Strange - copy and pasting your answer and running named-checkzone on it results in:
acshellam@dev1:/tmp$ named-checkzone example.com example.com.zone
zone example.com/IN: loaded serial 12
OK
acshellam@dev1:/tmp$ named-checkzone -v
9.6.1-P2
You sure that's the correct zone file you have on your system? Is there an $ORIGIN directive somewhere between the NS and the A records in your file that's changing the zone root?
Yes, the number there is the number of seconds left until that record expires (providing we're not querying the authoritative nameserver). Obviously with a CNAME there's a level of redirection, so the TTL for the A record it points to in this case may be important as well.
If you wait a couple of seconds and run dig again on your local nameserver, you should see that TTL number decrease by the number of seconds you waited (approximately). When it hits 0, it'll refresh or if your nameserver refreshes the zone for some reason.
As mentioned above, there is a difference between dig being run against a nameserver with a cached entry and the nameserver that is authoritative for that entry.
(in the examples I use below I use the +noauthority
+noquestion
& +nostats
flags just to keep the output terse).
Note the difference between the following queries:
$ dig +noauthority +noquestion +nostats stackoverflow.com @ns2.p19.dynect.net.
; <<>> DiG 9.7.0-P1 <<>> +noauthority +noquestion +nostats stackoverflow.com @ns2.p19.dynect.net.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50066
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; ANSWER SECTION:
stackoverflow.com. 432000 IN A 69.59.196.211
So in the above query, we're querying a nameserver that is authoritative for stackoverflow.com. If you notice the flags
section, pay special attention to the aa flag which denotes this is an authoritative answer (i.e. not cached).
$ dig +noauthority +noquestion +noadditional +nostats stackoverflow.com
; <<>> DiG 9.7.0-P1 <<>> +noauthority +noquestion +noadditional +nostats stackoverflow.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43514
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;; ANSWER SECTION:
stackoverflow.com. 246696 IN A 69.59.196.211
In the above query, we don't have an aa flag, and the TTL will keep decreasing as we query and query. This is essentially the counter I was talking about previously.
Best Answer
To answer the question in your headline:
No, it is not necessary to create an AAAA record for your website as long as most traffic runs over IPv4, but I would argue that it probably is beneficial for the deployment of IPv6 to have more sites support the protocol.
To answer the question in your post:
Yes, if you want your site to support IPv6 traffic, clients need a way to translate your domain name to an IPv6 address.