BIND-$ORIGIN 指令

$ORIGIN defines a base value from which 'unqualified' name (those without a terminating dot) substitutions are made when processing the zone file. Zone files which do not contain an $ORIGIN directive, while being perfectly legitimate, can also be highly confusing. In general, always explicitly define an $ORIGIN directive unless there is a very good reason not to.

$ORIGIN is a standard directive defined in RFC 1035.

$ORIGIN values should be 'qualified' (they end with a 'dot'). Confusingly some documentation omits this dot.

If an $ORIGIN directive is not defined - BIND synthesizes an $ORIGIN from the zone name in the named.conf file as illustrated below:

如$ORIGIN指令没有定义,那么bind把named.conf文件中的zone名同步过来作为$ORIGIN的值.

// named.conf file fragment

zone "example.com" in{
	type master;
	file "pri.example.com";
};

In the above fragemnt example.com is the initial value of $ORIGIN if none present in the zone file (pri.example.com).

如果$ORIGIN指令没有在pri.example.com文件中出现,那example.com将作为$ORIGIN的初始值。

$ORIGIN is used in two contexts during zone file processing:

  1. The symbol @ forces substitution of the current (or synthesized) value of $ORIGIN. The @ symbol is replaced with the current value of $ORIGIN.
  2. The current value of $ORIGIN is added to any 'unqualified' name (any name which does not end in a 'dot').

Examples

@ Symbol replacement:

; example.com zone file fragment 
; no $ORIGIN present and is synthesized from the 
; zone name in named.conf
....
@          IN      NS     ns1.example.com. 
; ns1.example.com is the name server for example.com
....
$ORIGIN uk.example.com.
@          IN      NS     ns2.example.com. 
; functionally identical to
; uk.example.com IN NS ns2.example.com
; ns2.example.com is the name server for uk.example.com

Unqualified name addition:

; example.com zone file fragment 
; no $ORIGIN present and is synthesized from the 
; zone name in named.conf
....
www          IN      A    192.168.23.15 
; functionally identical to 
; www.example.com. IN    A  192.162.23.15
; thus 
; www.example.com = IP 192.168.23.15
joe          IN      CNAME www ;unqualified name
; joe.example.com = www.example.com
; could have written as
joe.example.com. IN  CNAME www.example.com.
....
$ORIGIN uk.example.com.
ftp          IN      A     10.0.16.34 
; functionally identical to
; ftp.uk.example.com IN A 10.0.16.34