Data Files

Root Cache Data (Hint File)

Besides your local information, the nameserver also needs to know where the nameservers for the root domain are. This information must be retrieved from the Internet host ftp.rs.internic.net.

Explaining DNS Database Files

This is a typical DNS zone.domain file for the domain maxx.net. (Its name would be zone.maxx.net. It will translate from a host name to its IP address.)

;
; Addresses for the local domain

maxx.net.    IN      SOA   nova.maxx.net. tyager.nova.maxx.net. (

                          9602171        ; Serial
                          36000          ; Refresh every 10 hours
                          3600           ; Retry after 1 hour
                          360000         ; Expire after 100 hours
                          36000          ; Minimum TTL is 10 hours )

;   Define name servers
;
maxx.net.    IN      NS     nova.maxx.net.
maxx.net.    IN      A      204.251.17.241

;   Define localhost
;
localhost    IN      A      127.0.0.1

;   Set up hosts
;
maxx        IN      A       204.251.17.241
            IN      MX   5  nova.maxx.net.

maxx.net.     IN    MX   5  nova.maxx.net.
;
;   All mail for net delivered to nova
;
;*          IN     MX   10  nova.maxx.net.
www         IN     CNAME    nova.maxx.net.
ftp         IN     CNAME    nova.maxx.net.
news        IN     CNAME    nova.maxx.net.
mail        IN     CNAME    nova.maxx.net.
ns          IN     CNAME    nova.maxx.net.
loghost     IN     CNAME    nova.maxx.net.
lucy        IN     A        204.251.17.242
linux       IN     CNAME    lucy.maxx.net.
lucy        IN     MX   10  lucy.maxx.net.
messdos      IN     A        204.251.17.243
messdos      IN     MX   10  messdos.maxx.net.
pentium      IN     CNAME    messdos.maxx.net.
solaris      IN     A        204.251.17.244
solaris      IN     MX   10  solaris.maxx.net.
maxx4        IN     CNAME    solaris.maxx.net.
maxx5        IN     A        204.251.17.245
maxx5        IN     MX   10  maxx5.maxx.net.
maxx6        IN     A        204.251.17.246
maxx6        IN     MX   10  maxx6.maxx.net.

Most database file entries are known as DNS resource records. Generally, the resource records are shown in order: SOA, NS, followed by the other types, but this ordering isn't required. The data in each entry may be entered in upper, lower, or mixed case. All entries in the database file must start at the beginning of the line. Blank lines as well as any text following a semicolon is ignored.

SOA stands for Start of Authority. This acronym notifies named that operational parameters follow. The most important one is the Serial field. Every time you make a change to a database file, you must increment its serial number. Only by doing this will secondary servers know they need to reach into your system and pull out new name server data, a procedure known as a "zone transfer." Many DNS administrators use a date-time stamp for this field, like 9602171 for the first version on February 17, 1996.

First, focus on the SOA section:

maxx.net. IN SOA nova.maxx.net. tyager.maxx.maxx.net. 

The "maxx.net." field tells named the domain defined by this file. The name server will automatically append it to any host name that appears in the file. The trailing dot is not a type; it keeps named from trying to tack on your domain name. Without it, the resolver would be confused by named's expansion of my domain name to "maxx.net.maxx.net."

The IN stands for the "Internet" class of data. Even though other classes exist, they aren't in common usage. The "nova.maxx.net" field is the host on which these database files reside. Finally, "tyager.nova.maxx.net" represents the e-mail address of the DNS administrator, where the first dot (between tyager and nova) would be replaced by the @ symbol to create a valid address. (The @ symbol can't be used here because it has a reserved meaning in DNS database files.)The open parenthesis at the end of the line allows you to split the SOA record across physical lines for readability:

           9602171          ; Serial

           36000            ; Refresh every 10 hours
           3600             ; Retry after 1 hour
           360000           ; Expire after 100 hours
           36000            ; Minimum TTL is 10 hours )

The "serial" field was discussed earlier.

