DNS records are a set of instructions that reside on DNS servers. They include information about a domain and tell servers how to execute DNS requests for it.
We’ve discussed several types of DNS records, including the A record, NS record, DNS MX record, TXT record, and CNAME record. In this post, we’ll introduce you to SOA records in the DNS. Let’s begin with one question:, What is the SOA record?
What is the SOA Record and Why Do You Need It?
SOA is an acronym for Start of Authority, and it’s a type of DNS record that contains important information about a DNS zone, including the administrator’s email address, server refreshing timeframe, and the last time a domain was updated.
You need to properly configure an SOA record in your DNS to conform with the IETF (Internet and Engineering Task Force) standards. These records are also required during zone transfers. When transferring zones, you need to send the DNS records from a primary server to a secondary server. During this process, the first record you must send is the SOA record. Your domain won’t work properly and a DNS Lookup can’t occur without DNS SOA records.
What is a Zone Serial Number?
The DNS zone is a particular segment of the DNS namespace. This can include a single domain, a single domain and multiple subdomains, or several domain names.
A zone serial number is a version number for your DNS domain. The zone serial number in the SERIAL segment is indicated in the below structure. When the serial number changes, the secondary server will know there are changes, and request a zone transfer.
The SOA Record Structure
A DNS SOA record contains vital information about a particular DNS zone or domain. This record is formatted in a structure that both servers and browsers can understand. Below is an example of an SOA record.
Let’s explain the format in the above SOA record structure.
- Name: This is the name of your domain. In the above example, it’s mywebsite.com
- Record Type: This section determines the DNS record type; in this case, it’s the SOA record.
- MNAME: The MNAME in the above format represents the domain’s primary server name.
- RNAME: This holds the administrator’s email address without the @ sign. So admin.mywebsite corresponds to [email protected]
- SERIAL: This is the number for the DNS zone Increase the serial value each time you make changes to your zone file to ensure that they’re propagated across all secondary DNS servers.
- REFRESH: This is the timeframe in seconds a secondary server waits before sending a query to the primary server SOA record for any new changes.
- RETRY: This is the time a server should wait after a failed refresh before sending a new query.
- EXPIRE: The period in seconds that a secondary server will continue to query the primary server for an update. When this time expires, the secondary server’s zone files expire, and it stops responding to queries.
- TTL: This is the time to live, and it applies to all records in the DNS zone.
What is a Zone Transfer?
This is a process where the DNS zone files on a primary server are copied to a secondary server. The SOA record in the DNS zone is always transferred first. Zone transfers provide fault tolerance by synchronizing zone files in a primary server with zone files in the secondary server.
A zone transfer is required in the following situations:
- If the primary DNS server is down, the secondary server will have an up-to-date copy of the DNS zone files and can successfully handle DNS resolution queries from DNS clients on the internet.
- If numerous DNS clients on the internet send queries simultaneously, you can balance the requests between the primary and secondary DNS servers.
- If a primary nameserver is at the end of the slot WAN network, a zone transfer allows secondary nameservers to handle resolution queries locally, thereby reducing network traffic.
- The secondary server initiates the zone transfer by querying the primary server to see whether there are changes in the primary DNS server zone files.
If any changes exist, it requests a zone transfer. When the refresh time on the server expires on the secondary DNS server, the below happens:
- The secondary DNS server gets the Start of Authority (SOA) record from the primary server.
- The secondary DNS server compares the serial version number of the newly received SOA record with its current version. If there’s a change, then it requests a zone transfer.
- All DNS zone files are transferred from the primary to the secondary servers in this process.
In this article, we’ve explored the meaning of SOA records and why you need to include them in your DNS domain. SOA or Start of Authority DNS records are vital information that allow your domain to function properly.
Without this record, zone transfers are impossible. The SOA record determines how fast the zone updates transfers from master servers to slave servers.
Now that you understand what SOA record means, make sure you configure it for all your domains. Stay tuned for more blog posts on DNS record types and use our free DNS Records Lookup tool to look up your domain’s DNS records.
The post What Is SOA Record In DNS? appeared first on EasyDMARC.
*** This is a Security Bloggers Network syndicated blog from EasyDMARC authored by EasyDmarc. Read the original post at: https://easydmarc.com/blog/what-is-soa-record-in-dns/