Penguin
Recent Changes
Note: You are viewing an old revision of this page. View the current version.

An Acronym for Start Of Authority.

A DNS SOA? Record is used to define some information about a domain (called a zone, defined in a ZoneFile), such as a serial number defining the 'version' of the zone, and various timeout and caching values that should be used when records from a given zone are retrieved.

An example SOA? record looks like this:

 $TTL 604800
 $ORIGIN ethernal.tla.
 @   IN      SOA     ns1.ethernal.tla. root.ethernal.tla. (
             2004111901      ; Serial
             604800          ; Refresh (7 days)
             86400           ; Retry   (24 hours)
             2419200         ; Expire  (28 days)
             604800 )        ; Neg TTL (7 days)

The format of a SOA? RR is "name <ttl> class rr name-server email-address (serial refresh retry expire negttl)"

The name is given as "@", since that is the shorthand for the value of $ORIGIN. TTL is missing from this example, as it takes the zone default defined above as $TTL. The class will usually always be IN, RR should be obvious :). The name-server field is bascally the FQDN of the PrimaryNameServer for the domain (don't forget the trailing '.'!). The email-address field is the address of the person responsible for the domain - the first dot should be read as an @, so above should be read as root@ethernal.tla.

The values in parenthesis are described below:

Serial number

Generally given in YYYYMMDDXX format, giving 100 possible revisions of any given zone in a day (Usually more than enough).

Refresh

Defines the number of seconds before a SecondaryNameServer will refresh its copy of the zone by requesting a ZoneTransfer from the PrimaryNameServer.

Retry

Defines the number of seconds for a SecondaryNameServer to wait before retrying a zone refresh, after a failure.

Expire

Defines the number of seconds for a SecondaryNameServer to keep zone records, and answer authoritatively with them if it can't contact the PrimaryNameServer. (so, if the above refresh fails, and it's been retrying for this long).

Neg TTL

Defines the number of seconds that a client should remember that a negative response was received from this server. So, if a remote server asks us what the address for foo.ethernal.tla is but it doesn't exist, it will cache the negative answer we gave it for this many seconds, even if we add that name to the zone a couple of seconds later.

Todo:

  • Someone should explain TTLs a bit better, especially the use of $TTL

CategoryDns