All About DNS Zones

What Is A DNS Zone?

A DNS zone file is used by a name server to convert a FQDN to an IP address. Consider the following example.

Since name servers are public, we can take a look at other name servers to see how they are configured using a command called dig. The dig (Domain Information Groper) command is a popular Linux utility for performing DNS lookups. It offers more flexibility than Windows NSLookup, but it is not by default available in Windows 10. Installing BIND is one option for using dig on Windows. To learn how to enable the dig command in Windows, use your preferred search engine.

1 Open a terminal (cmd) window.
2 Type dig ns.google.com www.google.com any
3 This will return the records for the Google web servers. The A stands for Address.
4 You should see something like this in the output:

; <<>> DiG 9.16.35 <<>> ns.google.com www.google.com any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20994
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 5b871c933f22299746e93e8263ab99b2ef32ba753df36c22 (good)
;; QUESTION SECTION:
;ns.google.com.                 IN      A
 
;; ANSWER SECTION:
ns.google.com.          0       IN      A       216.239.32.10
 
;; Query time: 148 msec
;; SERVER: 172.31.6.10#53(172.31.6.10)
;; WHEN: Wed Dec 28 07:19:46 Bangladesh Standard Time 2022
;; MSG SIZE  rcvd: 86
 
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11938
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 5b871c933f2229972deab7a263ab99b24fd42cd2143933f2 (good)
;; QUESTION SECTION:
;www.google.com.                        IN      ANY
 
;; ANSWER SECTION:
www.google.com.         0       IN      A       142.250.206.100
 
;; Query time: 1 msec
;; SERVER: 172.31.6.10#53(172.31.6.10)
;; WHEN: Wed Dec 28 07:19:46 Bangladesh Standard Time 2022
;; MSG SIZE  rcvd: 87

A DNS zone is a specific portion of the DNS namespace managed by a specific organization or administrator in the Domain Name System (DNS). A DNS zone is a granular control space for DNS components such as authoritative nameservers. The DNS is divided into many zones, which are distinct managed areas of the DNS namespace. DNS zones do not have to be physically separated from one another; a DNS zone can contain multiple subdomains, and multiple zones can exist on the same server.

The Internet’s domain namespace is organized in a hierarchical layout of subdomains beneath the DNS root domain. Individual domains in this tree may serve as administrative authority and management delegation points. However, it is usually preferable to implement fine-grained delegation boundaries so that multiple sub-levels of a domain can be managed independently. As a result, the domain name space is divided into zones for this purpose. A zone begins at a domain and extends down the tree to the leaf nodes or the top-level of subdomains, where other zones begin.

DNS Zone

DNS is made up of domains logically but zones physically.

A domain is a logical division of the DNS name space, whereas a zone is a physical division because the information is stored in a zone file. In most cases, a domain and a DNS zone have a one-to-one relationship, so the domain mydomain.com would be stored in a zone file called mydomain.com.txt.

We’ll begin with a simple analogy to explain zones and zone files and how they work.

A DNS Zone Story

Quidditch (formerly known as Kwidditch and Cuaditch) is a broomstick-based wizarding sport. It is the most popular and well-known game among wizards and witches, and, according to Rubeus Hagrid, it is the equivalent of Muggles' love of football (Soccer).

The game involves four balls(a Quaffle, two Bludgers, and a Golden Snitch) and is played by two teams of seven people (three Chasers, two Beaters, one Keeper, and one Seeker) .

The Keeper guards the goal posts, while the three Chasers score goals by tossing the Quaffle into one of the opposing team's three goal posts. The two Beaters keep the Bludgers away from their team, and the Seeker catches the Golden Snitch to end the game. The team whose Seeker catches the Snitch receives 150 points, but this does not guarantee victory if the opposing team still has more points after the Snitch is caught.

The goal of the game is to get more points than your opponents. Each goal is worth ten points, and catching the Golden Snitch is worth 150 points. The game ends when the Snitch is caught or when the captains of both teams reach an agreement. Some games could last for several days if the Snitch was not discovered.

The Inter-House Quidditch Cup, also known as the Hogwarts Quidditch Cup or simply the Quidditch Cup, is given to the House Quidditch team with the most total points each year at Hogwarts School of Witchcraft and Wizardry.

