What Is a DNS Zone File?
A DNS zone file is the authoritative record of all DNS entries for a domain. Here is what it contains, how it is structured, and how to read BIND format.
What Is a DNS Zone File?
A DNS zone file is a text file that defines all the DNS records for a domain in a standardized format. It is the authoritative record of how a domain resolves — where its website is hosted, which servers handle email, which aliases exist, and more.
Where Zone Files Live
Zone files live on authoritative nameservers — the DNS servers declared in a domain's NS records. When a resolver asks where example.com is, it ultimately reaches the authoritative nameserver, which reads from the zone file and responds.
Most DNS providers (Cloudflare, AWS Route 53, DigitalOcean, etc.) abstract zone files into web UIs. But zone files remain the underlying standard, and many DNS migrations use zone file import/export.
BIND Format
The most common zone file format is BIND (Berkeley Internet Name Domain), defined in RFC 1035. It is a plain text format.
Basic Structure
$ORIGIN example.com. $TTL 3600
@ IN SOA ns1.example.com. admin.example.com. ( 2026032401 ; Serial (YYYYMMDDNN format) 3600 ; Refresh 900 ; Retry 604800 ; Expire 300 ; Minimum TTL )
; Nameservers @ IN NS ns1.example.com. @ IN NS ns2.example.com.
; A records @ IN A 203.0.113.10 www IN CNAME @
; Mail records @ IN MX 10 mail.example.com. mail IN A 203.0.113.20
; Email authentication @ IN TXT "v=spf1 include:_spf.google.com ~all"
Key Syntax Rules
@ symbol means the zone origin — the domain itself (example.com.).
Trailing dot — fully qualified domain names in zone files end with a dot. ns1.example.com. (with dot) is an FQDN. ns1.example.com (without dot) would be expanded to ns1.example.com.example.com — a common mistake.
$TTL sets the default TTL for all records unless overridden per record.
IN means Internet class — always IN for standard records.
SOA Serial — increments on every zone change. Nameservers use this to detect if the zone has been updated. Convention: YYYYMMDDNN where NN is the revision number for that day.
Common Record Types in Zone Files
| Type | Purpose | Example |
|---|---|---|
| A | IPv4 address | @ IN A 1.2.3.4 |
| AAAA | IPv6 address | @ IN AAAA 2001:db8::1 |
| CNAME | Alias | www IN CNAME @ |
| MX | Mail server | @ IN MX 10 mail.example.com. |
| TXT | Text records (SPF, DKIM, etc.) | @ IN TXT "v=spf1 ..." |
| NS | Nameserver | @ IN NS ns1.example.com. |
| SOA | Zone authority | (see above) |
| CAA | CA authorization | @ IN CAA 0 issue "letsencrypt.org" |
Importing and Exporting Zone Files
Exporting: Most DNS providers have a "Export Zone File" option. This gives you a portable backup and lets you migrate to a new provider.
Importing: When migrating DNS, import your existing zone file into the new provider rather than re-entering records manually. Most providers support zone file import.
Using ElasticDomain's Zone File Generator
If you do not have an existing zone file and need to create one, ElasticDomain's DNS Zone File Generator builds one from a template. Choose your setup (Google Workspace, Cloudflare proxy, basic web hosting, etc.), fill in your IP addresses, and it generates a valid BIND zone file you can copy or download.