A zone file describes or translates a domain name into the hosts, characteristics and services provided in the way that is recognisable to DNS software. If zone file is badly configured it is possible that your domain won't be available, mail for your domain won't be delivered, etc...
If badly configured, zone files can be cached on other DNS systems for hours, day, even weeks with faulty configuration and that represents great problem. In zone files we can do (what we call forward mapping) conversion of hostname to IPv4 or IPv6 address or we can do conversion of IPv4 or IPv6 to hostnames (reverse mapping).
- Comments: All comments start with ; and finish at end of line
- Directives: All directives start with $ sign and are used to control processing those files
- Resource Records: RRs are used to define characteristics, properties and entities contained within domain.
- Field Separators: The separators between fields in RRs can be spaces or tabs.
Example zone file:
;; Our localhost zone file;$TTL 604800@ IN SOA localhost. root.localhost. ( 2 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL;@ IN NS localhost.@ IN A 127.0.0.1@ IN AAAA ::1
This is very very simple zone file. As you can see this is the zone file for localhost. Now we are going to explain parts of zone file.
As you can see it is good practice to start file with comment and put some notes in it, this can be very useful if you have several domains and subdomains. The $TTL directive defines default Time To Live value in seconds for zone. This means how long this zone will be preserved in cache of other DNS servers. This directive is mandatory.
A Start of Authority (SOA) RR must always be first in zone file, there are few parameters of great importance for zone. This RR is mandatory. The first line of SOA RR has this syntax:
domain (TTL) class RR nameserver email_of_admin
@ IN SOA localhost. root.localhost. - domain - The 'root name' of the zone. Most commonly written as @ or Origin Value.
- TTL - Standard TTL values apply (range 0 to 2147483647 clarified by RFC 2181). The slave (Secondary) DNS does not use the the TTL value. This parameter is optional and is omitted in most cases, because of use $TTL global directive.
- class - Defines the class of record and normally takes the value IN = Internet (Defaulted in not present). It may also take the value HS = Hesiod and CH = Chaos both historic MIT protocols.
- RR - come on, we talked about that in previous parts of tutorial.
- nameserver - Any name server that will respond authoritatively for the domain. NOTE: If you are typing hostnames in zone files tthey must be FQDN and the trailing dot (.) is must.
- email_of_admin - e-mail of responsible person or a contact for domain. The first dot (.) in address is read as @.
In other part of SOA there are few more values serial number, refresh, retry, expire and negative cache ttl.
- serial - When anything is changed in zone file this number must be updated. Why? On base of that number slave servers know that something has changed so they request zone transfer after some time. Convention for this number is yyyymmddxx. Where yyyy is current year, mm is month, dd is day and xx number of times the file was changed during the day.
- refresh - Indicates the time when the slave will try to refresh the zone from the master (by reading the master DNS SOA RR). Recommended values are from 1200 if the data is volatile or 43200 if it's not.
- retry - Defines the time between retries if the slave (secondary) fails to contact the master when refresh (above) has expired. Typical values would be 180 (3 minutes) to 900 (15 minutes) or higher.
- expire - Indicates when the zone data is no longer authoritative. Used by Slave or (Secondary) servers only.
- negative cache ttl - sets the maximum time for which the server will cache negative (NXDOMAIN) answers
In rest of the file come RRs for various purposes. We will take a closer look at them in next part of tutorial when we'll configure real example of zone.
No comments:
Post a Comment