Zone Defaults
Here you can define several default options for new zones on your server, and zones for which you provide backup service. These options can often be overridden in the definition of the individual zone, however most such items are best configured here, and any differences from the norm can be configured in the individual zone. These options are only documented here, though they apply to individual zones as well. Note also, that these do not effect the named.conf file at all. It is merely a set of default values used by Webmin when creating new master zones, kind of like an /etc/skel for zones. Also found on this page are setting for some default zone permissions options, found in the second part of the page.
Defaults for new master zones
Refresh time - This is interval for which your zones will be cached before being refreshed by slaves. Lowering this will increase the load on your master server but will help insure fresh data reaches clients from your slave DNS servers. This option configures the refresh field in the SOA record in each new zone you create, and defaults to 10800 seconds, or 3 hours. Note that the introduction of the DNS NOTIFY protocol into BIND 8 removes the reliance of slaves on refresh times for prompt updates. To find out more take a look at RFC 1996. BIND 4 and some other name servers may not have NOTIFY, so if your slaves are not all known to be NOTIFY capable, you should still be aware that your slaves will take the full refresh time to be guaranteed to be fresh.
Transfer retry time - This defines the amount of time between retries if a refresh attempt fails. If you have reduced the refresh time, this value should be reduced accordingly. This option correlates to the retry field in an SOA record and defaults to 3600 seconds or 1 hour.
Expiry time - This sets the expiration age for your zone records, for the use of DNS servers that have a cached your domain information. Beyond this date, if the server with the cached data cannot contact a name server that is authoritative for your domain, it will no longer return a positive result. This option configures the expires field of the SOA record and defaults to 432000 seconds, or five days.
Default time-to-live - This sets the minimum time to live for a zone. Downstream name servers will no longer consider the information they have cached accurate if it is older than this. They will continue to serve the old data if new data cannot be retrieved, until the Expiry time has been reached. This option can be used to very effectively insure that server or address changes can be performed without interruption of client services. For example, if you are aware that your website will be moving to a new server on at a new location in a week, you can shorten this to something very short, perhaps 30 seconds. By the end of the week, when your change happens, all nameservers that have cached your information will know to check with a nameserver that is authoritative for your domain often. Know one will even notice you changed! This option configures the TTL field in the SOA record, and defaults to 38400 seconds, or 10 hours.
Template records - This section can be a nice time saver if you create a large number of domains with Webmin (for example, if you run and ISP or a web hosting company). Here you can define several template records that can be automatically inserted into some or all of your new zones. For example, if you have a single mail server and two nameservers that are the same for all of the domains you create you can create templates for each of those. Then when you create your zone file later, you can choose to have the templates included. It is also possible to add a single host, whose IP can be defined at zone creation time. The mail server, name alias, and name server templates must have addresses assigned to them from the beginning, however. There is no default template, and this section does not directly effect any BIND configuration files.
Default zone settings
Allow transfers from.. - Here you can define other servers that will, by default, be allowed to receive transfers from this server. This option correlates to the allow-transfer directive, and defaults to allowing zone transfers to all hosts.
Allow queries from.. - This one allows you to define what hosts or networks will be allowed to query your server. Any host that will use your nameserver should be listed here. However, by default, the server will allow requests from all hosts. This option configures the allow-query directive.
Check names in master zones? and Check names in slave zones? - These two allow you to choose how strict you nameserver will be with regard to checking names within their expected client context. This means that, for example, a domain name used as a hostname can be checked for compliance with relevant standards regarding domain names and hostnames. These options configure check-names master and check-names slave and default to fail and warn, respectively.
Check names in responses? - Similar to the previous two options, but checks the names in responses to queries sent by the nameserver. If this is set to fail, your nameserver will REFUSE a query it receives and invalid name. This option configures the check-names response directive and defaults to ignore.
Notify slaves of changes? - This option allows you to configure whether BIND will use the NOTIFY protocol to inform its slaves of updates. In this way, its slaves can query the master to see if a zone transfer is needed. If so, the transfer takes places immediately, and all servers are brought up to date much more quickly then if the slaves awaited their usual refresh age to be reached. This option configures the notify directive.