What is a DNS SOA Record?
A **SOA (Start of Authority)** record is a critical DNS record that contains administrative information about a DNS zone. Every zone must have an SOA record. It specifies the primary (master) nameserver for the zone, the email of the domain administrator, a unique serial number for the zone, and several timers that control how secondary nameservers synchronize information with the primary nameserver.
Understanding the SOA Record Components
An SOA record contains several distinct fields, each with a specific purpose:
- Primary NS (MNAME): The hostname of the primary authoritative nameserver for this zone. This is the main source of truth for the domain's DNS records.
- Admin Email (RNAME): The email address of the person responsible for this zone. The first dot in the email address is replaced with an '@' symbol (e.g.,
admin.example.com. becomes admin@example.com).
- Serial Number: A version number for the zone file. When you make a change to your DNS records, you must increment this number. Secondary nameservers check this serial number to see if the zone has been updated and if they need to request a new copy (a zone transfer). A common format is
YYYYMMDDNN (Year, Month, Day, Revision).
- Refresh Interval: The time in seconds that a secondary nameserver should wait before checking for a new serial number on the primary server.
- Retry Interval: If a secondary server fails to connect to the primary server during a refresh check, this is the time in seconds it should wait before trying again.
- Expire Interval: If a secondary server cannot contact the primary server for this duration (in seconds), it should stop serving responses for this zone as its data is considered too old and unreliable.
- Minimum TTL (Negative Caching TTL): The amount of time that other DNS resolvers should cache a "not found" (NXDOMAIN) response for this zone.
Why is the SOA Record Important?
The SOA record is essential for the proper functioning and synchronization of DNS across multiple servers. It ensures that changes to DNS records are propagated correctly to secondary nameservers, maintaining consistency and reliability for your domain worldwide.
