• Choose a category
• All
• Classic-Fiction

Each zone has exactly one SOA record. The zone continues until another SOA is encountered. The SOA record includes the name of the zone, a technical contact, and various timeout values. An example:

; Start of authority record for cs.colorado.edu

@ IN SOA ns.cs.colorado.edu. admin.cs.colorado.edu. (

1999121501 ;Serial

21600 ;Refresh, 6 hours

1800 ; Retry, 30 minutes

1209600 ; Expire, 2 weeks

432000 ) ; Minimum, 5 days

Here, the name field contains the symbol @, which is shorthand for the name of the current zone. In this example, “cs.colorado.edu.” could have been used instead. The value of @ is the domain name specified in the zone statement in the named.conf file; it can be changed from within the zone file with the $ORIGIN parser directive (see page 453).

This example has no ttl field. The class is IN for Internet, the type is SOA, and the remaining items form the data field.

“ns.cs.colorado.edu.” is the zone’s master name server.

“admin.cs.colorado.edu.” is the email address of the technical contact in the format “user.host.” rather than the standard user@host. Just replace that first dot with an @ and remove the final dot if you need to send mail to a domain’s administrator. Sites often use an alias such as admin or hostmaster in place of an actual login name.

The parentheses continue the SOA record over several lines. Their placement is not arbitrary in BIND 4 or 8—we tried to shorten the first line by splitting it before the contact address, but then named failed to recognize the SOA record. In some implementations, parentheses are only recognized in SOA and TXT records. BIND 9 has a better parser and parentheses can be used anywhere.

The first numeric parameter is the serial number of the zone’s configuration data. The serial number is used by slave servers to determine when to get fresh data. It can be any 32-bit integer and should be incremented every time the data file for the zone is changed. Many sites encode the file’s modification date in the serial number. For example, 2000123101 would be the first change to the zone on December 31, 2000.

Serial numbers need not be continuous, but they must increase monotonically. If by accident you set a really large value on the master server and that value is transferred to the slaves, then correcting the serial number on the master will not work. The slaves request new data only if the master’s serial number is larger than theirs.

There are three ways to fix this problem. BIND 4.9 and BIND 8 include a hack that lets you set the serial number to zero for one refresh interval and then restart the numbering. The zero always causes a reload, so don’t forget to set it to a real value after each of the slaves has reloaded the zone with serial number 0. A sneaky but more tedious way to fix the problem is to change the serial number on the master, kill the slave servers, remove the slaves’ backup data files so they are forced to reload from the master, and restart the slaves. A third way to fix the problem is to exploit properties of the sequence space in which the serial numbers live. This procedure involves adding a large value to the serial number, letting all the slave servers transfer the data, and then setting the serial number to just what you want. This weird arithmetic, with explicit examples, is covered in detail in the O’Reilly DNS book; RFC1982 describes the sequence space.

It is a common mistake to change the data files but forget to update the serial number. named will punish you by failing to propagate your changes to slave servers.

The next four entries in the SOA record are timeout values, in seconds, that control how long data can be cached at various points throughout the world-wide DNS database. These values represent a tradeoff between efficiency (it’s cheaper to use an old value than to fetch a new one) and accuracy (new values are more accurate).

The first is the refresh timeout, which specifies how often slave servers should check with the master to see if the serial number of the zone’s configuration has changed. Whenever