The Championship is structured as a mini-league, with each house team playing each other throughout the year. This results in three games for each team and six games for the entire school to enjoy. Because there are so few games, each one is eagerly anticipated and is usually attended by the entire school, including the teachers.

Hogwarts is divided into four houses. The heads of all four houses are listed below.

Team Head of House
GryffindorMinerva McGonagall
HufflepuffPomona Sprout
RavenclawFilius Flitwick
SlytherinSeverus Snape

The players for each team are listed below.

Team Gryffindor

Chasers
    Katie Bell
    Angelina Johnson
    Alicia Spinnet
Beaters
    Fred Weasley
    George Weasley
Keeper
    Oliver Wood(Captain)
Seeker
    Harry Potter

Team Hufflepuff

Chasers
    Malcolm Preece
    Heidi Macavoy
    Tamsin Applebee
Beaters
    Maxine O’Flaherty
    Anthony Rickett
Keeper
    Herbert Fleet
Seeker
    Cedric Diggory(Captain)

Team Ravenclaw

Chasers 
    Roger Davies(Captain)
    Jeremy Stretton
    Randolph Burrow
Beaters 
    Duncan Inglebee
    Jason Samuels
Keeper
    Grant Page
Seeker
    Cho Chang

Team Slytherin

Chasers
    Marcus Flint(Captain)
    Graham Montage
    C. Warrington
Beaters
    Peregrine Derrick
    Lucian Bole
Keeper
    Miles Bletchley
Seeker
    Draco Malfoy

Now the challenge is - Anyone should be able to contact any player on any of the teams.

So you could make a paper list with the names and phone numbers written on it. This was essentially the hosts file method.

This method works, but it is inefficient.

Another option is to make four lists: one for team Gryffindor, one for team Hufflepuff, one for team Ravenclaw and one for team Slytherin.

p5rMTubfyePHOAtMmTT1tK4STTxQcC32HF8iALNCl5YVuB4 R1nNUyWou7Y8iim59JcsqIOxOb7k1PFXcmn8guvv6PTaXhFFwfqzx Q8fJkcWBpcouGNaOUiB1wxeWEHnIcjuszEnrYAIVFL3pH3GIg8tfr64DucrajYM17xkR plT3kLLwk GRTJ UkRQ - All About DNS Zones
NYMOef5 q5uz1EqYEbM3bazw3s1qJcNVm2yAh7D2bfLOMIFvvuY4dIrQ3fis JRhLrbZH D t1 OdBkI2pW43yuZddHXpU0oDDcxyD 0aqPNWNwfudjzOaZHj02WBVU34XGdG36ySud0cTeKRb4yUR9FtmX8eyvHkd4Hcb79pNJebR5ADAu2NLZMFFzN5A - All About DNS Zones
n9 e wPjCuzOpf5lt6GWfPnHxiob4JOyqT 5 MJE6X OmfH4Tr4CiE8XlCA2 JAKQMBGfHm6q7 - All About DNS Zones
Mc0OtRorlXNbk5ZXooa ISzgk60fM7vH4h b16Otw5co aA1pPZZ LZEusdc5o8DousOCJNGUp3NO6o4xSzaDgEZJUvYZRNEa4mcisoRFCf0 6We1 srnTdB0WVdbK - All About DNS Zones

So you now have three lists, but who manages them?

Because each team has a head of house, you should delegate the list to the head of house.

  • Minerva McGonagall manages Gryffindor
  • Pomona Sprout manages Hufflepuff
  • Filius Flitwick manages Ravenclaw
  • Severus Snape manages Slytherin

Now, Headmaster Dumbledore wants Jason Samuels’ phone number from Team Ravenclaw. How does he obtain it?

