Zone file
Encyclopedia
A Domain Name System
(DNS) zone file is a text file that describes a DNS zone
. A DNS zone is a subset, often a single domain, of the hierarchical domain name structure of the DNS. The zone file contains mappings between domain name
s and IP address
es and other resources, organized in the form of text representations of resource records (RR). A zone file may be either a DNS master file, authoritatively describing a zone, or it may be used to list the contents of a DNS cache.
(BIND) software package, but has been widely adopted by other DNS server software. Few DNS servers use their own format for zone files (for example MaraDNS
), but even these support reading and writing zone files in BIND format, for example over a network using AXFR or IXFR methods.
A zone file is a sequence of entries for resource records. Each line is a text description that defines a single resource record (RR). The description consists of several fields separated by white space (blanks, or tabulation characters). The first field is the domain name, called the owner of the record, but if left blank, defaults to the owner of the previous record. The domain name is followed by the time to live field, the record class, the record type, and one or possibly several fields of type-specific data.
The time-to-live field specifies the time after which a domain name client must discard the record and perform a new resolution operation to obtain fresh information. The record class indicates the namespace of the record's information. The most commonly used namespace is that of the Internet, indicated by parameter IN, but others exist and are in use, e.g., CHAOS. The type of the resource record is a short mnemonic for the type of information stored in the record and determines the number of parameters needed. The type also provides the name of each record. For example, an address record, having mnemonic A for IPv4 and AAAA for IPv6, maps the domain name in the first field to an IP address
in the fourth field, and a mail exchanger record (type MX) specifies the Simple Mail Transfer Protocol
(SMTP) mail host for a domain.
Resource records may occur in any order in a zone file. For formatting convenience, resource records may span several lines by enclosing in parentheses a set of parameters that spans several lines, but belongs to the same record. The file may contain comment text by preceding such text with a semicolon, either at the beginning of a line, or after the last field on any line, or on a blank line. Comments end at the end of a line. The zone file may contain any number of blank lines with or without comments.
The zone file may also contain various directives that are marked with a keyword starting with the dollar sign character. The most notable is the $ORIGIN keyword, which specifies the starting point for the zone in the DNS hierarchy. If this keyword is omitted from a zone file, the origin is inferred by the server software from the reference to the zone file in its server configuration.
An example of a zone file is the following:
As a minimum, the zone file must specify the Start of Authority (SOA) record with the name of the authoritative master nameserver for the zone, the email address of someone responsible for management of the nameserver. Some DNS server software, such as BIND, also requires at least one additional name server record. The email address in the SOA RR has the @ symbol replaced by a period. In the zone file, host names that do not end in a period are relative to the zone origin. For example, in the example above, www refers to www.example.com, and example.com. is example.com, and not example.com.example.com. Names ending with a full stop (or point) are said to be fully qualified domain names.
A zone file is referenced by the configuration file of the nameserver software such as bind
, typically by a statement such as:
and for the set of top-level domain
s contain information only about the authoritative domain name servers for each domain name.
, but a customized zone master file may be used.
An example for manual configuration of the forward zone for localhost is the following:
The corresponding reverse zone definition is:
$TTL 3W
@ 3W IN SOA localhost. root.localhost. 1999010100 3h 15m 1w 1d
@ 3W IN NS localhost.
1 3W IN PTR localhost.
This file does not specify the origin so that it may be used for both IPv4 and IPv6 with this configuration:
Similar zone master files may be created for the reverse resolution of the broadcast address and the null address. Such zone files prevent a DNS server to refer to other possibly external DNS servers.
Domain name system
The Domain Name System is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities...
(DNS) zone file is a text file that describes a DNS zone
DNS zone
A DNS zone is a portion of the global Domain Name System namespace for which administrative responsibility has been delegated.-Definition:...
. A DNS zone is a subset, often a single domain, of the hierarchical domain name structure of the DNS. The zone file contains mappings between domain name
Domain name
A domain name is an identification string that defines a realm of administrative autonomy, authority, or control in the Internet. Domain names are formed by the rules and procedures of the Domain Name System ....
s and IP address
IP address
An Internet Protocol address is a numerical label assigned to each device participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing...
es and other resources, organized in the form of text representations of resource records (RR). A zone file may be either a DNS master file, authoritatively describing a zone, or it may be used to list the contents of a DNS cache.
File format
The format of a zone file is defined in RFC 1035 (section 5) and RFC 1034 (section 3.6.1). This format was originally used by the Berkeley Internet Name DomainBIND
BIND , or named , is the most widely used DNS software on the Internet.On Unix-like operating systems it is the de facto standard.Originally written by four graduate students at the Computer Systems Research Group at the University of California, Berkeley , the name originates as an acronym from...
(BIND) software package, but has been widely adopted by other DNS server software. Few DNS servers use their own format for zone files (for example MaraDNS
MaraDNS
MaraDNS is a security-aware Domain Name System implementation. Along with BIND, NSD, djbdns, and PowerDNS, it is one of a small number of DNS servers with published source code...
), but even these support reading and writing zone files in BIND format, for example over a network using AXFR or IXFR methods.
A zone file is a sequence of entries for resource records. Each line is a text description that defines a single resource record (RR). The description consists of several fields separated by white space (blanks, or tabulation characters). The first field is the domain name, called the owner of the record, but if left blank, defaults to the owner of the previous record. The domain name is followed by the time to live field, the record class, the record type, and one or possibly several fields of type-specific data.
