A zone contains all the names and IP addresses of a given group of hosts. Zones are a concept, not really a configurable object themselves, though most DNS administrators speak of zone files when configuring BND (named). Assuming a zone is the same as a zone file is not quite technically correct as a zone file contains additional information that just the host information. To configure a complete zone, you need one or more zone files, each containing resource records for all the hosts in the zone. The term zone is used to refer to a group of names that are part of a common unit and grouped together into a namespace. Namespace itself is another concept that refers to a group of names. The terms namespace, domain, and zone are frequently and incorrectly used interchangably, but for the purposes of most discussions, the differences aren't enough to worry about.
Examples of the proper use of the terms are shown below:
- The DNS namespace contains all domain names.
- My domain is inetdaemon.com.
- The DNS zone bored.bla-blather.org could contain the hosts silly, stiff and tears.
The DNS system is hierarchichal. For example, in the United States, the top level of the DNS hierarchy are the .gov, .com, .net, .org, .edu domains. Abroad, there are the country code domains (.fr, .it, .uk, .cn, .ca etc.). At the second level are domains registered with the registrars (company.com, department.gov, school.edu). Within the second level domains are sub-domains managed by the owner of the domain. A zone contains all the hosts that fall into a single namespace. The top level domain .com is the namespace that contains all .com domains. Likewise, yahoo.com contains all the yahoo.com names, such as mail.yahoo.com, www.yahoo.com and others.
Let's use the example of a fictional global company called "Zap O Matic Inc." who has registered the domain name "zapomatic.com". Let's say the headquarters is in the United States and they have divisions in the Netherlands, Australia and Japan. If each division is self-supporting, with it's own management, human resources, accounting and sales departments, then they would probably set up something as follows:
zapomatic.com might contain:
- netherlands.zapomatic.com (which would itself contain..)
- management.netherlands.zapomatic.com
- hr.netherlherlands.zapomatic.com
- accounting.netherlands.zapomatic.com
- sales.netherlands.zapomatic.com
- australia.zapomatic.com (which would itself contain..)
- management.australia.zapomatic.com
- hr.australia.zapomatic.com
- accounting.australia.zapomatic.com
- sales.australia.zapomatic.com
- japan.zapomatic.com (which would itself contain..)
- management.japan.zapomatic.com
- hr.japan.zapomatic.com
- accounting.japan.zapomatic.com
- sales.japan.zapomatic.com
From this example, you can see that we happen to have three identical department namespaces under each of the unique countries. Together, the countries (and everything under each of them) are part of the namespace for Zapomatic.com. It is this idea of a hierarchy of namespaces that enables DNS to be a distributed function that is managed by the administrators of each domain.