DNS zone / zone file

A DNS zone is a contiguous portion of the domain name tree that one authority manages. Each zone has its own SOA record at its apex and a set of NS records pointing at its authoritative servers.

A zone file is the text file that contains all the records in a zone:

$TTL 3600
$ORIGIN example.com.

@               SOA   ns1.example.com. admin.example.com. (
                       2026051800   ; serial
                       7200         ; refresh
                       3600         ; retry
                       1209600      ; expire
                       3600 )       ; minimum
                NS    ns1.example.com.
                NS    ns2.example.com.
                A     198.51.100.42
www             A     198.51.100.42
mail            A     198.51.100.43
                MX    10 mail.example.com.

Zone vs domain

Not the same thing. example.com is a domain, but it might span multiple zones if subdomains are delegated. sub.example.com could be its own zone if you've delegated it via NS records.

When you interact with zone files

• Migrating between DNS providers: export from old provider, import to new. Most providers support BIND zone file format (RFC 1035).
• Bulk DNS changes: writing the zone file in code, version-controlling it, deploying as part of CI. Cloudflare, Route 53, and Vercel all have APIs that accept zone files.
• Debugging: dig output shows individual records; zone files show the full picture.

Modern DNS providers hide zone files behind dashboards, but the underlying format is still the lingua franca.

"DNS as code"

A pattern where your zone file lives in git, gets validated on PR, and deploys via your DNS provider's API. Same idea as Terraform but specific to DNS. See DNS as code.