Menu
I am wondering what is the maximum number of characters for a host-name in a Unix system. In addition is there any defined variable that can be used in Unix programming to call that number? (i.e. number of characters allowed for a host-name).
I am programming in C.
755
Hostnames are composed of a sequence of labels concatenated with dots. For example, "en.wikipedia.org" is a hostname. Each label must be from 1 to 63 characters long. The entire hostname, including the delimiting dots, has a maximum of 253 ASCII characters.
Windows doesn't permit computer names that exceed 15 characters, and you can't specify a DNS host name that differs from the NETBIOS host name. You might however create host headers for a web site hosted on a computer and that is then subject to this recommendation.
According to RFC 1035 the length of a FQDN is limited to 255 characters, and each label (node delimited by a dot in the hostname) is limited to 63 characters, so in effect the limit you're after is 63.
So, an FQDN shows the absolute path to a host and displays its IP address in a complete form that is legible to users. There are a few rules for these so-called “absolute addresses”: The entire FQDN may have a maximal length of 255 characters. Only numbers, letters and hyphens are allowed.
You can usually type:
getconf HOST_NAME_MAX In addition, you can generally include limits.h to your application and read the value of the define.
While the POSIX standard says it is guaranteed not to exceed 255 bytes, that does not necessarily mean that each implementation will adhere to that.
man gethostname on your platform to get more detailed information.
171
tl;dr:
Code should deal with hostnames up to 255 bytes long; administrators should keep hostname length (excluding domain) within 19 bytes, and domain name length (excluding hostnames) within 23 bytes.
host.example.com), in which case: . and anything after it from the hostname) can only be up to 63 bytes. characters) from all the above limits, and subtract an additional 1-2 bytes (not including UTF-8 encoding overhead of 1-2 more bytes per character) for each non-ASCII character.Long version:
As @Michael says, POSIX hostnames are generally limited to 255 bytes, and as @zrvan points out, DNS limits the length of each label in RFC 1035 - however, that limit is actually 63 (both in RFC 1035 section 2.3.1 and as clarified in RFC 2181 section 11).
There are other limits that come into play when you are using hostnames that will be used in DNS, as hostnames in SSL certificates or e-mail addresses.
First, the fully qualified domain name (FQDN) length limit is 255 octets when represented in the DNS protocol as
"a series of labels, ... terminated by a label of length zero. ... A label consists of a length octet followed by that number of octets representing the name itself"
With these length prefixes (including the one for the final length zero label), the actual limit for a fully qualified domain name is 253 bytes.
If your hostname will also be used as the DNS name for a server for which you need a TLS/SSL certificate, there is a much shorter limit that will affect you. Appendix A.1 of RFC 5280 and its predecessor RFCs 3280 and 2459 specify Upper Bounds for different fields of an X.509 certificate; the ub-common-name-length limit for the Common Name field, which for server certificates is the server's fully qualified domain name, is 64 bytes.
If you use OpenSSL to generate an SSL certificate with an e-mail address field more than 40 bytes long, you will see this error:
string is too long, it needs to be less than 40 bytes long
If a hostname will be used in e-mail addresses for OpenSSL-generated certificates, the @ and username will also need to fit within 40 bytes (the "less than" in the error should really be "no more than"), which for a maximum username length of 8 bytes, implies a maximum hostname FQDN length of 31 bytes. If the maximum username length is longer than 8 bytes, the maximum hostname length is decreased accordingly - the modern Linux limit of 32 would give a maximum FQDN length of 7 that is impractical, even for URL shortening services like bit.ly.
The OpenSSL choice of a 40 as the length limit for an e-mail address X.509 subject alternative name may have been chosen for compatibility with the shortest possible alternative name syntax, E.163-4 (for telephone numbers), and it is likely that TLS/SSL implementations (perhaps even including OpenSSL) support use of certificates with longer e-mail addresses. There is a separate upper bound (ub-emailaddress-length) of 128 bytes in RFC 3280, increased to 255 bytes in RFC 5280; this is actually for another, legacy embedding of e-mail addresses in X.509 certificates, but it would not be surprising if many implementations use that upper bound for rfc822Address e-mail IA5Strings as well.
While OpenSSL could increase this limit in the future, there is no issue for this in the OpenSSL Request Tracker, and it seems unlikely to be changed.
Even if you don't use TLS/SSL, the maximum e-mail address length of 254 implies a maximum hostname FQDN length of 245 bytes for a traditional 8 byte username limit; or 221 bytes for a modern maximum username length limit of 32.
Taking the minimum of all these maximums and a 2012 median .com domain length of 11 (coincidentally the exact length of example.com), and you get a maximum first label hostname length of 19 bytes for a 40 byte e-mail address like [email protected].
If all your e-mail addresses are mapped to a top-level domain name with MX records and MTA address rewriting, assuming a more reasonable username/alias length limit of 16, you get a maximum domain name length of 23 bytes for a 40 byte e-mail address like [email protected].
Finally, non-ASCII hostnames require IDN (internationalized domain name) encoding for use with DNS; this involves an encoding with a 4 character xn-- prefix for each domain label with non-ASCII characters, and an expansion of 1-2 bytes for each non-ASCII character (in addition to the larger size resulting from UTF-8 encoding). If your hostname has non-ASCII characters, you need to reduce all of the above limits accordingly.
41
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
