What is a DNS SOA record?
There are several types of records - or Resource Records as they are called - in the Domain Name System (DNS). This page explains what the SOA record is and how it's used.
The purpose of a DNS SOA record #
SOA stands for Start of Authority and is an administrative DNS record that described more information about the zone that is being described.
It's mostly important in environments where zone transfers are used, which restricts its relevance for the most part to DNS system administrators. Mind you, for DNS administrators, the SOA record is crucial.
The structure of a DNS SOA record #
The SOA record is one of the lengthier DNS records as it contains a lot of different options. Here's an example of the SOA record for our own domain:
ohdear.app. 3600 IN SOA ns3.combell.net. hostmaster.ohdear.app. 2020082810 10800 3600 604800 40000
There's lots to unpack there! This is the DNS record structure:
<host> <TTL> IN SOA <mname> <rname> <serial> <refresh> <retry> <expire> <ttl>
Here's what those different options mean:
- mname: this defines the primary (or "master") nameserver for this zone
- rname: in a weird format, this is the e-mail address for the administrator of the zone (the e-mail address is encoded as a domain name)
- serial: an ever-increasing number that indicates to secondary or slave nameservers when an update to the zone is made available. If a secondary nameserver has a version of this zonefile that is lower than the current serial, it will request an update
- refresh: how often secondary nameservers should query the main nameserver for updates
- retry: if a refresh fails, this indicates how long a secondary nameserver should wait to try again
- expire: if the main nameserver stops responding, this will indicate number of seconds after which the secondary nameserver should stop answering request for this zone
- ttl: Time to live for purposes of negative caching