Zone File
A DNS zone file is a text-based database file that contains all the DNS records for a particular domain or zone. It defines the mapping between domain names and IP addresses, mail servers, and other resources. Zone files are stored on authoritative nameservers and follow a standardized format specified in RFC 1035. Each zone file must begin with a Start of Authority (SOA) record and can contain various other record types like A, AAAA, CNAME, MX, and TXT records.
How it works
A zone file is the authoritative source of information for a DNS zone - a portion of the DNS namespace that a particular nameserver is responsible for. Zone files are plain text and human-readable, making them easy to edit and manage. They contain directives (like $ORIGIN and $TTL) and resource records that define how domain names within the zone should be resolved.
Zone files follow a specific structure and format:
**File Structure:**
1. **Directives** (optional but common):
-
$ORIGIN: Defines the base domain name for the zone (e.g., $ORIGIN example.com.)
- $TTL: Sets a default TTL for all records in the file (e.g., $TTL 86400)
2. **SOA Record** (required, must be first):
Every zone file must start with exactly one SOA (Start of Authority) record containing administrative information about the zone
3. **NS Records** (required):
Specifies the authoritative nameservers for the zone
4. **Other Resource Records**:
A, AAAA, CNAME, MX, TXT, and other record types that define the zone's configuration
**Record Format:**
Each record follows this sequence:
hostname TTL class type data
The @ symbol is a special shorthand representing the zone's origin (root domain). For example, in a zone file for example.com, @ represents example.com.
**Zone Transfers:**
Zone files are transferred from primary (master) nameservers to secondary (slave) nameservers to provide redundancy. The SOA record's serial number tracks zone versions - when it changes, secondary servers know to request a fresh copy of the zone file. This process is called a zone transfer.Key Points
- Zone files are text files containing all DNS records for a domain or zone
- Must begin with an SOA record, followed by NS records, then other record types
- The
@symbol represents the zone origin (root domain) - Directives like
$ORIGINand$TTLset defaults for the entire zone - Zone files are transferred between primary and secondary nameservers based on SOA serial numbers
Common Use Cases
- Authoritative DNS Configuration: Defining all DNS records for a domain on authoritative nameservers, serving as the source of truth for domain name resolution
- Zone Transfer and Replication: Synchronizing DNS data from primary nameservers to secondary nameservers for redundancy and load distribution
- DNS Migration and Backup: Exporting zone files from one DNS provider and importing to another, or creating backups of DNS configurations
- Bulk DNS Management: Efficiently managing hundreds or thousands of DNS records by editing a single text file instead of using web interfaces
code Example Zone File Structure
| Type | Host / Name | Value / Points to | TTL |
|---|---|---|---|
| Directive | $ORIGIN | example.com. | — |
| Directive | $TTL | 86400 | — |
| SOA | @ | ns1.example.com. admin.example.com. 2025121301 86400 7200 3600000 172800 | — |
| NS | @ | ns1.example.com. | — |
| NS | @ | ns2.example.com. | — |
| A | @ | 192.0.2.1 | — |
| A | www | 192.0.2.1 | — |
| MX | @ | 10 mail.example.com. | — |
* A typical zone file starts with directives and SOA record, followed by NS records and other resource records.
Frequently Asked Questions
What is the difference between a zone and a domain?expand_more
A domain is a name in the DNS hierarchy (like example.com), while a zone is an administrative space containing DNS records. A zone can cover a single domain, or a domain plus subdomains, or even multiple domains. For example, you might have a zone file for example.com that includes records for both example.com and subdomain.example.com, or you could delegate subdomain.example.com to its own separate zone with its own zone file.
Do I need to manually edit zone files?expand_more
Most users don't need to manually edit zone files. DNS management interfaces (web control panels, APIs) handle zone file updates automatically when you add or modify records. However, understanding zone file format is useful for: bulk DNS operations, migrating between DNS providers, troubleshooting DNS issues, or managing your own authoritative nameserver. If you run DNS server software like BIND, you'll work directly with zone files.
Why must the SOA record be first in the zone file?expand_more
The SOA record must be the first record because it defines fundamental parameters for the entire zone, including the primary nameserver, administrator contact, and timing parameters for zone transfers. Secondary nameservers check the SOA record first during zone transfers to compare serial numbers and determine if they need to update their copy of the zone. Having it first is a requirement specified in DNS standards (RFC 1035).
What happens if I forget to increment the SOA serial number?expand_more
If you modify DNS records in a zone file but don't increment the SOA serial number, secondary nameservers won't detect the change during their refresh checks. They'll continue serving outdated data from their cached zone file. This can cause inconsistencies where the primary server has current data but secondaries have stale data. Always increment the serial number (even by just 1) whenever you make any change to the zone file.
Can I see my domain's zone file?expand_more
You can't directly download the exact zone file from most managed DNS services, but you can view individual records through DNS lookup tools or your provider's control panel. To get a complete view, use DNS query tools like
dig AXFR example.com (if zone transfers are allowed, which they usually aren't for security reasons) or export functions provided by your DNS hosting service. Some providers let you export zone files in standard format for backup or migration purposes.