DNS server, which is responsible for host names in its zone, must keep hosts’ data in database and give it for requests of other devices. DNS database is text file, which consists of RR records (resource records). These records describe computers and their functions in a domain zone. To start data exchange with remote DNS servers, the DNS server soft must be launched (it’s usually ‘named’ utility).
Zone files contain data about namespace and may contain directive and resource records. Directives point to domain name server on implementation of specific tasks and applying settings in this zone. Resource records determine parameters of zone and weight users against specific hosts. Resource records are obligatory in zone flies, but directives are not.
First of all, there should be defined a specific zone, what this server is responsible for, in DNS database. Next, all host computers in this zone should be also defined. A specific information about email and DNS servers may be also defined.
The record format was created so that DNS server could find from it any data what is needed for its work.
Start of Authority (SOA) indicates the launch of zone and is the first record in zone file. Each Zone has the only SOA record, which provides next opportunities.
Zones: Primary DNS Server (origin) Indicates a domain name of primary DNS server for a zone. It’s usually specified in the form of fully qualified domain name (with dot at the end). Here is the most reliable information about the domain. Each Zone may contain few NS accounts.
Mailbox of the Responsible Person (contact) Indicates the email of a person, who is responsible for Zone maintenance. A good practice is to specify an official email (hostmaster, root, admin...), but not a personal one. When a contact transforms to an address, the first dot is replaced by (@) sign.
Serial Number (serial) Is used to check changes into the zone by secondary DNS servers. If the number of Serial Number is higher than numbers of DNS servers, the zone auto transfer will be implemented. This number automatically increases, if any changes within a zone is applied. Rules can be various, but the number must increase any time the changes of the file zone are applied.
The best format is YYYYMMDDXX (year, month, day, current change number). This serial number is used during data transfer from primary to secondary servers.
Secondary server requests SOA record from primary server and compares the zone serial number kept on secondary server with the serial number on the primary server. If a number in primary server is larger (i.e. secondary server has outdated data), a secondary server requests a transfer of the full domain zone file. For example, 19990110001
Refresh Interval (refresh) It’s a time interval between requests of primary servers. It shows how often secondary servers check SOA serial number. During each ‘refresh’ a secondary server checks SOA serial number. The refresh number must reflect the real frequency of zone updating. For more stable zones the larger number may be established.
The recommended value is 8-24 hours (28800-86400) For example: 86400 ; refresh (1 day)
Retry Interval (retry) It’s a time interval when a secondary server have to send request again if a primary server doesn’t respond. Its value shouldn’t be too small. It shows how often DNS servers check changes if refresh doesn’t show anything.
The recommended value is an hour (3600) or two (7200)
For example: 7200 ; retry (2 hour)
Expire Interval (expire) It shows how much time a secondary server must keep data about a zone, if a primary server doesn’t respond. When the time is over, a secondary server notes that its answers are non-authoritative. Generally, this amount is big enough — 42 days (3600000).
For example: 1209600 ; expire (14 days)
Secondary servers will automatically delete a zone, if it has no updates during this time.
Minimum (default) TTL (minimum) This TTL used by default for new accounts created outside of zone. Its shows how much time a record may be kept in server cache, which requires domain data. After that data is not valid more and name-server will have to send a request to one of authoritative servers (primary or secondary).
Minimum TTL It has to be in compliance with average frequency of changes in a zone, but not more than 345600 (4 days).
TTL (time to live) It defines the time of data validity during requests caching (TTL value defines a length of a time period, which is used by other DNS server for checking the time of data caching for this record, after which this data would be marked as outdated). Is valued in seconds. If TTL is 86 400 seconds (24 hours), it means that if the DNS record is changed, DNS servers all over the world may issue outdated data from cache until it’s updated.
This value may reduce or increase unnecessary DNS traffic to authoritative name-server. If you change records, it’s better to set ‘minimum value’ less to lower the time of outdated data being in network. For stable zone the ‘minimum’ values should be within a few days.
TTL values to choose: 900 (15 m), 3600 (1 h), 10800 (3 h), 21600 (6 h), 43200 (12 h), 86400 (24 h), 259200 (72 h).
NS record (name server) points to a DNS server for a certain domain. NS record types describe authoritative DNS server for the domain.
The number of NS records in the zone file must exactly comply with the number of DNS servers, that serving the domain, and must include all DNS servers, that are specified in domain. NS record is used to identify the server which supports zone description.
A-record (address record) connects a host name with IP address. For example, A-record request of the Imena.ua name will show its IP address — 126.96.36.199.
AAAA record (IPv6 address record) connects a host name with IPv6 protocol address. For example, a request of AAAA record of K.ROOT-SERVERS.NET will show its IPv6 address — 2001:7fd::1
MX record type (Mail Exchange) defines a mail server — a machine what processes mail for a domain. Priority defines a priority value of mail server. The less number is, the higher priority of mail server is (0 is the highest priority, 65535 is the lowest). A mail server with higher priority is the primary one, servers with lesser priorities are secondary and will be engaged if servers with higher priorities are inaccessible or unworkable.
CNAME record (canonical name record) is used for redirecting to other name. CNAME records allows to give machines convenient or significant names. CNAME is convenient to use if you change a machine name, but want to keep an access for clients who remember the old name.
Features of this record:
- CNAME can’t be used for a domain itself (@)
- When using CNAME for a subdomain, it’s impossible to create records of other types for it (A, TXT, and others).
TXT resource records usually contain comments of some other text data. Usage: SPF tech (Sender Policy Framework) is one of the ways to identify the email sender and it gives additional opportunity to filter emails from spam. With the help of SPF all emails are divided on ‘permitted’ and ‘forbidden’ regarding a domain of sender or receiver.
This record type is used for searching servers which support work of different services at domain name. The format of SRV record is next: _Service._Proto.domain.tld. TTL_number IN SRV priority_number weight_number port_number host_name
Description of fields
Service: name of a service (example: ldap, kerberos, gc, etc.). Proto: protocol with the help of which users are able to connect with this service (example: tcp, udp) Name: the domain name, where this service is located TTL: defines ‘the lifetime’ for a certain record. It’s not obligatory parameter. If it is not specified, a ‘lifetime’ is defined by Default TTL parameter. SRV: a record type Priority: the server priority. The lower its number is, the higher priority is (0 means the highest priority, 65535 — the lowest). Weight: is relative weight for servers with equal priority. It’s needed for load distribution between servers with equal priorities (The frequency of user requests to servers with equal priorities must be proportional to server weight. If the weights of two servers are 5, than each of them will get 50% of requests (equal load)). Port: the port, where the service is located on this server. Target: a domain name of server, which provides this service.
PTR is transforming IP address to name (written by IP owner) IP addresses are transformed to host names by reverse domains. There is specific domain ‘in-addr.arpa’, and its records are used to transform IP addresses to symbolic names. PTR record format: IN-ADDR name [TTL] [ class ] PTR name
Attention! IP addresses translation to domain is administered by provider, and it’s the one that delegates (or not delegates) rights on reverse zone providing.