|
 |
|
| |
|
|
Red Hat Enterprise Linux 9 Essentials Book now available.
Purchase a copy of Red Hat Enterprise Linux 9 (RHEL 9) Essentials Red Hat Enterprise Linux 9 Essentials Print and eBook (PDF) editions contain 34 chapters and 298 pages
|
10.3.2. Common Resource Records
The following resource records are commonly used in zone files:
-
A
-
The Address record specifies an IP address to be assigned to a name. It takes the following form:
hostname IN A IP-address
If the hostname value is omitted, the record will point to the last specified hostname.
Example 10.10. Using the A resource record
server1 IN A 10.0.1.3
IN A 10.0.1.5
-
CNAME
-
The Canonical Name record maps one name to another. Because of this, this type of record is sometimes referred to as an alias record. It takes the following form:
alias-name IN CNAME real-name
CNAME records are most commonly used to point to services that use a common naming scheme, such as www for Web servers. However, there are multiple restrictions for their usage:
-
CNAME records should not point to other CNAME records. This is mainly to avoid possible infinite loops.
-
CNAME records should not contain other resource record types (such as A, NS, MX, etc.). The only exception are DNSSEC related records (that is, RRSIG, NSEC, etc.) when the zone is signed.
-
Other resource record that point to the fully qualified domain name (FQDN) of a host (that is, NS, MX, PTR) should not point to a CNAME record.
Example 10.11. Using the CNAME resource record
server1 IN A 10.0.1.5
www IN CNAME server1
-
MX
-
The Mail Exchange record specifies where the mail sent to a particular namespace controlled by this zone should go. It takes the following form:
IN MX preference-value email-server-name
The email-server-name is a fully qualified domain name (FQDN). The preference-value allows numerical ranking of the email servers for a namespace, giving preference to some email systems over others. The MX resource record with the lowest preference-value is preferred over the others. However, multiple email servers can possess the same value to distribute email traffic evenly among them.
Example 10.12. Using the MX resource record
example.com. IN MX 10 mail.example.com.
IN MX 20 mail2.example.com.
-
NS
-
The Nameserver record announces authoritative nameservers for a particular zone. It takes the following form:
IN NS nameserver-name
The nameserver-name should be a fully qualified domain name (FQDN). Note that when two nameservers are listed as authoritative for the domain, it is not important whether these nameservers are secondary nameservers, or if one of them is a primary server. They are both still considered authoritative.
Example 10.13. Using the NS resource record
IN NS dns1.example.com.
IN NS dns2.example.com.
-
PTR
-
The Pointer record points to another part of the namespace. It takes the following form:
last-IP-digit IN PTR FQDN-of-system
The last-IP-digit directive is the last number in an IP address, and the FQDN-of-system is a fully qualified domain name (FQDN).
-
SOA
-
The Start of Authority record announces important authoritative information about a namespace to the nameserver. Located after the directives, it is the first resource record in a zone file. It takes the following form:
@ IN SOA primary-name-server hostmaster-email (
serial-number
time-to-refresh
time-to-retry
time-to-expire
minimum-TTL )
The directives are as follows:
-
The @ symbol places the $ORIGIN directive (or the zone's name if the $ORIGIN directive is not set) as the namespace being defined by this SOA resource record.
-
The primary-name-server directive is the hostname of the primary nameserver that is authoritative for this domain.
-
The hostmaster-email directive is the email of the person to contact about the namespace.
-
The serial-number directive is a numerical value incremented every time the zone file is altered to indicate it is time for the named service to reload the zone.
-
The time-to-refresh directive is the numerical value secondary nameservers use to determine how long to wait before asking the primary nameserver if any changes have been made to the zone.
-
The time-to-retry directive is a numerical value used by secondary nameservers to determine the length of time to wait before issuing a refresh request in the event that the primary nameserver is not answering. If the primary server has not replied to a refresh request before the amount of time specified in the time-to-expire directive elapses, the secondary servers stop responding as an authority for requests concerning that namespace.
-
In BIND 4 and 8, the minimum-TTL directive is the amount of time other nameservers cache the zone's information. In BIND 9, it defines how long negative answers are cached for. Caching of negative answers can be set to a maximum of 3 hours (that is, 3H).
When configuring BIND, all times are specified in seconds. However, it is possible to use abbreviations when specifying units of time other than seconds, such as minutes ( M), hours ( H), days ( D), and weeks ( W). Table 10.6, “Seconds compared to other time units” shows an amount of time in seconds and the equivalent time in another format.
Table 10.6. Seconds compared to other time units
| Seconds |
Other Time Units |
| 60 |
1M |
| 1800 |
30M |
| 3600 |
1H |
| 10800 |
3H |
| 21600 |
6H |
| 43200 |
12H |
| 86400 |
1D |
| 259200 |
3D |
| 604800 |
1W |
| 31536000 |
365D |
Example 10.14. Using the SOA resource record
@ IN SOA dns1.example.com. hostmaster.example.com. (
2001062501 ; serial
21600 ; refresh after 6 hours
3600 ; retry after 1 hour
604800 ; expire after 1 week
86400 ) ; minimum TTL of 1 day
|
|
|
