Anatomy of a DNS zone file

Example of a DNS zone file: automationserver.com

$TTL indicates a DNS node tree and the starting point of a DNS zone file and default expiration time of all resource records without their own TTL value which is 1 week in this case.

SOA record – The Start of Authority record is a required option for each zone.

– contains the name of the zone ,

– email address of the entity responsible for administering the domain’s zone file (not used here),

– current serial number of the zone,

– primary nameserver of the zone with various other timing elements.

Typical format of an SOA record:

Primary Name Server: name server containing the original zone file

Hostmaster Email: address of the entity responsible for the zone (a period is used in place of “@” symbol)

Serial Number:  Unsigned 32 bit value in range 1 to 4294967295 with a maximum increment of 2147483647. Zone file version number, keeps increasing once updates are made.

Minimum TTL: negative response caching time by the NS.


(Entries below only applies to: Zones using secondary DNS)

Time to Refresh: it tells how long (in seconds) a NS should wait prior to checking for a S.No. increase within primary zone file.

Time to Retry: waiting prior to retrying to update a zone after failed attempt.

Time to Expire: Indicates when the zone data is no longer authoritative. Once the NS considers data from a secondary zone invalid and stop answering queries, it is said to be the time when it waits for expiration.

Record within a Zone file:

Format: host label ttl record class record type record data
Example: automationserver.com. 86400 IN A 20.1.1.1

Host Label: defines the hostname of a record

         TTL: amount of time for which an outside DNS server will cache the DNS record.

Record Class: Mainly 3 classes of DNS records exist:

IN (Internet)–default and generally what internet uses

CH (Chaosnet)– used for querying DNS server versions

HS(Hesiod)– uses DNS functionality to provide access to databases of information that change infrequently

Record Type: record format is defined using this field

Type Description Function
A Address record Returns a 32-bit IPv4 address, most commonly used to map hostnames to an IP address of the host.
AAAA IPv6 address record Returns a 128-bit IPv6 address, most commonly used to map hostnames to an IP address of the host.
CNAME Canonical name record Alias of one name to another: the DNS lookup will continue by retrying the lookup with the new name.
MX Mail exchange record Maps a domain name to a list of message transfer agents for that domain
NS Name server record Delegates a DNS zone to use the given authoritative name servers
TXT Text record Originally for arbitrary human-readable text in a DNS record. Since the early 1990s, however, this record more often carries machine-readable data,  opportunistic encryption, Sender Policy Framework, DKIM, DMARC, DNS-SD, etc.

Record Data: IP address this record points to