There are many different DNS records. Some are very specific. Others are common and exist in any DNS. SOA record is one of these common, always present DNS records. Let’s see what it does and why it is so important to have it!
What is the SOA record?
SOA record is a key DNS record that indicates the start of authority. The authoritative name server (authoritative NS) is the top source of DNS information. It is the first DNS record that a zone file contains and sets the general properties of that zone. It also has more details about the zone transfers like the refresh rate, the retry rate, and who is administrating them (admin email).
Usually, DNS servers work together in a cluster. Those servers need to synchronize their zone file. For this purpose, they need to perform a zone transfer. The SOA works as a control record with a serial number and indicates the latest update. When the secondary servers (slaves servers) see that the number has changed, they will update and get the new data.
What is a zone transfer?
DNS has a hierarchy structure, where the date is organized by DNS zones. Those DNS zones have DNS zone files that contain the full information for the zone, including a SOA record.
The DNS usually has more than one DNS server. One is the primary DNS server, and the rest are secondary DNS servers.
The primary has the zone file, and all the changes happen inside it. The data from it must be propagated to the rest. This happens through a zone transfer. The zone transfer is a process of updating the zone file in the secondary DNS servers through IXFR zone transfer (partial transfer of changes only) or AXFR zone transfer (full transfer of all DNS records).
Why do you need a SOA record?
You need a SOA record to indicate the authoritative name server and to perform zone transfers. Each zone must have a SOA record, and there should be just one SOA record per zone. Without a SOA record or with multiple per zone, your zone won’t function.
What does a SOA record include?
A SOA record includes the following elements:
- Name – Zone’s name
- Type – SOA
- Primary name server – The hostname of the primary name server for the zone.
- Admin’s email – A contact information of the administrator of the domain’s zone file.
- Serial number – The zone’s serial number. The secondary DNS servers will check this value and determine should they update the zone file or not.
- Refresh rate – This is the time in seconds that the secondary name servers wait until they check again for changes.
- Retry rate – If the zone transfer between the secondary DNS servers and the primary fails, this is the time the secondary servers will continue trying to update. If the times expires, the secondary servers’ data will be outdated, and they will stop answering queries.
- Default TTL – A TTL value for all DNS records in the zone file. It indicates how long time the secondary servers should keep the data in the cache memory.
The parameters could have different names, depending on your DNS provider, but the functions will be the same. For example, Primary NS could be written MNAME, the retry rate could be just RETRY, and so on.
SOA record vs NS record
Some novice DNS administrators have trouble distinguishing the purpose of NS records and the SOA records.
The NS records’ purpose is to redirect DNS servers to the following DNS server that has the needed information for the next zone.
The DNS server cluster uses the SOA to update and sync data. Update the secondary DNS servers with data from the primary DNS server.