What Is a DNS Zone File?
A DNS zone file is a plain-text file that contains all the DNS records for a specific domain or subdomain. It is stored on an authoritative DNS server and defines how the domain resolves — where its website is hosted, where email is delivered, which nameservers are authoritative, and any additional metadata like SPF records for email authentication.
Every domain on the internet has a zone file (or equivalent database entries in modern DNS platforms). When a recursive resolver queries your domain's authoritative nameserver, the server looks up the answer in the zone file and returns it.
Zone File Structure
A zone file follows the format originally defined by BIND (Berkeley Internet Name Domain), the most widely used DNS server software. While modern DNS providers use web interfaces and APIs to manage records, the underlying format remains the same.
Here's a simplified example zone file for example.com:
$TTL 3600
@ IN SOA ns1.noc.org. admin.example.com. (
2024030601 ; Serial number
3600 ; Refresh (1 hour)
900 ; Retry (15 minutes)
604800 ; Expire (7 days)
86400 ; Minimum TTL (1 day)
)
; Nameservers
@ IN NS ns1.noc.org.
@ IN NS ns2.noc.org.
; A Records (IPv4)
@ IN A 93.184.216.34
www IN A 93.184.216.34
; AAAA Record (IPv6)
@ IN AAAA 2606:2800:220:1::248
; Mail
@ IN MX 10 mail.example.com.
mail IN A 93.184.216.35
; CNAME (alias)
blog IN CNAME example.com.
; TXT Records
@ IN TXT "v=spf1 include:_spf.google.com ~all"Key Components
$TTL (Time To Live)
The $TTL directive at the top sets the default TTL for all records in the zone. TTL tells recursive resolvers how long (in seconds) to cache a record before re-querying the authoritative server. A TTL of 3600 means resolvers will cache the record for 1 hour.
- Low TTL (300-600s) — Records update faster, useful during migrations or when IPs change frequently
- High TTL (3600-86400s) — Reduces query load on nameservers, improves performance for stable records
SOA Record (Start of Authority)
The SOA record is mandatory and must be the first record in every zone file. It defines:
- Primary nameserver — The master authoritative server for the zone
- Admin email — Contact for the zone administrator (the
@is replaced with a.) - Serial number — A version number that must increase with each change. Commonly uses the format
YYYYMMDDNN - Refresh — How often secondary servers check for updates
- Retry — How long to wait before retrying a failed refresh
- Expire — How long a secondary server will serve data without a successful refresh
- Minimum TTL — The minimum cache duration for negative responses (NXDOMAIN)
NS Records (Nameservers)
NS records declare which servers are authoritative for the zone. You need at least two for redundancy. These must match the nameservers configured at your domain registrar.
The @ Symbol
In zone file syntax, @ represents the zone origin — the domain itself. So @ IN A 93.184.216.34 means example.com resolves to that IP address.
Common Record Types
For a detailed breakdown of each record type, see our DNS Zone File Record Types guide. The most commonly used records are:
| Record | Purpose |
|---|---|
| A | Maps a hostname to an IPv4 address |
| AAAA | Maps a hostname to an IPv6 address |
| CNAME | Creates an alias pointing to another hostname |
| MX | Specifies mail servers with priority values |
| TXT | Stores text data (SPF, DKIM, domain verification) |
| NS | Declares authoritative nameservers for the zone |
| SOA | Zone metadata and authority information |
| SRV | Service discovery (port, priority, weight) |
| CAA | Certificate Authority Authorization |
Managing Zone Files
Modern DNS providers like NOC manage zone files through web dashboards and APIs rather than requiring manual text file editing. When you add a record through the NOC DNS dashboard, the platform updates the zone file automatically, increments the serial number, and propagates changes across all anycast nameservers.
For programmatic management, the NOC API supports adding, deleting, and listing DNS records via simple HTTP requests.