metazone.5

.Dd December 5, 2024
.Dt METAZONE 5 "DNS File Formats Manual"
.Os DNS
.Sh NAME
.Nm metazone
.Nd BIND configuration in a DNS zone
.Sh DESCRIPTION
A
.Dq metazone
is a DNS zone
that describes the configuration of other DNS zones.
.Pp
Metazones allow you to use standard DNS mechanisms -
AXFR, IXFR, NOTIFY, UPDATE -
to control the configuration of multiple name servers,
instead of using a separate out-of-band distribution system.
.Pp
The
.Nm metazone
program converts between metazones and
.Pa named.conf
fragments in either direction.
.Sh STRUCTURE
.Ss Apex
A metazone has apex SOA and NS resource records
as required by the DNS protocol.
The SOA record is used for zone refresh timing
and to locate the primary master,
in the usual way.
The NS resource records will never be used
and are just placeholders required by the protocol.
.Pp
The SOA MINIMUM field is used for
the version number of the metazone format.
The format specified in this manual is 44.
.Ss Views
Immediately under the apex are a number of
single-label subdomains.
When the metazone is converted to
.Pa named.conf
syntax,
the zone configurations
are written to multiple files,
one for each subdomain:
.Pp
.D1 Pa named.zones. Ns Aq view
.Pp
This allows you to have a single metazone
containing the configuration for multiple views.
(When you have
.Sy in-view
zones,
the configurations for multiple views
must be updated in sync.)
.Pp
A number of view names are reserved for compatibility with other
metazone formats:
.Bl -column -offset indent 012345678901234 0123456789012 01234567890
.It Sy allow-query      Ta Sy allow-transfer Ta Sy also-notify
.It Sy server-addresses Ta Sy server-names   Ta Sy servers
.It Sy in-view          Ta Sy masters        Ta Sy zones
.It Sy view             Ta Sy zones          Ta Sy ""
.El
.Ss Zones
Each zone configuration is represented in the metazone
using one TXT resource record.
The owner of the TXT record is
.Pp
.D1 Ao Ar zone Ac . Ns Ao Ar view Ac . Ns Ao Ar metazone Ac Ns
.Pp
The TXT RDATA contains the zone's configuration clause.
.Pp
Note that if you need a configuration clause longer than 255 bytes,
you can use one TXT record containing multiple strings.
The strings are concatenated to form the configuration clause.
You must not use multiple TXT records because you cannot control their order.
.Sh EXAMPLE
.Bd -literal
; This name for the metazone cannot collide with a real domain.
$ORIGIN _metazone.

; The required apex records.
$TTL	1h
@	SOA	localhost. hostmaster.localhost. (
		1436531696 1h 1h 1w 44 )
@	NS	localhost.

; Configuration for the "int" view
$ORIGIN int._metazone.

example.org	TXT	( "{"
			" type slave;"
			" masters { ns-pri-int; };"
			" allow-query { internal; };"
			" allow-transfer { internal; };"
			"};" )

; Configuration for the "ext" view
$ORIGIN ext._metazone.

example.org	TXT	( "{"
			" type slave;"
			" masters { ns-pri-ext; };"
			" allow-transfer { xfer-2nd; };"
			" also-notify { notify-2nd; };"
			"};" )
.Ed
.Sh COMPATIBILITY
The metazone structure described in this manual
is significantly different from the original
metazone design by Paul Vixie.
.Pp
We use Vixie's format numbering scheme.
Vixie metazones have format number 42.
Our metazones have format number 44.
The reserved view names in our scheme are a superset of
the keywords used by Vixie metazones.
.Pp
Vixie metazones encode the configuration for a zone in multiple RRsets.
This encoding requires a relatively complicated translated
into a name server configuration.
However,
Vixie metazones are designed to be interoperable
across multiple name server implementations.
.Pp
Our metazones are specific to BIND,
since they include literal
.Pa named.conf
snippets,
and do not make any attempt to support other name server implementations.
.Sh SEE ALSO
.Xr metazone 1 ,
.Xr nsnotifyd 1 ,
.Xr named.conf 5
.Rs
.%A Paul Vixie
.%T Federated domain name service using DNS metazones
.%U http://ss.vix.su/~vixie/mz.pdf
.%D June 2005
.Re
.Sh AUTHOR
.An Tony Finch
.Aq Li dot@dotat.at
.\" SPDX-License-Identifier: 0BSD OR MIT-0