Working with Zones
A zone is a description, or a definition, of a domain (or subdomain). The zone is what makes up the database full of records for a domain. Zone files are separate files located in /var/lib/named and are text files containing the data for the zone. BIND defines its zones in /etc/named.conf by specifying the location of these zone files. In this section you will see how a DNS zone is constructed and what information you can store for a specific zone.
20 Configuring a DNS Server
We use as an example of a zone (see Listing 20-2) and will go through the DNS records and explain their uses.
Listing 20-2: The Zone
to attach code 128 code set c and barcode 128 data, size, image with visual c# barcode sdk IN SOA ( 200407111 10800 3600 604800 38400 ) NS zen MX 10 mail MX 20 A CNAME A CNAME A zen zen
zen www mail sospan shuttle
The Start of Authority
At the start of the zone, you have the SOA record. The Start of Authority dictates that this zone is authoritative for the domain in question,
Note Notice that ends in a full stop (a period for our American cousins). This is extremely important in the zone file for any domain. As you saw in Figure 20-1, the top of the DNS tree is the root of the DNS tree. A full stop is the delimiter for the end of the DNS tree, following the domain all the way up the tree, the full domain name is (with the full stop). If a full stop is not found, as in the zen record listed at the end in the example, the SOA s domain will be appended to the host name in the record.
The SOA can be further analyzed to break down the record s uses.
The SOA server
After the definition of the domain you are managing, you need to define the server that is authoritative for the domain. It may seem bizarre, but you are referring to a name, not an IP address in this case because BIND is aware that it needs to find the IP address for the server from its zone file (it may sound like a vicious circle, but it does work). In Listing 20-2, for example, the SOA for is
The hostmaster
As with most things on the Internet, it is common practice to provide a technical contact for the service. In this case, it is the email address You will notice that there is no @ sign in the email address, but a full stop (period). The hostmaster for the zone is (
Part IV Implementing Network Services in SUSE Linux
If the email address of the hostmaster contains a full stop, you need to escape it. For example, if your email address is, the hostmaster entry is justin\
The SOA record
The brackets around the rest of the data dictate that everything else up to the closing bracket is part of the SOA record. All time settings are in seconds.
The serial number
The first entry is the serial number for the zone. This is one of the most important parts of the SOA because it must be changed any time you edit the zone file. It is the serial number that tells other DNS servers that are querying your DNS server that data has changed. If you do not change the serial number, your changes will not get propagated through the system. The general form of the serial number is the date, followed by an arbitrary number. For the 24th of July, you use 2004072401 (July 24, 2004). Notice that the date is in reverse, with the year (2004), month (07), and day (24), with an additional two digits able to represent multiple changes in one day.
The refresh rate
If you have a slave DNS server in your system (as a backup to your master), the refresh rate tells the slave server how often to check for updates to the zone. If you look back at Listing 20-2, you will see the refresh rate set to 10,800 seconds (3 hours).