Error free Zone Files are critical for the correct operation of your Bind Linux DNS server. Any mistake that is made while editing the primary master name servers zone file will be carried accross the slave name servers and can result in your DNS running lame or not working at all. The following guide will attempt to break it in to it's primary components.
TYPICAL ZONE FILE
@ IN SOA ns0.zoneguru.com. admin.example.com. ( 2009110101 ; Serial 28800 ; Refresh 14400 ; Retry 3600000 ; Expire 86400 ) ; Minimum ; ; IN NS ns0.zoneguru.com. IN NS ns1.zoneguru.com. ; ; IN MX 10 mail IN MX 20 mx2 ; ; localhost IN A 127.0.0.1 ; ; @ IN A 192.168.1.100 www IN A 192.168.1.100 mail IN A 192.168.1.101 pop IN CNAME mail smtp IN CNAME mail mx2 IN A 192.168.1.102 ns1 IN A 192.168.1.103 ns2 IN A 192.168.1.12
THE START OF AUTHORITY (SOA) RECORD
@ IN SOA ns0.zoneguru.com. admin.example.com. ( 2009110101 ; Serial 28800 ; Refresh 14400 ; Retry 3600000 ; Expire 86400 ) ; Minimum ;
Zone: The zone is the name of the zone, which would be in this instance example.com. You can use an @ symbol, which refers back to your named.conf for the name of the zone, or you can explicitly specify example.com. If you use the zone name explicitly you should put a full stop after the domain name or named will automatically add example.com after the domain name, making it example.com.example.com.
IN: IN is used throughout your zone file and simply states that the address belongs to the INternet class of addresses.
SOA: SOA specifies that the resource record is the Start of Authority and anything that follows is part of the SOA record.
Origin: The origin is the host name of the primary master name server for this zone, in this instance the primary master is ns1.example.com. Once again this record must have a full stop or the domain will automatically be appended. Alternately you can simply type ns1 with no full stop.
Admin Contact: This is the email address of the admin contact or person responsible for the domain. Note that the @ symbol usually found in email addresses is replaced by a dot. Once again this must have a dot at the end or the domain will be automatically appended.
Serial: The serial is the version number of the zone file. Every time the zone file is edited this serial number must be changed as well so that named knows that a change has taken place and will load the changes and initiate zone transfers to the slave servers. This serial is used by the slave servers to determine if the zone file has changed. Although the serial can start at 1 and progress from there it is considered best practice to incorporate the date and daily revision number instead. So a serial of 2009110101 can be broken down into 2009 as the year, 11 as the month, 01 as the day and 01 as the first change made on that day. In this example it would mean that the zone file was changed once on the 1st November 2009.
Refresh: Refresh is the amound of time in seconds that the slave name servers should wait before checking to see if the zone data has been changed.
Retry: When a secondary name server requests a refresh of a zone and the primary master name server does not respond for whatever reason, this is the amount of time in seconds that the slave will wait before attempting a refresh again.
Expire: This value determines how long a slave server should keep the zone information without the zone being sucessfully refreshed. After this specified period elapses the slave server will discard the zone data.
Minimum: The minimum value is the amound of time in seconds that a remote caching name server will hold resource records from this zone in its cache. This is most commonly referred to as TTL or Time-To-Live. If this value is too small it will increase DNS traffic on your name servers. If it is too large then there is the risk that the time that the remote caching name server will hold old data is high.
NAME SERVER RECORDS
The name server records appear next in our example zone file and they maintain DNS hierarchy by specifying the authoritative name servers for the zone. There should also be an A record for each of the name servers listed.
IN NS ns0.zoneguru.com. IN NS ns1.zoneguru.com.
The name server records can also be written as-
example.com. IN NS ns0.zoneguru.com. @ IN NS ns2.example.com.
MX records are an important part of DNS for domains that require email services as they specify the host name of the mail exchanger that handles mail for that particular domain. You can specify more than one mail server to handle mail for your domain and they are given a preference value or weight to determine the order that they are attempted. Usually the primary mail server is given the lowest numerical value, 10 in our example, and secondary mail servers are given a higher value. Mail servers are heavily reliant on DNS to determine where the email ends up so particular care should be paid to ensure your mail servers are weighted correctly in your DNS zone file. You may recall in some sections of this page we take great care to point out that there should be a dot after a host name to ensure that named does not automatically append the domain name to the host name. In the instance of our MX records in the first example below we have simply specified mail and mx2 as the mail exchangers. Named will automatically append example.com to the end of these hosts. There is an A record for each of these hosts at the end of the zone file.
IN MX 10 mail IN MX 20 mx2
MX records can also be written like-
example.com. IN MX 10 mail.example.com. @ IN MX 20 mx2
Defining host names within your DNS zone is one of the most important functions of your zone file. Generally host names and such are defined in the last section of the zone file. The most commonly used records to define hosts are A records (address records) and CNAME's (canonical names) and we can see examples of this in our example zone file.
localhost IN A 127.0.0.1 ; ; @ IN A 192.168.1.100 www IN A 192.168.1.100 mail IN A 192.168.1.101 pop IN CNAME mail smtp IN CNAME mail mx2 IN A 192.168.1.102 ns1 IN A 192.168.1.103 ns2 IN A 192.168.1.12
A records or Address records are used to convert host names into IP addresses and are usually the majority of the resource records contained in a zone file. The format for an A record is host IN A address, host being the name of the host associated with the address in the address field. The example A records below are for example.com's website allowing http://www.example.com to resolve to the web server that hosts the site. The record above the www host contains an @ symbol, instead of a host name. If you recall, when named sees an @ it automatically substitutes the zone name, in this instance example.com. This allows visitors to the example.com web site to simply type in http://example.com to get there.
@ IN A 192.168.1.102 www IN A 192.168.1.102
CNAME or canonical name records allow you to give an alias to hosts that already have a name and can be very convenient for users as well as administrators. The format is alias IN CNAME host, where the alias is the alternate name for the host. In our example below we can see that the mail server for example.com is mail.example.com and it has an A record pointing to the IP address 192.168.1.101. It has two CNAME's, pop and smtp, that are aliases for mail.example.com, which may have been provided for end user convenience. If the zone is edited and the IP address of mail is changed there is the additional convenience of only having to edit the mail IP address as the CNAME's will of course follow the A record.
pop IN CNAME mail smtp IN CNAME mail