Zone Files

BIND use zone files to configure its domain records. DNS logically defines its namespace in terms of domains, while a zone file is a physical storage of this information. A zone file may contain one or more domains.

The following is an example of a zone file for the example.com domain:

$ORIGIN example.com.
$TTL 300
@                       IN      SOA     ns.example.com. admin.example.com. (
                                        2020121400   ; Serial
                                        600         ; Refresh
                                        1800         ; Retry
                                        604800       ; Expire
                                        300          ; TTL
                                        )

                        IN      NS      ns.example.com.
ns                      IN      A       192.168.16.1
master                  IN      A       192.168.16.1
ntp                             CNAME   master

Each zone file consists of directives that start with $ and records. Anything after a semi-colon ; is considered a comment.

Directives

Examples of directives are $ORIGIN and $TTL.

$ORIGIN example.com.
$TTL 300
$ORIGIN

Designates the start of this zone file in the namespace. Any defined name that is isn’t fully qualified (ends with a dot .) appends this to its domain name. BIND sets the initial value of ORIGIN when importing the zone file.

If ORIGIN is set to example.com., any name becomes name.example.com.

E.g., ntp becomes ntp.example.com.

$TTL (Time To Live):

Defines the default expiration time of records in seconds

Records

DNS records can be written in one of two ways:

Syntax A

[name] [TTL-value] [record-class] record-type record-data

Syntax B

[name] [record-class] [TTL-value] record-type record-data

Both ways are valid. Both the name and TTL are optional. If name or record-class is omitted, the record inherits the value of the previous record. A special value for name is @, which stands for the current ORIGIN.

The record class defines the namespace for the record, the most commonly used class is IN which stands for Internet.

If TTL-value is omitted, it is set to the default TTL value if defined by $TTL or the previous record value.

Start of Authority (SOA)

Every zone must have an SOA entry. It contains the name of the zone, the primary nameserver name, the e-mail address of the responsible party managing the domain and several timing parameters. Note that the email address does not contain an @, but a . instead.

domain-name.  record-class SOA   primary-nameserver admin.email.address ( serial-number time-to-refresh time-to-retry time-to-expire minimum-ttl )

Example:

@ IN  SOA  ns.example.com admin.example.com (
                   2018102904   ; Serial
                    600         ; Refresh
                    800         ; Retry
                   604800       ; Expire
                   300          ; TTL
)

Name Server (NS)

Defines the nameservers for a domain.

; primary nameserver ns.example.com
@    IN  NS     ns
; secondary nameserver ns.somwhere.net
@    IN  NS     ns.somewhere.net.

Address (A)

Returns the IPv4 address for a given name

; this defines www.example.com
www     IN  A     192.168.1.1
; this defines master.example.com
master  IN  A     192.168.1.2

Canonical Name (CNAME)

Alias one name to another

; ntp.example.com -> master.example.com
ntp    IN  CNAME master

Pointer (PTR)

Record points to a canonical name, used for reverse DNS lookup

; fully qualified example
1.16.168.192.in-addr.arpa.    IN  PTR  master.hpc.;

; if ORIGIN is 16.168.192.in-addr.arpa. this is equivalent
1    IN  PTR  master.hpc.