What is a DNS SOA record?

The SOA record contains important information about a domain and who is responsible for it.

Share facebook icon linkedin icon twitter icon email icon

DNS SOA Record

Objetivos de aprendizaje

Después de leer este artículo podrá:

  • Understand the purpose of an SOA record
  • Explain zone serial numbers and zone transfers

What is a DNS SOA record?

The DNS ‘start of authority’ (SOA) record stores important information about a domain or zone such as the email address of the administrator, when the domain was last updated, and how long the server should wait between refreshes.

All DNS zones need an SOA record in order to conform to IETF standards. SOA records are also important for zone transfers.

Example of an SOA record:

name example.com
record type SOA
MNAME ns.primaryserver.com
RNAME admin.example.com
SERIAL 1111111111
REFRESH 86400
RETRY 7200
EXPIRE 4000000
TTL 11200

The 'RNAME' value here represents the administrator's email address, which can be confusing because it is missing the ‘@’ sign, but in an SOA record admin.example.com is the equivalent of admin@example.com.

What is a zone serial number?

In the DNS, a 'zone' is an area of control over namespace. A zone can include a single domain name, one domain and many subdomains, or many domain names. In some cases, 'zone' is essentially equivalent with 'domain,' but this is not always true.

A zone serial number is a unique identifier for the zone. In the example above, the serial number is listed next to 'SERIAL.' A DNS server can quickly look up a zone's records in its database via the serial number, which will bring up the SOA record.

What are the other parts of an SOA record?

  • MNAME: This is the name of the primary nameserver for the zone. Secondary servers that maintain duplicates of the zone's DNS records receive updates to the zone from this primary server.
  • REFRESH: The length of time (in seconds) secondary servers should wait before asking primary servers for the SOA record to see if it has been updated.
  • RETRY: The length of time a server should wait for asking an unresponsive primary nameserver for an update again.
  • EXPIRE: If a secondary server does not get a response from the primary server for this amount of time, it should stop responding to queries for the zone.

What is a zone transfer?

A DNS zone transfer is the process of sending DNS record data from a primary nameserver to a secondary nameserver. The SOA record is transferred first. Using the serial number, the secondary server can check to see if it already has the data in its database. Zone transfers take place over the TCP protocol.

Learn more about various DNS records.