For any internet user, it goes without saying that they need to enter a website’s URL in the browser in order to arrive at their desired homepage. They don’t notice that the computer actually establishes the connection with an IP address. This is due to the Domain Name System (DNS) and its name resolution function. Here, the domain’s name is resolved into the required number sequence. For the system to function, the name servers must have zone files. In turn, these simple text files contain numerous DNS records that enable the DNS in the first place.
The DNS recognizes more than 100 different types of records. In our detailed article on DNS records, we have listed them all and explain the rationale used to determine them.
The most well-known, of course, are A records. This is because the actual name resolution occurs in these records. In addition, there are also PTR records, which enable reverse DNS, or MX records for email communication. But what are SOA records intended for?
The DNS is a decentralized, hierarchical system: Name servers don’t supply information to just any server on the internet, but to those located in an allocated zone. For this purpose, the DNS server administers zone files. These are simple text files in which all of a zone’s DNS records are listed. In order to establish the different authorities, each zone file must contain an SOA record. SOA thus stands for Start of Authority. The record accordingly provides information on a number of issues, such as whether or not the addressed server is even responsible for the request.
The SOA record is especially important in the case of server clusters. Instead of shouldering the load for all requests, the requests are distributed among different devices. In order for the zone files to remain current on all servers, a zone transfer must be performed regularly. To achieve this, the “slaves” (i.e. servers situated lower on the hierarchy) synchronize their data with that of the “master” server. The way the zone transfer is supposed to proceed is regulated by the SOA record. For this purpose, this type of DNS record receives various types of information.
DNS records generally consist of several fields. In these you’ll find all the relevant information. In comparison to other types, the SOA record has many fields:
The first three fields are typical for DNS records. The zone name is a domain name in the form of a Fully Qualified Domain Name (FQDN). This means that the specification – different from what you may recognize from a URL – ends with a period. The reason for this is that an FQDN shows the domain’s complete hierarchical structure, which has a root directory at the end. This is of course empty, which is why only the separating period remains. You’ll find this notation in all DNS domain names as well as in the MNAME and RNAME fields.
The class field has only historical relevance and for this reason is simply omitted in many cases. When DNS was being developed, there was also the Hesiod (HS) and Chaos (CH) projects. Both are now obsolete, which is why only the internet with the IN abbreviation can be utilized in this field. The type refers to the kind of DNS record being used, so in this case, SOA.
MNAME is also known as primary master and specifies which server is located above the slave. This is so that the name server is defined through which the subordinate server must attempt a zone transfer. When formatting the email address in the RNAME field, there are some specific features to take into account. An @ symbol is not permitted in the notation. Instead, a period separates the local part (e.g. the user name) from the domain. Should there be a period before the @ symbol in the original email address, one must denote this with a backslash (\).
The serial number must be incrementally increased with each change made to the zone file. Two versions have become established. On the one hand, a simple process can begin at 1 and with each change to the serial number be increased by 1. With this option, the number of changes already made can be read from the serial number.
The other option is choosing a date format: YYYYMMDDVV. One begins with a four-digit year specification, followed by the month and day (each comprising two positions) and ends the specification in turn with a two-digit version number. In this format, one can thus identify the date the version was created. With each change that is made on the same day, the version number increases by one. On a new day, the serial number adjusts to the appropriate place and the version number is reset to 00.
The SOA record ends with three to four time specifications – each in seconds. The first field (“Refresh”) specifies the time lag until the slave again asks the master for a current version of the zone file. Should this request go unanswered, the “Retry” field regulates when a new attempt is to be carried out. It is important for this specification to be smaller than the previous one.
If the server that’s situated lower in the hierarchy receives no further replies, the third time specification (“Expire”) determines how long the zone file may still be used before the server refuses DNS information delivery. Should the server continue to send old zone file data to the clients submitting requests, it may no longer be valid. This may lead to connection issues and security risks.