The remaining four fields specify various time intervals (all values in seconds) used by the secondary name server:

There are several types of resource records, identified by the key word in field three of each record. You may present records in any order, but try to organize them for clarity. The NS (name server) record tells the hosts that query your server where the name servers for this domain can be found:

maxx.net.     IN     NS     nova.maxx.net.

You must include in this list at least one name server, that is the name of the server specified in the SOA record. You can list multiple name servers for your domain. In fact, your domain should have at least two name servers. Your Internet service provider will probably allow you to use their name server as a secondary for your domain, but it must have the trailing dots!

maxx.net     IN     A     204.251.17.241

The first A record, which resolves a fully-qualified host name to an IP address, is a special one. It defines an IP address for unqualified queries, that is, queries for the host maxx.net.

Other A records like this one:

lucy         IN     A      204.251.17.242

provide name-to-address mapping for a specific named host. The domain defined in this file (maxx.net) is appended to the host name you show in the first field.

The CNAME records create aliases for existing hosts. These examples illustrate a few common uses:

www     IN     CNAME     maxx.maxx.net.
ftp IN CNAME maxx.maxx.net.

You can give a host any alias you like, and as many aliases as you want. The host needn't answer to that name, that is, the alias doesn't need to be the host's true name as reported by hostname or uname.

The other vital type of record is MX. This tells SMTP e-mail software where to send mail for each named host:

lucy     IN     MX   10  lucy.maxx.net.

When a remote host's mail delivery program sees an e-mail address in your domain, it will query your name server for its applicable MX record or records. Every user on your LAN can receive e-mail, even if not every host is running its own e-mail software. The MX record for lucy, for instance, could easily redirect e-mail to another host on the LAN.

The number (10 in this case) in the fourth field represents a preference value. If you define multiple MX records for a host, delivery is attempted to lower-preference value hosts first. The actual value isn't important, only its relationship to other preference values.

On larger LANs it's a good idea to create backup e-mail servers. Smaller LANs can simply rely on the fact that most SMTP mailers will retry deliveries to the site for three days before returning a message to its sender.

The line, shown commented out here, would arrange to redirect e-mail for all hosts in this domain to a single machine:

;
; All mail for net delivered to nova
;
;*     IN     MX   10  nova.maxx.net.

This is a very good idea for LANs that benefit from a central e-mail repository.

Address-to-Name Mapping

Also called reverse mapping, the zone.ADDR db file allows resolvers to post queries armed with only the IP address of a host. This reverse mapping is used, for example, by Internet server software that prefers to log host names rather than less informative IP addresses.

Address-to-name mapping data will be provided for a DNS server by PTR entries in its zone.ADDR files, one for every network served by this DNS server, and its zone.LOCAL file.

Each entry will indicate the IP address in reverse order, then the host name. For example, for host littledog.maxx.net, whose IP address is 204.251.17.249, in the zone.ADDR file it's PTR entry would look like:

249.17.251.204. IN PTR littledog.maxx.net.

Why is it backwards? Recall that DNS does its parsing from right to left, from most inclusive to most specific. For IP addresses, it needs to parse in the same direction. But IP addresses, from right to left, go from most specific to most inclusive. So the simple answer is to reverse the IP address in the NDS PTR records. Now DNS can parse in the same direction, and resolve in the same order — from most inclusive to most specific.

A shortcut in PTR records is often used. It looks like this:

249 IN PTR littledog.maxx.net.

If the dot is left off the IP address in the PTR record, DNS will complete the IP address with the IP address of the domain, specified in the file's SOA record. This is also true for A records in name-to-address mapping db files. If the dot is left off, DNS will automatically try to complete the name with the full domain name in this zone. Paying attention to the terminating dot is important.

