Tech Reference » How it works? » DNS - Domain Name Service » What is in an in-addr.arpa zone file?

An in-addr.arpa zone file consists of four main parts. The information in the in-addr.arpa zone file is unique to your zone. We've underlined the elements that need to be customized for your zone in the descriptions that follow.


The Start of Authority (SOA)


The first section of an in-addr.arpa zone file is called the Start of Authority (SOA) and contains important information about your zone. It looks like this:


210.234.123.in-addr.arpa. IN SOA nsserver.merit.k12.mi.us. dnsadmin.merit.k12.mi.us. (


Let's look at each piece of information separately.


210.234.123.in-addr.arpa.: This is the name of your in-addr.arpa zone and is related to the  IP address range covered by your in-addr.arpa zone file. In this case, the zone we're describing covers the range of IP addresses between 123.234.210.0-123.234.210.255. Each IP address block needs its own in-addr.arpa zone file. You cannot define multiple contiguous address blocks with one in-addr.arpa zone file.


When creating an in-addr.arpa zone for your address range(s), please remember to reverse the order of the first three octects (or two for a Class B address), and append . in-addr.arpa . to the end of the name. Also, add a trailing dot to the . in-addr.arpa . portion of your string to avoid domain name confusion.


nsserver.merit.k12.mi.us: This is the fully qualified host name of your primary DNS server. This server usually houses the remainder of your zone files. Please also note that this server's name has a trailing “.” after it. Very important!


dnsadmin.merit.k12.mi.us. : This is the email address of the administrator or other party responsible for DNS for your zone. Note that the email address does not appear as “dnsadmin@merit.k12.mi.us.”.   This is because the “@” symbol has a specific meaning in DNS files and should not be used for email addresses. By convention, email addresses are represented without the “@” symbol in DNS files, but you should   note that the actual email address for this administrator is dnsadmin@merit.k12.mi.us.   You must also follow this email address with a trailing “.”, as in past examples.


Finally, note that the first line of the SOA “ends” with a left parenthesis. If you look at the remainder of the SOA, you will see that it ends with a right parenthesis.  


Refresh/Retry Parameters within the SOA


The rest of the SOA has the refresh and retry configurations for your zone. These can be set to any value you would like, but some values make more sense than others. We'll discuss each parameter in detail. You can then decide what's best for your zone. The parameter group looks like this: 

(
                          2004021601   ;      Serial
                          21600        ;      Refresh (after 6 hours)
                          3600         ;      Retry (after 1 hour)
                          864000       ;      Expire (after 10 days)
                          86400)       ;      Minimum TTL (of 1 day)

As discussed in the previous section, you must begin with a   left parenthesis.   The first parameter that follows is the serial number. DNS zone files have serial numbers. Serial numbers are used to indicate to secondary servers that a change has been recorded and that new copies of the zone files must be retrieved.


A serial number can be any number you want but each new serial number must be greater than the one that preceded it. Most administrators choose to serialize based on either a random number, which is then incremented each time the file is changed, or by some form of the date, which is the method we've chosen for this example.   Here, the date is represented by the year – 2004- then the month –02-, the day –16- and the last two numbers –01- indicate that this is the first modification made to the file on this date. Subsequent modifications made on this date would be incremented 02, 03, etc.


Refresh is measured in seconds. 21600 seconds /3600seconds in an hour = 6 hours. This SOA instructs secondary DNS servers to visit every 6 hours to compare their zone file copies with the master files.


Retry is also configured in seconds. This parameter tells secondary DNS servers how often to try again to refresh the zone files if a refresh attempt fails.


Expire is configured in seconds. This parameter tells secondary servers to discard their copies of the zone files and stop responding to DNS queries if they have been unsuccessful in contacting the primary server in the configured number of seconds. In this example, the Expire parameter is configured for 10 days.   This is a very long time for DNS files. Your expire parameter should be shorter.


Minimum TTL stands for "Time To Live" and is measured in seconds. This indicates the minimum amount of time a requesting server should cache data forwarded from this server. In this case, a “requesting server” is not a secondary DNS server, but rather a foreign server requesting DNS information about your zone.


Close this section with a right parenthesis.   Also, please note that comments can be inserted in your file. Anything between a semi-colon and the end of a line is considered a comment and is ignored.


Name Servers Within the SOA


The next section of the file identifies the name server(s) for your zone. You must have at least one name server and the name server must have an NS record in your primary zone file.


;
; Name servers
;
210.234.123.in-addr.arpa. IN NS nsserver.merit.k12.mi.us.
; 



Here, the name server for this zone is nsserver.merit.k12.mi.us.   Note the trailing “.” on the server name. You can indicate more than one name server for a zone, as long as all name servers have NS records in your primary zone files. 

Canonical Hosts within the SOA 

The last section of the file contains information about "canonical host names" in your zone. A canonical host name is a host's real name. If a host on your network has one or more aliases, be sure to include "CNAME" records for the aliases in your zone file.   Only canonical host names should appear in an in-addr.arpa zone file. 
;Addresses pointing to canonical host names
;
2.210.234.123.in-addr.arpa. IN PTR nsserver.merit.k12.mi.us.
3.210.234.123.in-addr.arpa. IN PTR zoinks.merit.k12.mi.us.
4.210.234.123.in-addr.arpa. IN PTR shaggy.merit.k12.mi.us.
5.210.234.123.in-addr.arpa. IN PTR scooby.merit.k12.mi.us.
6.210.234.123.in-addr.arpa. IN PTR thelma.merit.k12.mi.us.
7.210.234.123.in-addr.arpa. IN PTR freddy.merit.k12.mi.us.
8.210.234.123.in-addr.arpa. IN PTR daphne.merit.k12.mi.us.
9.210.234.123.in-addr.arpa. IN PTR mysterymachine.k12.mi.us.

 

That's it! Your in-addr.arpa zone file is complete and ready to   be registered. If Merit provided your IP address blocks, contact your Support Team and we will register your in-addr.arpa zone. If you have your own address space, please contact ARIN to register your in-addr.arpa zone. 
Updated On: 04.03.26
 
                
                

                    
                

                

                
                

                    
                

                

                    
                    
                    

                        
Leave your message, comment or feedback:
Your Name (shown) & Your E-mail (hidden) is used only to alert you when someone reply your message.