What Is a DNS SOA Record & What Is It Used For?
A start of authority (SOA) record includes administrative information about your zone, as defined by the domain name system (DNS).
Anytime you set up a new zone, you'll need a new SOA record. And any time you transfer one DNS zone to another, you'll need that record too.
Let's dig into details of what a DNS SOA record is, what it looks like, and how you can use it.
DNS SOA and the role of zones
Browsers and servers communicate via the DNS. Every time you tap a web address into your browser, an elaborate conversation happens that ultimately takes you to the proper destination. Zones play a huge role.
Within the DNS, a zone is a space in which administrative responsibility is delegated to one manager. A zone might include these things:
-
One domain name
-
One domain name and several subdomains
-
Multiple domain names
During a DNS zone transfer, you send DNS records from one primary server to a secondary version. You'll send the DNS SOA record first. Often, this is the only time people tinker with their SOA records. But without them, you can't accomplish this step.
It may sound complicated to transfer from one zone to another. But online tutorials suggest you can complete this process in about nine steps.
What does an SOA record look like?
A DNS SOA record contains a great deal of information about a zone, all packed into a recognised format that browsers and servers can understand.
Each record contains these:
-
MNAME: The name of the primary server for this zone is included in this field.
-
RNAME: The name of the party responsible for the domain. This field contains the administrator's email address, but it's listed without the "@" sign.
-
SERIAL: A numeric representation of changes. Each time you alter your DNS file, this number should shift by one integer (from 01 to 02, for example).
-
REFRESH: The time in seconds secondary servers should wait before asking the primary server for a new SOA record indicating changes.
-
RETRY: How long a server should wait after a failed refresh before asking again.
-
EXPIRE: The upper time limit before a zone isn't considered authoritative.
-
TTL: A measurement of "time to live" or how long a resolver should wait.
Look at your own DNS SOA record with tools like this.
Or consider this example:
-
MNAME: ns.mainserver.com
-
RNAME: tech.server.com
-
SERIAL: 1
-
REFRESH: 68400
-
RETRY: 2700
-
EXPIRE: 6000000
-
TTL: 21100
If you're confused about the DNS system, you're not alone. Many people struggle to understand how these records help us navigate the web. We've written up a blog post all about DNS, and it includes many definitions you might find helpful. We encourage you to check it out.
References
Configuring Network Services. (2008). The Best Damn Windows Server 2008 Book.
Home. ViewDNS.info.