# RPZ Zone RPZ uses zone files with normal RRs to define Policy Actions and Policy Triggers. The zone is defined in a normal zone clause which may be inside a view clause. RPZ zones may be queried (if a master only by a slave to read its SOA RR, if a slave, never) so their infrastructure records (SOA and NS) have to satisfy minimal zone validation rules, that is the SOA RR must exist, but since no delegation will result from, or any delegation be referred to, RPZ zones only a single NS RR is required which can take the name of **localhost** (further discussion at RPZ Domain Names) obviating the need for any corresponding A/AAAA RR (localhost is out-of-zone). RPZ zones can be masters or slaves in the normal manner, indeed the designers of RPZ envisaged that RPZ zone files may be distributed (using zone transfer) by commercial enterprises, affinity groups or other such organizations. ![](/files/-MfWdL83t6NhDUNfPpvB) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.dnsvault.net/service-management/dns/create-new-domain/create-new-host/response-policy/rpz-zone.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.