A Domain Name System (DNS) zone file is a text file that describes a DNS zone. The BIND zone file is a file format that has been widely adopted by DNS server software. The format is defined in RFC 1035.
Example A Dyn Zone File
This an example of a zone file downloaded from Dyn’s DNS system.
$ORIGIN example.com. @ 3600 SOA ns1.p30.dynect.net. ( zone-admin.dyndns.com. ; address of responsible party 2016072701 ; serial number 3600 ; refresh period 600 ; retry period 604800 ; expire time 1800 ) ; minimum ttl 86400 NS ns1.p30.dynect.net. 86400 NS ns2.p30.dynect.net. 86400 NS ns3.p30.dynect.net. 86400 NS ns4.p30.dynect.net. 3600 MX 10 mail.example.com. 3600 MX 20 vpn.example.com. 3600 MX 30 mail.example.com. 60 A 204.13.248.106 3600 TXT "v=spf1 includespf.dynect.net ~all" mail 14400 A 204.13.248.106 vpn 60 A 216.146.45.240 webapp 60 A 216.146.46.10 webapp 60 A 216.146.46.11 www 43200 CNAME example.com.
NOTE: In the example zone file above, no record classes (IN, CH, HS) are displayed. Dyn’s DNS software only works with Internet (IN) class records and omits this information for efficiency purposes.
Anatomy Of A Zone File
$ORIGIN
indicates a DNS node tree and will typically start a DNS zone file. Any host labels below the origin will append the origin hostname to assemble a fully qualified hostname. Any host label within a record that uses a fully qualified domain terminating with an ending period will not append the origin hostname.
Example: With $ORIGIN example.com.
, any record where the host label field is not followed by a period, example.com.
will be appended to them.
The “@” symbol is a special label that indicates the $ORIGIN should replace the “@” symbol. This is typically used for the apex of a zone.
SOA Record – The $ORIGIN is followed by the zone’s Start Of Authority (SOA) record. A Start Of Authority record is required for each zone. It contains the name of the zone, the e-mail address of the party responsible for administering the domain’s zone file, the current serial number of the zone, the primary nameserver of the zone, and various timing elements (measured in seconds).
SOA Record Format
@ IN SOA {primary-name-server} {hostmaster-email} ( {serial-number} {time-to-refresh} {time-to-retry} {time-to-expire} {minimum-TTL} )
- Primary Name Server – The nameserver that contains the original zone file and not an AXFR transferred copy.
- Hostmaster Email – Address of the party responsible for the zone. A period “.” is used in place of an “@” symbol. For email addresses that contain a period, this will be escaped with a slash “/”.
- Serial Number – Version number of the zone. As you make changes to your zone file, the serial number will increase.
- Time To Refresh – How long in seconds a nameserver should wait prior to checking for a Serial Number increase within the primary zone file. An increased Serial Number means a transfer is needed to sync your records. Only applies to zones using secondary DNS.
- Time To Retry – How long in seconds a nameserver should wait prior to retrying to update a zone after a failed attempt. Only applies to zones using secondary DNS.
- Time To Expire – How long in seconds a nameserver should wait prior to considering data from a secondary zone invalid and stop answering queries for that zone. Only applies to zones using secondary DNS.
- Minimum TTL – How long in seconds that a nameserver or resolver should cache a negative response.
Anatomy Of A Record Within A Zone File
A zone file is a collection of resource records with each record entry described in the following sequence:
FORMAT: | host label | ttl | record class | record type | record data |
EXAMPLE: | example.com. | 60 | IN | A | 104.255.228.125 |
- Host Label – A host label helps to define the hostname of a record and whether the $ORIGIN hostname will be appended to the label. Fully qualified hostnames terminated by a period will not append the origin.
- TTL – TTL is the amount of time in seconds that a DNS record will be cached by an outside DNS server or resolver.
- Record Class – There are three classes of DNS records: IN (Internet), CH (Chaosnet), and HS (Hesiod). The IN class will be used for the Managed DNS service.
- Record Type – Where the format of a record is defined.
- Record Data – The data within a DNS answer, such as an IP address, hostname, or other information. Different record types will contain different types of record data.