15 Dec 08 A BIND9 zonefile and commentary

I’m often asked for a copy of various zone files for Bind, that other users may use as a template. Here’s the zonefile for www.adamsinfo.com:

I’ll now cover each type of record briefly, and explain the ellusive decimal point.

The SOA or “start of authority” record indicates the domain name “adamsinfo.com” and the email address of the domain administrator “root@adamsinfo.com”, replacing the at symbol with a decimal point (this decimal point does not have the same meaning as those later on). There is only one SOA record allowed per domain. Contained within the SOA record is also a serial number, refresh, retry, expiry and TTL. The serial number is the ‘version’ of the zone. This is generally incremented each time the zone is updated. The refresh is used by the slave or secondary DNS server as an instruction on how often to update in seconds. The ‘retry’ is the length in seconds that the slave DNS server should wait before retrying to contact an unreachable primary DNS server. The expiry specifies how long until the slave DNS server stops responding to requests for this domain name, should the primary DNS server remain unreachable. If the primary DNS server becomes available again, the timer is reset. Lastly, the Negative TTL or ‘time to live’ value indicates how long the server will cache a NAME ERROR (NXDOMAIN) record. The longest permitted is 3h (10800 seconds).

On to the more simple records…

NS records indicate the nameservers for the domain. These should match the whois output for the same domain.

MX records or mail-exchanger records indicate the mail servers responsible for the domain. 10, 100 and 1000 are the ‘priority’ and indicate which one is preferred. You can set up a ’round-robin’ or ‘equal split’ system by specifying two or more records of the same priority. 10 is a higher priority than 100 which is a higher priority than 1000. Specifying 1, 2 and 3 would also get the same job done however multiples of 10 seems to have become the standard.

An A record is simply an alias. As I have specified “IN A 217.10.156.197“, adamsinfo.com will resolve to 217.10.156.197. I could specify above this record “blah IN A 192.168.1.1” meaning that blah.adamsinfo.com will resolve to 192.168.1.1 and anything else unmatched will resolve to 217.10.156.197 per the record below.

The final CNAME record is a Canonical Name record. This is the ‘true’ name we are accessing. Should I have indicated: “test CNAME adamsinfo.com.” I would indicate that test.adamsinfo.com is actually adamsinfo.com. In this case, I have used the wildcard * meaning that anything.adamsinfo.com is actually adamsinfo.com which resolves to 217.10.156.197.

Now the decimal point. In it’s simplest form, should I not include the decimal point on any alphanumeric name, the domain name (.adamsinfo.com) will be appended to the end of the name. In my A record example above, “blah IN A 192.168.1.1” will actually become blah.adamsinfo.com which is what we want. Should I specify “blah.adamsinfo.com IN A 192.168.1.1“, the record will actually become blah.adamsinfo.com.adamsinfo.com. With this in mind, I can either specify “blah IN A 192.168.1.1” or alternatively “blah.adamsinfo.com. IN A 192.168.1.1” to get the same job done.

There are a number of other record types available, and Wikipedia has a great list: http://en.wikipedia.org/wiki/List_of_DNS_record_types

I’m not going to cover these, as there is plenty of information already out there, my bind zone above is just one of the most basic forms required to host a domain name.

Tags: a, adamsinfo.com, bind, bind9, cname, dns, mx, name error, ns, nxdomain, soa, ttl

Reader's Comments

1. Jonathan | 17 Feb 2009 6:25 pm

   What is the syntax to comment out a line? // # ??

2. Adam Palmer | 17 Feb 2009 7:39 pm

   Hi Jonathan

   In BIND configuration use the semicolon ‘;’ to comment out a line.

Leave a Comment

You must be logged in to post a comment.