System Administration: Another Step toward the BIND - IV
In this session we're going to look at a zone file listed in our named.conf file.
So let's look at pri.example.org. Notice the a CNAME and SPF files. We didn't list those in our file types in part III, but we'll demonstrate what they do in the next session.
Here's our zone file:
@ IN SOA server1.example.org. root.localhost. ( 2006012103; serial 28800; refresh, seconds 7200; retry, seconds 604800; expire, seconds 86400 ); minimum, seconds ; NS server1.example.org.; NS server2.example.org. ; ; MX 10 server1.example.org. ; example.org. A 188.8.131.52 www A 184.108.40.206 server1 A 220.127.116.11 server2 A 18.104.22.168 ftp CNAME www example.org. TXT "v=spf1 a mx ~all" server1.example.org. TXT "v=spf1 a -all"
The first line in our zone file looks like this:
@ IN SOA server1.example.org. root.localhost. (
The "@" sign in the line refers to the "origin" for this zone file which is server1.example.org. DNS uses this as simply a label to designate the Start Of Authority (SOA) record that appears at the beginning of any zone file defining a domain. Don't make too much out of this. If you read much about DNS, then you will see people using this strange term "current origin". Few people explain what that means. It's just another bit of jargon.
The next item on the line "IN" stands for Internet. People call this a class field. Three classes exist including "HS" for Hesiod servers and "CH" which stands for Chaosnet servers.
You will only see Internet servers, but if you sweat the small stuff then you might want to know that HS and CH protocols barely exist. These are old typologies dating back to the 1970s. If you ever use them, it might be in a laboratory in a far off corner with some lab rats.
IETF RFC 1035, Domain Names - Implementation and Specification says:
The SOA record stores information about the name of the server that supplied the data for the zone; the administrator of the zone; the current version of the data file [serial number]; the number of seconds a secondary name server should wait before checking for updates; the number of seconds a secondary name server should wait before retrying a failed zone transfer; the maximum number of seconds that a secondary name server can use data before it must either be refreshed or expire; and a default number of seconds for the time-to-live file on resource records.
What's next? The mailing address of the administrator in this file is root@localhost. Obviously, my mail server delivers local mail so messages related to this process will go to root's mailbox.
In case you missed it, the first line is only part of the SOA record. It has additional fields. Notice the "(" at the end of the line. Here's the rest of the record. Remember these exist for the benefit of the slave server.
2006012103; serial 28800; refresh, seconds 7200; retry, seconds 604800; expire, seconds 86400 ); minimum, seconds
The serial number is the only field in the record that does not refer to seconds.
The remaining fields use seconds to denote their values. For example, the number of seconds a secondary name server should wait before checking for updates is in the refresh record. 28800 seconds is 480 minutes or 8 hours.
Also notice that the SOA record ends at the end of the Minimum-Time to Live (TTL). You can see the ")" symbol which closes the record values.
Next we write our NS records. This record specifies the name servers that are responsible for our domain. You can list as many as you want even though two are used by convention.
NS server1.example.org.; NS server2.example.org. ;
Please note: the semicolon (';') does not mark the end of a line; instead it marks the beginning of a comment in a zone file. You can write
NS server1.example.org.; This is my primary name server.
However, if you do not have any comments, you can as well write:
In the next session, we'll analyze the remainder of the zone file. For now, you might want to take a bit of a breather.
- Linux Journal October 2016
- The Tiny Internet Project, Part I
- SUSECON 2016: Where Technology Reigns Supreme
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- Free Today: September Issue of Linux Journal (Retail value: $5.99)
- Bitcoin on Amazon! Sort of...
- Android Browser Security--What You Haven't Been Told
- Epiq Solutions' Sidekiq M.2
- Securing the Programmer
Pick up any e-commerce web or mobile app today, and you’ll be holding a mashup of interconnected applications and services from a variety of different providers. For instance, when you connect to Amazon’s e-commerce app, cookies, tags and pixels that are monitored by solutions like Exact Target, BazaarVoice, Bing, Shopzilla, Liveramp and Google Tag Manager track every action you take. You’re presented with special offers and coupons based on your viewing and buying patterns. If you find something you want for your birthday, a third party manages your wish list, which you can share through multiple social- media outlets or email to a friend. When you select something to buy, you find yourself presented with similar items as kind suggestions. And when you finally check out, you’re offered the ability to pay with promo codes, gifts cards, PayPal or a variety of credit cards.Get the Guide