zone ./IN: has 0 SOA records

Martin McCormick martin at
Wed Feb 22 15:56:09 UTC 2006

	Yesterday I described a problem with an experimental DNS
configuration in which the very first message as the system starts up

zone ./IN: has 0 SOA records 

Mark Andrews writes:
>	All real zones require a SOA record and a NS RRset at the top.
>	The zone you supplied does not have a SOA record at the top.

	That is correct.  I began to think I was using the wrong file
for the root zone and double-checked against "DNS and Bind 4TH
Edition" which tells one to get it from  That's
what I've been doing all along, but the book also says that one
doesn't really need the root zone defined in named.conf although they
supply an example for those who feel funny without one.  That's where
I discovered what I had done wrong.  

The root zone definition I have for every single DNS I run has a
slight syntax omission which incorrectly defines the root zone.  The
weird thing is that I never noticed any problem with recursive lookups
until I set up this experimental box with all the private zones and it
couldn't resolve anything external.

	The bad example follows:

zone "." {
	type hint;
	file "db.cache";
}; /*Don't use this.  It is bad.*/

	When I changed it to a shameless ripoff of DNS and Bind's example,
it looks almost the same except for the class designation:

zone "." in {
        type hint;
        file "db.cache";

	Needless to say, what you name the root zone file is up to you
as long as your configuration references the desired file and it is
owned by bind in the case of a root sandbox, but that small change
made the error go away and the external recursion begin.

	It makes me curious as to why all the other DNS's work or what
subtile failure modes we have had as a result of the bad definition.

Martin McCormick WB5AGZ  Stillwater, OK 
OSU Information Technology Department Network Operations Group
.-- -... ..... .- --. --..

More information about the bind-users mailing list