The time-to-live field specifies the time after which a domain name client must discard the record and perform a new resolution operation to obtain fresh information. The record class indicates the namespace of the record's information. The most commonly used namespace is that of the Internet, indicated by parameter IN, but others exist and are in use, e.g., CHAOS. The type of the resource record is a short mnemonic for the type of information stored in the record and determines the number of parameters needed. The type also provides the name of each record. For example, an address record, having mnemonic A for IPv4 and AAAA for IPv6, maps the domain name in the first field to an IP address
IP address
An Internet Protocol address is a numerical label assigned to each device participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing...
in the fourth field, and a mail exchanger record (type MX) specifies the Simple Mail Transfer Protocol
Simple Mail Transfer Protocol
Simple Mail Transfer Protocol is an Internet standard for electronic mail transmission across Internet Protocol networks. SMTP was first defined by RFC 821 , and last updated by RFC 5321 which includes the extended SMTP additions, and is the protocol in widespread use today...
(SMTP) mail host for a domain.
Resource records may occur in any order in a zone file. For formatting convenience, resource records may span several lines by enclosing in parentheses a set of parameters that spans several lines, but belongs to the same record. The file may contain comment text by preceding such text with a semicolon, either at the beginning of a line, or after the last field on any line, or on a blank line. Comments end at the end of a line. The zone file may contain any number of blank lines with or without comments.
The zone file may also contain various directives that are marked with a keyword starting with the dollar sign character. The most notable is the $ORIGIN keyword, which specifies the starting point for the zone in the DNS hierarchy. If this keyword is omitted from a zone file, the origin is inferred by the server software from the reference to the zone file in its server configuration.
An example of a zone file is the following:
$ORIGIN example.com. ; designates the start of this zone file in the namespace
$TTL 1h ; default expiration time of all resource records without their own TTL value
example.com. IN SOA ns.example.com. username.example.com. (
2007120710 ; serial number of this zone file
1d ; slave refresh (1 day)
2h ; slave retry time in case of a problem (2 hours)
4w ; slave expiration time (4 weeks)
1h ; maximum caching time in case of failed lookups (1 hour)
)
example.com. NS ns ; ns.example.com is a nameserver for example.com
example.com. NS ns.somewhere.example. ; ns.somewhere.example is a backup nameserver for example.com
example.com. MX 10 mail.example.com. ; mail.example.com is the mailserver for example.com
@ MX 20 mail2.example.com. ; equivalent to above line, "@" represents zone origin
@ MX 50 mail3 ; equivalent to above line, but using a relative host name
example.com. A 192.0.2.1 ; IPv4 address for example.com
AAAA 2001:db8:10::1 ; IPv6 address for example.com
ns A 192.0.2.2 ; IPv4 address for ns.example.com
AAAA 2001:db8:10::2 ; IPv6 address for ns.example.com
www CNAME example.com. ; www.example.com is an alias for example.com
wwwtest CNAME www ; wwwtest.example.com is another alias for www.example.com
mail A 192.0.2.3 ; IPv4 address for mail.example.com,
; any MX record host must be an address record
; as explained in RFC 2181 (section 10.3)
mail2 A 192.0.2.4 ; IPv4 address for mail2.example.com
mail3 A 192.0.2.5 ; IPv4 address for mail3.example.com
As a minimum, the zone file must specify the Start of Authority (SOA) record with the name of the authoritative master nameserver for the zone, the email address of someone responsible for management of the nameserver. Some DNS server software, such as BIND, also requires at least one additional name server record. The email address in the SOA RR has the @ symbol replaced by a period. In the zone file, host names that do not end in a period are relative to the zone origin. For example, in the example above, www refers to www.example.com, and example.com. is example.com, and not example.com.example.com. Names ending with a full stop (or point) are said to be fully qualified domain names.
A zone file is referenced by the configuration file of the nameserver software such as bind
BIND
BIND , or named , is the most widely used DNS software on the Internet.On Unix-like operating systems it is the de facto standard.Originally written by four graduate students at the Computer Systems Research Group at the University of California, Berkeley , the name originates as an acronym from...
, typically by a statement such as:
zone "example.com" { type master; file "/var/named/db.example.com"; };
Root zone and top-level domains
The zone files for the DNS root zoneDNS root zone
A DNS root zone is the top-level DNS zone in a Domain Name System hierarchy. Most commonly it refers to the root zone of the largest global DNS, deployed for the Internet. Ultimate authority over the DNS root zone rests with the US Department of Commerce NTIA...
and for the set of top-level domain
Top-level domain
A top-level domain is one of the domains at the highest level in the hierarchical Domain Name System of the Internet. The top-level domain names are installed in the root zone of the name space. For all domains in lower levels, it is the last part of the domain name, that is, the last label of a...
s contain information only about the authoritative domain name servers for each domain name.
Localhost
Some server software automatically configures resource records for specially recognized domains or hostnames, such as localhostLocalhost
In computer networking, localhost is the standard hostname given to the address of the loopback network interface. The name is also a reserved top-level domain name In computer networking, localhost (meaning this computer) is the standard hostname given to the address of the loopback network...
, but a customized zone master file may be used.
An example for manual configuration of the forward zone for localhost is the following:
$ORIGIN localhost.
@ 1D IN SOA @ root 1999010100 3h 15m 1w 1d
@ 1D IN NS @
@ 1D IN A 127.0.0.1
@ 1D IN AAAA ::1
The corresponding reverse zone definition is:
- reverse zone file for 127.0.0.1 and
- :
- don't put $ORIGIN in her
$TTL 3W
@ 3W IN SOA localhost. root.localhost. 1999010100 3h 15m 1w 1d
@ 3W IN NS localhost.
1 3W IN PTR localhost.
This file does not specify the origin so that it may be used for both IPv4 and IPv6 with this configuration:
zone "0.0.127.in-addr.arpa" IN { type master; file "r.local"; };
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN { type master; file "r.local"; };
Similar zone master files may be created for the reverse resolution of the broadcast address and the null address. Such zone files prevent a DNS server to refer to other possibly external DNS servers.