The desktop receiving the answer doesn't know that the ip address received is not "valid".
The resolved address could be 1) a loopback address or 0.0.0.0; 2) a local internal web server configured to "answer" all image requests mapped to a single pixel image file, and all text pages mapped to a warning message page; or 3) a machine with a personal firewall.
These packages were originally designed as a substitute for a large host file in order to speed up browsing by having a local name server available to cache domain queries such as DNSKong.
These programs can also be used to block domains associated with malware.
A host can be used to maps hostnames associated with malware to a different IP address (such as a loopback address, 127.0.0.1).
This will prevent connections to those malicious sites from ever taking place.
A brief background and introduction to bind can be found at the end of this document..
A standard format for DNS entries is called "Bind Format".
Many corporations deploy an internal DNS server for use on their Local Area Network, usually to provide name resolution for internal hosts or to speed up browsing by locally caching DNS queries .
It can be edited for other serial numbers as needed, but that will require some further regex knowledge, and is outside the scope of this article.
Once we have confirmed the serial numbers are in the correct format, we can go ahead and update the serial number of all the zone files with the new one specified.
First, take a full backup of the /var/named/ directory, just in case there are any issues, and you need to revert your changes.
Next, check to make sure the serial number in the zone file starts with 20, as our sed one-liner will only work with serial numbers starting in 20.