 octets (including the separators)." http://tools.ietf.org/rfc/rfc2181.txt
So it seems that the domain names should be up to 255 octets, right? That is not what Wikipedia says:
- "The full domain name may not exceed a total length of 253 characters" http://en.wikipedia.org/wiki/Domain_name
There is even a long discussion on Wikipedia about the right value here.
And even an RFC mentions 253 octets:
- "When the result of macro expansion is used in a domain name query, if the expanded domain name exceeds 253 characters (the maximum length of a domain name) [...]" http://www.ietf.org/rfc/rfc4408.txt
Then you start playing with Microsoft DNS or BIND, and tools on both Windows and Linux and see some interesting behaviors. For instance, nslookup on Windows times out when domain name is 255 characters against a BIND server. The version on Linux, however, you get an explicit error for anything longer than 253 characters (ASCII, hence 253 octets):
host <255-char domain name>
<255-char domain name> is not a legal name (ran out of space)
The answer lies actually in the good old RFC 1035 - thanks to a colleague for finding this definitive answer:
- "Each label is represented as a one octet length field followed by that number of octets. Since every domain name ends with the null label of the root, a domain name is terminated by a length byte of zero." http://www.ietf.org/rfc/rfc1035.txt
The answer is that, over the wire, the domain name uses 255 octets. The first one is used to indicate the length, and there's a last byte that is a terminator. So what is left for the actual domain name is 253 octets - which can represent different numbers of characters depending on your domain.