Understanding DNS Zone…

zone "example.com" in {
type master;
file "/etc/bind/zones/master.example.com";
allow-transfer { key dns-server.example.com; };
allow-query { any; };
also-notify { 172.16.200.23; 172.16.202.23; };
notify yes;
};

Let’s understand each line and its meaning in the above shown zone clause inside our bind installation.

zone "example.com": is the opening of the zone clause and it specifies the zone for which this configuration is applicable.
type master: this statement is used to specify that this server is going to be the master server for the zone example.com, and will be authoritatively modifying the zone content.
file "/etc/bind/zones/master.example.com": This statement denotes the file on our DNS server which contains the zone file and its records(we will see that file in some time).
allow-transfer {key dns-server.example.com}: This line is the most important line that is part of the security feature in bind for secure zone transfer. This line says that zone trasfer is allowed only to servers that have this key named dns-server.example.com. Please note the fact that the name of this key must be same on the slave servers as well.
allow-query {any;}: This line specifies that this zone can be queried by any ip address.
also-notify {172.16.200.23; 172.16.202.23; }: This line says that the bind server should notify these servers whenever a zone modification happens. If you see the statement, it is also-notify, means bind is will already be informing some servers about its zone modification, along with that include these servers as well(i will exaplain this a little later while making the zone file for example.com).
notify yes; is an option used to convey bind to notify slaves about the zone modification.

;zone file for domain example.com
$TTL 300 ; zone default of 5 minutes
$ORIGIN example.com.
@ IN SOA ns1.example.com. admin.example.com. (
2013100702 ; serial number
2h ; refresh
15m ; update retry
5w ; retry
2h ; <minimum></minimum>
)
IN MX 10 mail.example.com.
IN NS ns1.example.com.
IN NS ns2.example.com.
ns1 IN A 172.16.202.55
ns2 IN A 172.16.203.85
www IN A 172.16.200.18
apps IN A 172.16.200.19
ftp IN A 172.16.200.22

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s