Zone (DNS)

from Wikipedia, the free encyclopedia

In the domain name system of the Internet, zone refers to the part of the domain tree for which a name server (hereinafter also abbreviated as NS) is responsible and therefore knows the official data. A zone is managed by a primary name server . To increase availability in the event of server failures, it is common practice to mirror a zone on one or more secondary name servers .

A zone consists of resource records that are stored in a zone file . The original file is on the primary name server (also called "master"). From there, when changes are made, it is transferred to the secondary name servers (also known as "slave") via zone transfer. The terms zone and zone file are interchangeable in almost all situations.

A zone can span an entire domain . Usually, however, subdomains are represented by their own zones. Pointers - the NS Resource Records (NS-RR) - refer to sub-zones that can be located on other name servers. This procedure is known as delegation: A zone delegates the responsibility for a subdomain and only knows the responsible name server or servers. Inquiries about the subdomain are forwarded to the responsible name server. The transition between two zones is called Zone Cut, since a zone is "cut out" from a domain by a delegation.

The top level domain de, for example, including all subdomains, contains several million DNS entries. It is impossible to keep these in a single zone file. The zone file belonging to the domain de therefore mainly contains references to the direct subdomains. There is an NS entry for each responsible name server of a subdomain.


For example, suppose the fictitious company example owns the domain . There are also two sub-domains: and . There is a separate zone file for each of these three domains. The NS-RRs (pointers) of the zone file look like this:       IN   NS    IN   NS 

From the associated domain zone file can be deduced that two subdomains exist and that the authoritative name servers for the nameserver 1 and the nameserver-2 is. The domains and can of course also contain further subdomains that can be represented by their own zone files.

Difference between domain and zone

A domain comprises the entire subordinate DNS namespace. The term domain is also used when referring to content (what names does a domain contain?) Or property rights (who is a domain registered for?).

A domain can be divided into several zones by delegating responsibility for subdomains . One also speaks of a zone when one means the physical realization - i.e. on which server and in which zone file the DNS entries are located.

The domain tree defined by the stringing together of domain names (labels) and the zone tree built using the NS-RRs are almost identical. In rare cases, a single zone file can contain multiple domain names. The zone tree is therefore slightly smaller than the domain tree.

Web links

  • RFC 1033 - Domain administrator operations guide
  • RFC 1034 - Domain names - concepts and facilities
  • RFC 1035 - Domain names - implementation and specification