He needs to know who has Team Ravenclaws’s player list first. So Headmaster Dumbledore requires a list of all the managers’ names and phone numbers. The manager’s name isn’t really important, just the phone number.

eHny4Om3LtoUkeHXvOpKNgZpze9ll2aUCpLz4ryV3wIgYd4wmlHZvY3FcRk7xourGAsYJC5pTSKL3vxkxPTkWhuM4Nf7dEQnVTBk URuhWxloSENu2v1NHrSX4 Q8oNjd YuPyENytCCyu7pSirNZ3qM7VVU6FCMYt5ZF5alun4aO53TXMTl4 cvzb GIQ - All About DNS Zones

So, if someone wants to find Jason Samuels’ phone number on Team Ravenclaw, they contact Headmaster Dumbledore, who returns the phone number of Team Ravenclaw’s manager (Filius Flitwick). They then ask Filius Flitwick for Jason Samuels’ phone number. As illustrated in the diagram below:

QPS k3q eBMqK OrLxO4ptQmnkw AUOxNLV75qKK5uVQ1e9C7W49Scm495D ieOLMHgEJAwbDO2HQXCapucsKeImyaa44ojfPVuc6nmZs FNP1alxVszjz3paU Xsvk6Z3BfStmaMI51xXR MD5j ye3mLD7xO tysr9QDHAusEy1 L4OQapt0yH Dgng - All About DNS Zones

When compared to IP addresses and domain names,

  • Jason Samuels = A web server, for example
  • Phone number = the IP address
  • Team Ravenclaw = a Domain Name
  • HeadMaster Dumbledore,Minerva McGonagall,Pomona Sprout,Filius Flitwick, Severus Snape are name servers.
  • The lists are zones or zone files

If the concept is still not clear to you, please continue reading. It will be in a few sections. Just keep this analogy in the back of your head.

Notice Headmaster Dumbledore doesn’t have a list of players but head of houses i.e it doesn’t contain host names (A records) but head of house names (name server records NS records). Also, Headmaster Dumbledore needs to know who has the team list for all of the teams below him, whereas Filius Flitwick only needs to know the phone number for the Top of the Tree, which in this case is Headmaster Dumbledore because we only have two levels, but this isn't required.

Primary Zones And Secondary Zones

What happens when the head of house goes on vacation?

All they have to do is photocopy their list and give it to someone else (for example, Horace Slughorn), and tell Headmaster Dumbledore the person’s contact information so Headmaster Dumbledore can update his list.

There are always two name servers in DNS for resilience.

In the diagram below, we have added Horace Slughorn to Headmaster Dumbledore’s  list. We should also include a note in Severus Snape’s list to remind him to send the list and list updates to Horace Slughorn.

GI40p1I3KmWftMCII5EQufDXMELNNQEGhzMFfGAK muBbCjdPkj8Kv3fHCT0Sgu lAji3w eTVqfar6NTG8QMLjl1Znh7eFJYjNwusct9Xyv r1JwawRxIFYjg4tEA YmyIfyEkzPDBac2YFNcMnHgHJaJMYT8lxx tdZF892fasjhyFtComzrRcjC0 DQ - All About DNS Zones

The analogy above depicts two crucial concepts in DNS: primary and secondary zones, as well as zone transfer.

A zone can be classified as either primary or secondary.

Primary zones are now known as master zones, and secondary zones are known as slave zones.

The primary zone is the master record, and it is the one that the administrator changes. To keep things simple, only Severus Snape has the ability to update the list. He has the original (primary zone). When he updates the list, he must send a copy to Horace Slughorn, who already has a copy (secondary zones or slave zones).

Zone Transfer

These changes are copied to the secondary zones on DNS in a process known as zone transfer.

Zone transfer is normally performed from primary to secondary zones, but it is requested by the DNS server in charge of the secondary zone. In our example, Horace Slughorn would ask Severus Snape for an update list. The primary servers can be configured to notify secondary servers of changes.

A zone transfer is, at its most basic, a file copy.

A DNS server that hosts a primary zone is known as a primary name server (master), while one that hosts a secondary zone is known as a secondary name server (slave).

Multiple zone files can be stored and managed by a DNS server, and they can be a mix of primary and secondary zones.

Pomona Sprout, in our analogy, could have a copy of Team Gryffindor‘s list in case Minerva McGonagall goes on vacation. As a direct consequence, a DNS server can serve as both a primary and secondary name server. Primary and secondary name servers are both considered as authoritative for a domain.

We hope you have understood everything we have talked up to this point.

Share The Tutorial With Your Friends
Twiter
Facebook
LinkedIn
Email
WhatsApp
Skype
Reddit

Check Our Ebook for This Online Course

Advanced topics are covered in this ebook with many practical examples.