What is the DNS root zone and domain?

This might seem like a silly question but I want to get my terminology correct. This was my understanding:

DNS root zone = .
DNS root domain = (nameless)

However, after reading the Wikipedia article, I'm not so sure:

A domain name consists of one or more parts, technically called labels, that are conventionally concatenated, and delimited by dots, such as example.com.

So this would lead me to believe:

DNS root zone = .
DNS root domain = .
DNS root label = (nameless)

Does this make sense? What is your understanding?

The difference between a zone and a domain is that a zone necessarily includes an SOA record, and (apart from the root itself) will have been delegated from its parent using NS records. The SOA generally represents that an administrative boundary exists.

Hence all zones are domains, but the converse is not always true.

For comparison, you could have a zone containing the following:

$ORIGIN example.com.
@        IN SOA ...
         IN NS  ...
         IN NS  ...
foo.bar  IN A

where bar.example.com. is still a subdomain of example.com. but is not itself a full zone.

A domain name is, very simply, a name for a node in the domain name tree. A zone can be viewed in two different ways:

  • A zone is a slice of the overall DNS database, comprising the resource record sets for a collection of nodes in the domain name tree, rooted at one node which is the zone apex.
  • A zone is a portion of the domain name tree, comprising a node at the apex and various nodes for connected subdomains. All parts of a zone are connected to the apex.

The domain name of the root is . (because all fully-qualified domain names always end with a dot in human-readable form — in machine-readable form they end with a zero-length label, and the root domain name is simply one label of zero length).

The root zone is the slice of the DNS database served up by a root content DNS server. It comprises the resource record sets for the root domain name and a whole load of subdomains of the root. Its bottom edge, as for the bottom edges of all zones, is defined by delegations that point away from the content DNS server serving up the data to somewhere else.

One can download various organizations' root zone data files, to see the data that are contained in real root zones. The root zone data files for ICANN are obtainable via FTP or HTTP from InterNIC, as a file named root.zone. (The filename is simply a convention. It's not required that root zone data files be named in this fashion.)

Some DNS server softwares (e.g. ISC's BIND and Microsoft DNS) have other sorts of root zones. Many installations of such softwares have a root zone that comprises root hints. This isn't a zone with real data in a data file. Instead, it's a zone whose data are obtained from elsewhere, using a set of "hints" as to whence those data can be obtained. A root hints file that will direct BIND to the ICANN root content DNS servers is obtainable via FTP or HTTP from InterNIC, as a file named variously db.root, named.cache, and named.root.