Our free DNS zone file generator helps you create and validate properly formatted DNS zone files for BIND and other DNS servers. Whether you're setting up a new domain, migrating DNS services, or managing authoritative nameservers, this tool simplifies zone file creation with an intuitive interface and automatic validation. Generate complete zone files with SOA records, A/AAAA records, MX records, CNAME aliases, TXT records, NS records, and SRV records. The generator creates serial numbers in YYYYMMDDNN format, validates common constraints, and helps you avoid manual syntax errors. Export your zone file ready for deployment on BIND, PowerDNS, NSD, Knot DNS, or any RFC-compliant DNS server. No registration required.
Create and Validate DNS Zone Files
The domain name for this zone ($ORIGIN)
Default time-to-live in seconds
SOA Record Settings
Use \".\" instead of \"@\" (admin.example.com)
YYYYMMDDNN format (auto-generated)
Secondary refresh interval (seconds)
Retry interval after failure (seconds)
Zone expiration time (seconds)
Minimum TTL for negative responses
DNS Records
No records added yet. Click \"Add Record\" to begin.
How to create a DNS zone file
- Enter zone information: domain name and default TTL.
- Configure SOA: administrator email, serial, refresh/retry/expire.
- Add records: A/AAAA, MX, CNAME, TXT, NS, SRV, and more.
- Preview & validate: check formatting in Zone Preview.
- Download & deploy: export the zone file and reload your DNS server.
Understanding zone file components (SOA)
| Parameter | Typical default | Purpose |
|---|---|---|
| Serial | YYYYMMDDNN | Version control for zone updates |
| Refresh | 3600β10800s | How often secondaries check for updates |
| Retry | 600β3600s | Retry interval after a failed refresh |
| Expire | 604800s | When secondaries stop serving the zone |
| Minimum TTL | 86400s | Negative cache TTL |
Common DNS record types
| Record | Purpose | Example |
|---|---|---|
| A | Map to IPv4 | example.com β 192.0.2.1 |
| AAAA | Map to IPv6 | example.com β 2001:db8::1 |
| CNAME | Alias | www β example.com |
| MX | Mail routing | 10 mail.example.com |
| TXT | Text data (SPF/DKIM/verification) | \"v=spf1 ...\" |
| NS | Authoritative nameservers | ns1.example.com |
| SRV | Service location | _service._tcp target |
Zone file syntax rules (common mistakes)
- Fully qualified domain names must end with a trailing dot (.)
- Names without dots are relative to the zone origin ($ORIGIN)
- Comments start with semicolon (;)
- TTL values are in seconds (3600 = 1 hour)
- MX records require a priority value
- TXT values should be quoted
- Always increment the SOA serial when making changes
Best practices
- TTL: use 300β600s before planned changes, and 3600β86400s for stable records.
- Serials: use YYYYMMDDNN and always increment for each change.
- Testing: verify live records with DNS Records Lookup and check propagation with DNS Propagation Checker.
- Email: validate MX/TXT (SPF/DKIM/DMARC) using Email Validator.
Troubleshooting common errors
| Error | Fix |
|---|---|
| Zone has no NS records | Add at least one NS record |
| Serial not incrementing | Increase the SOA serial |
| Missing trailing dot | Add a period after FQDNs |
| Invalid email format | Use dot instead of @ in SOA RNAME |
| MX missing priority | Provide a numeric MX priority |
Common Questions
What is a DNS Zone File?
A DNS zone file is a text file that defines a DNS zone by containing the records for a domain. It maps hostnames to IP addresses and other routing information, and is used by authoritative DNS servers (like BIND) to answer DNS queries.
What's the difference between common DNS record types?
A records map names to IPv4 addresses, AAAA records map to IPv6, CNAME records create aliases, MX records route email, TXT records store text data (SPF/DKIM/verification), NS records define authoritative nameservers, and SRV records locate services.
What is an SOA record and why is it important?
The Start of Authority (SOA) record is mandatory in every zone file. It identifies the primary nameserver, administrator contact, and includes important parameters such as serial, refresh, retry, expire, and minimum TTL.
What does the '@' symbol mean in a zone file?
The '@' symbol represents the zone origin (root domain) as defined in $ORIGIN. In a zone for example.com., '@' means example.com. itself.
Why do some domain names end with a period in zone files?
A trailing dot indicates a fully qualified domain name (FQDN) and prevents the zone origin from being appended. Without a trailing dot, names are treated as relative to the zone origin.
How do I update my zone file once it's deployed?
When making changes, increment the SOA serial number so secondaries pick up updates, validate with tools like named-checkzone, reload your DNS server, then verify live records and propagation after deployment.
What serial number format should I use?
A common best practice is YYYYMMDDNN (e.g., 2024011301). It makes the change date obvious and allows multiple updates per day. The key requirement is that the serial increases with each change.
What is $ORIGIN and $TTL?
$ORIGIN sets the base domain (zone origin) for relative names. $TTL sets the default Time To Live for records that donβt specify a TTL value.
Related DNS tools
- DNS Records Lookup β verify deployed records
- DNS Propagation Checker β check global propagation after changes
- PTR Record Generator β create reverse DNS records
- Reverse DNS Lookup β verify PTR records for IPs