Computers & ProgrammingBasic NetworkingComputers & Networking

What is an SOA Record in DNS?

The SOA record, or Start of Authority, specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone. There is only one SOA record in the domain DNS zone.

With regard to the SOA record, if the DNS platform that you are using (Windows, BIND, etc..) is compliant with the RFC 1035, the structure of the SOA record will be the same. The following is an example taken from a zone called, “corp.com” hosted on a Windows 2003 R2 Server running Windows DNS.

You can view the settings of the SOA record either by accessing the domain zone’s properties and clicking on the Start of Authority (SOA) tab, or by opening the zone file itself using a text editor (assuming that the zone is a standard primary, not Active Directory Integrated).

C6897698636540Ad9Fa4B808C50D6318
Ba770Bc66066478Bb2633Bcf9F95Bda3

The SOA resource record contains the following information:

Serial Number

The revision number of this zone file. This number should be incremented each time the zone file is changed so that the changes will be distributed to any secondary DNS servers.

Primary Server

The host that is storing the primary zone file.

Responsible Person

The e-mail address of the person responsible for administering the domain’s zone file. You should note that a “.” is used instead of an “@” in the e-mail name.

Refresh Interval

The time, in seconds, a secondary DNS server waits before querying the primary DNS server’s SOA record to check for changes. When the refresh time expires, the secondary DNS server requests a copy of the current SOA record from the primary.

The secondary DNS server compares the serial number of the primary DNS server’s current SOA record and the serial number in its own SOA record. If the serial numbers are different, the secondary DNS server will request a zone transfer (AFXR/IFXR) from the primary DNS server. The default value is 3,600.

Retry Interval

The time, in seconds, a secondary server will wait before retrying a failed zone transfer. The retry time should be less than the refresh time. The default value is 600.

Expires After

The time, in seconds, that a secondary server will continue to attempt to successfully complete a zone transfer from the primary DNS server. If this time expires prior to a successful zone transfer, the secondary server will expire its zone file.

The secondary DNS server will stop answering queries for the expired zone, as the zone data is now considered to be too old to be reliable. The default value is 86,400.

Minimum (Default) TTL

The minimum time-to-live value is applied to all resource records in the zone file. This value is supplied in query responses to inform other servers how long they should keep the data in the cache. The default value is 3,600.

When new records are created, the TTL for the new record will use this value. The value for the resource records can be individually changed.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top