;; Tested using: named-checkzone dotya.ml /etc/bind/zonefiles/ml/dotya/*.zonefile ;; Signed using: dnssec-signzone -g -K "/var/cache/named/bind/keys/ml/dotya" -T 300 -n "$(nproc || printf 1)" /etc/zonefiles/ml/dotya/main.zonefile $TTL 300 $ORIGIN dotya.ml. ;; NameServer (NS) @ IN NS ns.nebula.dotya.ml. ;; Start Of Authority (SOA) @ IN SOA ( ns.nebula.dotya.ml. ; MNAME hostmaster.nebula.dotya.ml. ; RNAME 2020103022 ; SERIAL (YYYYMMDDHH) 8H ; REFRESH 2H ; RETRY 1W ; EXPIRY 2H ; MINIMUM Negative Cache TTL ) ;; DEFAULT nebula.dotya.ml. IN A 144.91.70.62 ns.nebula.dotya.ml. IN A 144.91.70.62 ;; Include other files here ;; $INCLUDE "PATH" DOMAIN ;; Zone-Signing key (ZSK) $INCLUDE "/var/cache/named/bind/keys/" dotya.ml ;; Key-Signing key (KSK) $INCLUDE "/var/cache/named/bind/keys/" dotya.ml