IMO here's a better tutorial by D. J. Bernstein: http://cr.yp.to/djbdns/intro-dns.html (although the "record" syntax is for his own tinydns server vs. BIND's zone files).
But if you care about security, you probably don't want to be running BIND given its long history of bugs and security holes.
Here's BIND's security advisory page: http://www.isc.org/advisories. By contrast
only a single security hole has ever been discovered in the djbdns suite: http://article.gmane.org/gmane.network.djbdns/13864. DJB has a well earned reputation for being abrasive, but his proven track record for writing secure software is unmatched.
Full disclosure: I'm developing a DNS hosting service (http://slickdns.com) and needless to say I do not use BIND.
That started out promising, but ended up a bit disappointing. Editing the zone file seems like the least interesting part of this topic.
How about explaining the relationship between dns, registrars, soa records, ns servers etc.? This is where things get really hard to understand due to all those levels of indirection going on.
Ah, you mean you'd like an explanation of those concepts? Well, I think I more or less understand the details by now, but it would take some effort to put it all into words. I'm afraid I don't quite have the time for that at the moment, so this was more meant as a suggestion for the author of the article to look into.
I have not seen a good, easy to understand tutorial to get me from beginner/mid-level to high level understanding [not even speaking about mastery] of DNS. Spending time on such tutorial and sharing it would be much appreciated.
Sorry, but this was rather disappointing. Most registrars do not allow you to edit zone files, but rather provide a GUI. Of course, you could host your DNS yourself, but you don't want to do that or use an alternative DNS host, which probably provides a different GUI.
It is important for a beginner to understand what an A record or a CNAME record is, rather than how bind(?) is configured.
If you find zonefiles a hassle might want to use http://www.entrydns.net a free service I'm building with a sysadimn friend, it has nice GUI interface to manage most DNS needs.
That's true, I should have been clearer in my introduction: this really is a guide for beginners. The goal here was to show a simple zone file example and go through it, so that someone who never set up a DNS could do it in 10 minutes. That's why it is nowhere as complete as Google's description :)
Except someone who has never done it before probably shouldn't be in the position to edit zone files themselves... They should most likely use their registrars DNS servers or the DNS servers for their host, or if they want to get fancy one of the DNS providers out there.
Once you get to the point that you have outgrown the solutions out there, or you want to do something fancy such as create records on the fly then you can start looking into doing your own DNS hosting.
I agree with you that if you want to be a full-fledged programmer you will need to understand this topic beyond this simple example, but at the time I really could have used it as a starting point.
I think it becomes a relative path without the final/root dot. That is, "example.net" in the zone file "mydomain.com" will be understood as "example.net.mydomain.com.".
I'm one of those people who when I learn anything, I take hand written no matter what it is. I've even had language books tell me, " You probably won't need to do this" and I make sure to add it in anyway. And when that 1% time comes, my first reaction is always to the clear and detailed description that I myself wrote down. This has happened several times, ( a lot when I was getting my feet wet in server administration ). As someone who like to learn ot all no matter how out of context for the enviornment, I much prefer when stuff like this happens. I'd rather know how to do something as a just in case, then panic because I don't know something at all.
It does seem paradoxical, but I know quite a few people I consider to be good coders, but know almost nothing about DNS. For example, a former researcher in CS who now wants to launch his webstartup.
But if you care about security, you probably don't want to be running BIND given its long history of bugs and security holes.
Here's BIND's security advisory page: http://www.isc.org/advisories. By contrast only a single security hole has ever been discovered in the djbdns suite: http://article.gmane.org/gmane.network.djbdns/13864. DJB has a well earned reputation for being abrasive, but his proven track record for writing secure software is unmatched.
Full disclosure: I'm developing a DNS hosting service (http://slickdns.com) and needless to say I do not use BIND.