Chapter 8 - $ORIGIN Directive

$ORIGIN defines a base value from which 'unqualified' name substitutions are made when processing the zone file. Zone files which do not contain an $ORIGIN directive, while being perfectly legitimate are also much more confusing. In general always explicitly define an $ORIGIN directive unless there is a very good reason not.

$ORIGIN is a standard directive defined in RFC 1035.

$ORIGIN values must be 'qualified' (they end with a 'dot'). Confusingly some documentation omits this dot.

If an $ORIGIN directive is not defined - BIND synthesizes one from the zone name in the named.conf file as the initial ORIGIN e.g.

// named.conf file fragment

zone "" in{
	type master;
	file "";
}; is the initial value of $ORIGIN if none present in the zone file.

$ORIGIN is used in two contexts during zone file processing:

  1. The symbol @ is used in BIND to denote 'zone root'. The current value of $ORIGIN is substituted for (replaces) the symbol @.
  2. The current value of $ORIGIN is added to any 'unqualified' name (any name which does not end in a 'dot').


@ Symbol replacement:

; zone file fragment 
; no ORIGIN present
@          IN      NS 
; is the name server for
@          IN      NS 
; functionally identical to
; is the name server for

Unqualified name addition:

; zone file fragment 
; no ORIGIN present
www          IN      A 
; = IP
joe          IN      CNAME www ;unqualified name
; =
ftp          IN      A 
; functionally identical to
; IN A

Pro DNS and BIND by Ron Aitchison


tech info
guides home
dns articles
1 objectives
big picture
2 concepts
3 reverse map
4 dns types
5 install bind
6 samples
7 named.conf
8 dns records
9 howtos
10 tools
11 trouble
12 bind api's
13 dns security
bits & bytes
15 messages
notes & tips
registration FAQ
dns resources
dns rfc's
change log