What is an SOA record?
SOA record stands for Start of Authority record and it determines how your zone propagates to the secondary nameservers. Every DNS zone must have a single SOA record and it is the first record in the zone. The DNS hosting provider will normally create a default SOA record for each domain added into their system and usually you do not need to make changes to this record.
The SOA record stores information about the name of the server that supplied the data for the zone; the administrator of the zone; the current version of the data file; the number of seconds a secondary name server should wait before checking for updates; the number of seconds a secondary name server should wait before retrying a failed zone transfer; the maximum number of seconds that a secondary name server can use the data before it must either be refreshed or expire; and a default number of seconds for the time-to-live file on resource records that do not have one specified.
SOA record format
A typical SOA record looks like the following in standard BIND format:
An anatomy of the SOA Record looks like the below:
$TTL 1800; $TTL used for all DNS records without explicit TTL value $ORIGIN example.com.; designates the start of this zone file in the namespace @ 86400 IN SOA ns1.dynu.com. administrator.dynu.com. ( 25101; serial 1800; refresh 300; retry 86400; expire 300; nxdomain TTL )
|Host Label||TTL||Record Class||Record Type||Master Name||Responsible Name|
|Serial Number||Refresh Interval||Retry Interval||Expire Interval||Negative Caching TTL|
It defines the hostname of a record and whether the hostname will be appended to the label. Fully qualified hostnames terminated by a period will not append the origin.
The time-to-live in seconds. It specifies how long a resolver is supposed to cache or remember the DNS query before the query expires and a new one needs to be done.
Mainly 3 classes of DNS records exist:
- IN (Internet) – default and generally what internet uses.
- CH (Chaosnet) – used for querying DNS server versions.
- HS (Hesiod) – uses DNS functionality to provide access to databases of information that change infrequently.
The record format is defined using this field. Common record types are A, AAAA, CNAME, CAA, TXT etc. In the case of an SOA record, the record type is SOA.
The host name for the primary DNS server for the zone.
The email address of the person that is responsible for administering the domain's zone file. The '@' in the email address is replaced by a dot '.'. So administrator.dynu.com is email@example.com.
Serial number for this zone is a timestamp that changes whenever something changes in the zone. If a secondary name server slaved to this master zone observes an increase in this number, the slave will assume that the zone has been updated and initiate a zone transfer.
The time in seconds that a secondary DNS server waits before querying the primary DNS server's SOA record to check for changes.
The number of seconds before a failed refresh should be retried.
The time in seconds before a zone is considered no longer authoritative. If this time expires before a successful zone transfer, the secondary server will expire its zone file. The secondary will stop answering queries, as it considers its data too old to be reliable.
Negative Caching TTL
The negative result TTL. For example, if a DNS resolver does a DNS query on a subdomain and gets a negative result. The negative caching TTL tells the resolver how long to wait before retrying the query.
SOA record glossary
A DNS zone refers to a certain portion or administrative space within the global Domain Name System (DNS) and it contains the resource records for all of the names within the particular zone.. All entries within a domain's zone, such as subdomains (sub.domain.com), or an MX record are within this zone.
Both master and slave servers are authoritative for the zones they handle. The master does not have any more power over the zones than the slave when it comes to answering DNS queries. The only difference between a master and a slave server is where they read their zone files from. A master server reads its zone files from files on the system's disk. These are usually where the zone administrator creates, edits, or transfers the original zone files.
The slave server receives the zones that it is authoritative for through a zone transfer from one of the master servers for the zone.
DNS caching works by temporarily storing the results of recently browsed websites' DNS queries, or other FQDNs, on a local file for faster retrieval. DNS cache refers to the temporary storage of information about previous DNS lookup results on a machine's OS or web browser. DNS records are stored in cache mainly to improve performance of DNS queries. Every DNS record has a Time to Live (TTL) value, which is the time that record should be stored in cache.
DNS propagation is a result of DNS caching. Even if a record is changed, DNS resolvers will continue working with its formal value from cache until the TTL has passed. DNS propagation is the time required for DNS resolvers worldwide to update their cached information for a domain name. It is influenced by the TTL of DNS records, but there are also other factors that could come into play.