For the zone.LOCAL file we describe the loopback address just as you would expect it, now that we know we have to reverse it. The PTR entry in the zone.LOCAL file would look like:

1.0.0.127. IN PTR localhost.

or, using the shortcut:

1 IN PTR localhost.

Only one line from named.conf remains to be discussed, the "cache" entry. This is a bit of a misnomer as it doesn't have anything to do with local caching. Instead, it defines the master root domain name servers for the Internet. You can retrieve this list from ftp://nic.ddn.mil/netinfo/root-servers.txt. You will need to check this site periodically to ensure you have the latest list.

This file lists the root domain servers in human-readable format. You'll need to reformat it for consumption by named. Here's what the cache file looks like:

; Servers from the root domain ; ftp://nic.ddn.mil/netinfo/root-servers.txt ; . 99999999 IN NS A.ROOT-SERVERS.NET . 99999999 IN NS B.ROOT-SERVERS.NET . 99999999 IN NS C.ROOT-SERVERS.NET . 99999999 IN NS D.ROOT-SERVERS.NET . 99999999 IN NS E.ROOT-SERVERS.NET . 99999999 IN NS F.ROOT-SERVERS.NET . 99999999 IN NS G.ROOT-SERVERS.NET . 99999999 IN NS H.ROOT-SERVERS.NET . 99999999 IN NS I.ROOT-SERVERS.NET

; Root servers by address

A.ROOT-SERVERS.NET 99999999 IN A 198.41.0.4 B.ROOT-SERVERS.NET 99999999 IN A 128.9.0.107 C.ROOT-SERVERS.NET 99999999 IN A 192.33.4.12 D.ROOT-SERVERS.NET 99999999 IN A 128.8.10.90 E.ROOT-SERVERS.NET 99999999 IN A 192.203.230.10 F.ROOT-SERVERS.NET 99999999 IN A 192.5.5.241 G.ROOT-SERVERS.NET 99999999 IN A 192.112.36.4 H.ROOT-SERVERS.NET 99999999 IN A 128.63.2.53 I.ROOT-SERVERS.NET 99999999 IN A 192.36.148.17

Here, the dot (.) refers to the root domain and the 99999999 means a very long time-to-live value. The TTL value is no longer used for caching because the data isn't discarded if it times out, but administrators generally keep it around because it does no harm.

Your site may not have access to the Internet or may have protected its connection via a firewall. Often in this type of DNS configuration, one or more machines will be designated as a root server. In this case, the cache file will contain a list of internal root servers, and not the official Internet master root domain servers.

Testing Your Name Server

Perform simple checks on your name server's health with nslookup. This utility is standard with every TCP/IP-network-aware version of UNIX. There are other similar tools available — see "List of Utilities" later in this section for details.

You can find the source code for dig at several anonymous FTP archive sites, including: ftp://ftp.wonderland.org/NetBSD/NetBSD-current/src/usr.sbin/named/dig/ for the NetBSD release. Use Archie to find other sites.

The nslookup utility can be used interactively, much like other programs, such as ftp. That is, if you invoke this program without command line arguments, it displays a prompt and waits for your command:

>server mpe3000

Default Name Server: mpe3000.cup.hp.com Address: 15.13.199.80

By default, nslookup performs queries based on host names you submit; just enter a host name after the prompt:

> romeo Server: mpe3000.cup.hp.com Address: 15.13.199.80

Name: romeo.cup.hp.com Address: 15.13.194.242

> 15.12.194.242 Server: mpe3000.cup.hp.com Address: 15.13.199.80

Name: romeo.cup.hp.com Address: 15.12.194.242

You can check the resource records information about name server:

> set type=ns > mpeworld Name Server: mpeworld.cup.hp.com Address: 15.13.199.80

origin = dns.cup.hp.com mail addr = dns-admin.dns.cup.hp.com serial = 96092255 refresh = 10800 (3 hours) retry = 3600 (1 hour) expire = 604800 (7 days) minimum ttl = 86400 (1 day)