Domain Name System (DNS) Zones


The Domain Name System Zones are each partition of the DNS. A dissimilar or adjoining portion of the main DNS is the DNS zone, representing an organizational area contained within the global DNS and it is also designated to a particular administrator. These designation privileges define if the DNS zone will have only one domain or sub-domains or multiple domains such that multiple domains can be handled by a single organization following a tree hierarchy. Hence, numerous sub-domains and zones can be present in one DNS zone.

If there were no DNS zones, then management of the huge resources with the help of only one control head would become tedious and complex, hence DNS zones are used to separate the managerial authorities and also the chores of each nameserver are reduced by dividing its duty. Therefore, DNS zones are mainly used to impose administrative controls over the DNS component levels (for example the authoritative nameservers). Hence, the zones do not compulsorily have to be materially separated from each other but there can exist more than one DNS zone on the same server.

The description of various types of DNS Zones is listed below

Primary DNS Zone

The Primary DNS zone is also called the master zone and it contains all the DNS records which can be included manually or automatically. Each DNS server is allowed to have only one master zone at a time comprising all the read-write zone data copy stored as a .txt file which can be used for data backup in case of failure. For any kind of update or modification on the DNS zone, the primary zone must be accessible. In case of repetition, the zone data must be accessible from all the servers.

Secondary DNS Zone

The Primary DNS zone is also called the slave zone and it contains all the read-only zone data which is the copy of the master zone or it can also be data copies of other slave zones. The slave zones serve as a backup to answer the zone requests from the copy of the primary zone data. Hence, the slave zone is used to manage the failures and to lower the workload of the master zone. The process by which the zone data gets transferred from the master to the slave DNS zone is called a zone transfer.

Reverse Lookup zone

The mapping of the IP address from the domain names is done by the Reverse lookup zone. It mainly does the opposite work of the major DNS zones. All the major DNS zones contain records, but the reverse DNS zone contains PTR records which are used to correlate the IP address to the domain names. The other functions of this type of DNS zone are filtering spam records, detecting bots, and many kinds of troubleshooting.

Zone Files

The .txt files that contain information about the mappings between IP, hostname, and other resources are called DNS zone files present inside the DNS nameserver. The information inside the zone files also comprises the zone representation and the domain records lying in that zone, these data are recorded in the form of resource records inside the file.

Each of these resource records consists of lines comprising the following fields

  • Name − it is the identifier of the DNS record, which has an alphanumeric datatype but can also be blank. It takes over the values from the previous records.

  • TTL − TTL stands for Time-To-Live, that is, the amount of time the record should persist in the DNS client’s local cache. The global TTL value specified at the beginning of the zone file is considered if the specified value is not mentioned for the file.

  • Record class − it is used to specify the name-space (generally it is IN standing for internet namespace)

  • Record type − there are various types of DNS record types, for example, A record is used to map a hostname to its IPv4 address, and a CNAME is used for pointing a hostname from another hostname

  • Record data − the number of information present on the record data depends on the record type. If the record type is MX record, it will have data comprising of a priority and an email server’s domain name.

At the beginning of the zone files, two mandatory files are present along with the information of the other resources lying in that zone, they are −

  • Start of Authority (SOA) record – it is used for the specification of the primary nameserver with the authority of the DNS zone

  • Global Time to Live (TTL) record – describes the storage of records in the local DNS cache

The other resource records that the zone file contains are −

  • Name server records

  • IPv4 address mapping record

  • IPv6 address records

  • Canonical name records

  • Mail exchanger record


It can be concluded that the domain namespace contains a sub-tree of the domain, which can in turn be divided into multiple authoritative zones called DNS zones. These zones could be managed separately for various managerial permissions. Hence, domains establish the structure of the nameserver logically which is given a correct administrative configuration with the help of zones.

Updated on: 26-Apr-2023


Kickstart Your Career

Get certified by completing the course

Get Started