Eg:
例如：

db.example.com:; BIND data file for local loopback interface$TTL 604800@ IN SOA box.example.com. root.localhost. (1 ; Serial604800 ; Refresh86400 ; Retry2419200 ; Expire604800 ) ; Negative Cache TTL@ IN NS localhost.@ IN A 127.0.0.1

Edit root.localhost to be your email address, butwith a \".\" instead of the \"@\", and another \".\" at the end.
编辑 root.localhost 指向你的邮件地址，不过要用 \".\" 代替 \"@\"，另一个 \".\"放在末尾。

Eg:
例如：

johndoe@exmaple.com should be added asjohndoe.example.com.
johndoe@exmaple.com 将使用johndoe.example.com. 的形式添加。

Increment the Serial number (you must increment the serialnumber for every time you make any changes to the zone file andreload the zone by restarting BIND9. If you make multiple changesbefore restarting BIND9, simply increment the serial once.
增加序列号（您必须在您每次对域文件做更改并通过重启 BIND9 重新引导域时增加您的序列号。如果您在重启 BIND9之前做了多处改变，只需增加一次序列号即可）。

Tip: Many people like to use the last date edited as the serialof a zone, such as 2005010100 which is yyyymmddss(where s is serial)
技巧：许多人喜欢使用最新的日期作为域的序列号，例如以 yyyymmddss 的形式 2005010100。

Now, you can add DNS records to the bottom of the zone. Doremember to increment the serial as you add entries though.
现在，您可以将 DNS 记录添加在域的底部。记住在您添加条目之后要增加序列号。

First, on the master server, you have to allow the zonetransfer. The sample zone definition in/etc/bind/named.conf.local should like this:
首先，在主服务器上，您必须允许域可以传输。这个在 /etc/bind/named.conf.local中域定义的示例如下所示：

[...]zone \"example.com\" {type master;file \"/etc/bind/db.example.com\";allow-transfer {@ip_slave;[...]

On the slave, you have to proceed to the same installation thatwas done on the master. Then edit the/etc/bind/named.conf.local and add the followingdeclaration for the zone:
在从服务器上，您还必须象主服务器上一样做同样处理。然后编辑/etc/bind/named.conf.local 并为域添加下列声明：

[...]zone \"example.com\" {type slave;file \"/etc/bind/db.example.com\";masters { @ip_master; };[...]

Restart the server, you should see in/var/log/syslog something like:
重启服务器，您将在 /var/log/syslog 类似下面的提示：

syslog.5.gz:May 14 23:33:53 smith named[5064]: zone example.com/IN: transferred serial 2006051401syslog.5.gz:May 14 23:33:53 smith named[5064]: transfer of \'example.com/IN\' from 10.0.0.202#53: end of transfer

Chrooting BIND9 is a recommended setup from a securityperspective. In a chroot enviroment, BIND9 has access to all thefiles and hardware devices it needs, but is unable to accessanything it should not need.
Chrooting BIND9 从安全角度来说是被推荐的安装。在 chroot 环境中，BIND9可以访问所有它所需的文件和硬件，但不能访问它所不需要的。

To chroot BIND9, simply create a chroot enviroment for it andadd the additional configuration below
要 chroot BIND9，只需为它创建一个 chroot 环境并在下面添加额外配置。

Create the following directory structure
创建下面目录结构

$ sudo mkdir -p /chroot/named$ cd /chroot/named$ sudo mkdir -p dev etc/namedb/slave var/run

Set permissions for chroot environment
为 chroot 环境设置权限

$ sudo chown root:root /chroot$ sudo chmod 700 /chroot$ sudo chown bind:bind /chroot/named$ sudo chmod 700 /chroot/named

Create or move the bind configuration file.
创建或移动 bind 配置文件。

$ sudo touch /chroot/named/etc/named.conf

or
或

$ sudo cp /etc/named.conf /chroot/named/etc

Give write permissions to the user bind for/chroot/named/etc/namedb/slave directory.
将 /chroot/named/etc/namedb/slave 目录的写权限赋予 bind 用户。

$sudo chown bind:bind /chroot/named/etc/namedb/slave

This is where the files for all slave zones will be kept. Thisincreases security, by stopping the ability of an attacker to editany of your master zone files if they do gain access as the binduser. Accordingly, all slave file names in the/chroot/named/etc/named.conf file will need to have directory namesthat designate the slave directory. An example zone definition islisted below.
所有的从域将放置在此处。这样可以增强安全性，如果攻击者得到了 bind 用户的权限，他们也没有办法修改您的主域文件。因此在/chroot/named/etc/named.conf文件中的所有的从文件名都必须带着指向从目录的目录名。下面列出了一个域定义的示例：

zone “my.zone.com.” {type slave;file “slaves/my.zone.com.dns”;masters {10.1.1.10;

Create the devices BIND9 requires
创建 BIND9 的环境

$ sudo mknod /chroot/named/dev/null c 1 3$ sudo mknod /chroot/named/dev/random c 1 8

Give the user bind access to the /chroot/named/var/run directorythat will be used to strore PID and statistical data.
给 bind 用户访问 /chroot/named/var/run 目录的权限，该目录用于保存 PID 和状态数据

$ sudo chown bind:bind /chroot/named/var/run

Edit the bind startup options found in /etc/default/bind9.Change the line the reads:
在 /etc/default/bind9 中编辑 bind 启动选项。原来选项如下：

/etc/default/bind9:OPTIONS=”-u bind”

So that it reads
现在改为

/etc/default/bind9: