In DNS configuration files, the @ symbol serves as a special placeholder representing the root domain (also called the "apex domain" or "naked domain"). When used in a zone file, it specifically denotes records for the domain itself without any subdomain prefix.
While RFC 1035 (Domain Names - Implementation and Specification) describes the functionality of the @ symbol, it doesn't formally name this record type. In technical documentation and among DNS administrators, these are most commonly referred to as:
- Root Domain Records
- Apex Records
- Base Domain Records
- Naked Domain Records
The most precise technical term would be "Apex DNS Record" as it clearly distinguishes these entries from wildcard records and subdomain records.
Here's a typical BIND zone file example showing both the @ record and wildcard usage:
; Zone file for example.com
$TTL 3600
@ IN SOA ns1.example.com. admin.example.com. (
2023081501 ; serial
3600 ; refresh
900 ; retry
1209600 ; expire
3600 ) ; minimum
@ IN NS ns1.example.com.
@ IN NS ns2.example.com.
@ IN A 192.0.2.1
@ IN MX 10 mail.example.com.
www IN A 192.0.2.1
* IN A 192.0.2.1
Different DNS providers handle the apex domain notation slightly differently:
AWS Route 53:
{
"Changes": [
{
"Action": "CREATE",
"ResourceRecordSet": {
"Name": "example.com.",
"Type": "A",
"TTL": 300,
"ResourceRecords": [
{
"Value": "192.0.2.1"
}
]
}
}
]
}
Google Cloud DNS:
resource "google_dns_record_set" "apex" {
name = "example.com."
type = "A"
ttl = 300
managed_zone = google_dns_managed_zone.prod.name
rrdatas = ["192.0.2.1"]
}
Apex records have several important technical characteristics:
- They cannot be CNAME records (RFC 1912 restriction)
- They're required for domain ownership verification (e.g., TXT records for SSL certificates)
- They serve as the base for all other subdomain records
- Modern solutions like ALIAS or ANAME records help overcome apex limitations
When researching this topic, try these search terms instead:
- "dns apex record definition"
- "root domain dns record name"
- "@ symbol in zone file meaning"
- "dns base domain record terminology"
When working with DNS configurations, many developers encounter the special "@" symbol in zone files but struggle to find authoritative documentation about its proper naming. Unlike wildcard records (clearly defined in RFC 1035), the "@" notation lacks an official technical designation in specifications.
Through analysis of BIND documentation, Cloudflare's technical references, and AWS Route 53 implementations, the most accurate term is "root domain record" or "apex record". Major DNS providers use these terms in their technical documentation when referring to records prefixed with "@".
; Example zone file demonstrating @ usage
$TTL 3600
@ IN SOA ns1.example.com. admin.example.com. (
2023081501 ; serial
7200 ; refresh
3600 ; retry
1209600 ; expire
3600 ; minimum TTL
)
@ IN NS ns1.example.com.
@ IN A 192.0.2.1
www IN CNAME example.com.
Different DNS systems handle the "@" notation in distinct ways:
- BIND/named: Uses "@" directly in zone files
- PowerDNS: Recognizes it as "apex record" in API responses
- Cloud DNS: Displays as "(root)" in management consoles
When working with DNS programmatically, note these implementation patterns:
// JavaScript example for AWS Route 53 API
const params = {
HostedZoneId: 'Z1PA6795UKMFR9',
ChangeBatch: {
Changes: [
{
Action: 'UPSERT',
ResourceRecordSet: {
Name: 'example.com', // Equivalent to @
Type: 'A',
TTL: 300,
ResourceRecords: [{ Value: '192.0.2.1' }]
}
}
]
}
};
For Python developers using dnspython:
import dns.resolver
# Querying the root record
answers = dns.resolver.resolve('example.com', 'A')
for rdata in answers:
print('Root domain IP:', rdata.address)
When researching this topic, combine these search terms for better results:
- "dns zone file @ symbol meaning"
- "apex record vs root record dns"
- "dns configuration root domain syntax"