The “Minimum” field completes the record. This corresponds to the time to live, as you may be familiar with from other DNS record types. It specifies how long a client may hold the requested information in the cache before a new request must be sent. Most of the time, however, the TTL is set for the entire zone with the $TTL directive. Once this is done, it doesn’t have to be performed separately for each entry. The zone name can also be determined as early as the beginning of the file, then assigned the $ORIGIN directive.
The entry always appears at the beginning of the zone file.
<name> <class> <type> <mname> <rname> <serial> <refresh> <retry> <expire> <minimum>The fields can simply be listed one after the one on a line. While this is not very complex with other entry types, the SOA record is rather comprehensive in comparison. In order to create more clarity, the fields are usually arranged in nests and underneath each other.
$ORIGIN
$TTL
@ <class> <type> <mname> <rname> (
<serial>
<refresh>
<retry>
<expire>
<minimum>
)This notation is used to determine the TTL and domain name upfront. The @ symbol at the beginning of the record refers to the origin directive. In order to nest the time specifications and to divide them among several lines, parentheses are introduced.
No zone file is valid without an SOA entry at the beginning. In practice, SOA records look like this:
$ORIGIN example.org.
$TTL 1750
@ IN SOA master.example.org admin\.master.example.org (
2019040502 ; serial
86400 ; refresh
7200 ; retry
3600000 ; expire
1750 ; minimum
)
IN NS a.iana-servers.net.
www IN A 93.184.216.34In this zone file snippet, you can see how – in order to make the placement clearer – we have entered more information than just the SOA record. The file begins with the domain name specification (in this case, example.org) and the TTL. This is then followed by the SOA record. Because we have already determined the zone in the $ORIGIN directive, the @ symbol is sufficient here as a reference.
The zone’s (notional) master follows immediately after the network class and record type specifications, which are in turn followed by the admin email address. The period is enabled through the backslash – in this case a masking character. The next period then replaces the @ symbol for the actual address; the following one, as usual, defines the top-level domain (TLD). Using a bracket, you can open the nested area which can then be divided among several lines. However, it is also possible to write all values behind one another and to only separate them with empty spaces.
In this example, we have written the definitions for the specific values behind them. These are only comments that can be selected themselves or simply omitted. In the case of DNS records, a semicolon can be used to mark those comments that are solely intended for human users.
The bracket must be closed at the end of the SOA record.
Subsequently, we have also included a NS record and an A record in the zone file example. You can see that the SOA record must be placed before all the other records – but not before the domain and TTL directives.
If you would like to check a website’s SOA record, you can install special software or simply use a web service. With Google Public DNS, the search engine provider’s DNS server, the SOA record check runs quickly and smoothly: You simply enter the relevant domain on the product’s website. On the following page, you already receive a result, though only for the A record. You can therefore select SOA in the appropriate field and run another search at the touch of a button.
Public DNS also offers additional options: EDNS Client Subnet is a function for establishing more efficient connections with DNS. This is currently only being offered by Google and OpenDNS. DNSSEC in turn guarantees that the information received via DNS really comes from the originator. Data that is transferred without these security measures can theoretically be manipulated by third parties. You can leave both options unaltered for a simple SOA record check.
The request is performed under “Question”. The request result can be found under “Answer”. In the answer’s data field, you can recognize the master server, the responsible person’s email address and the time specifications. What is noticeable here is that the last value (minimum) corresponds to the specification under TTL down to a second. This second has presumably already passed, which is why it results in a minimum discrepancy.
The specification under the “type” item illustrates a specific feature: Instead of the SOA designation, you can find the number 6 both in the request and reply. The Internet Assigned Numbers Authority (IANA) has assigned each DNS record type with an individual value. Even record types that are not used or are no longer used have a number. This results in a nearly seamless list of the different types. In this system, SOA records have the number 6.
Anyone who doesn’t want to use the Google service also has a number of other options available that enable an SOA record check, such as MxToolbox, DNS Check, and DNS Lookup.
Without the Domain Name System, the internet as we know it today would be inconceivable. The system for name resolution itself, is based on DNS records. In these simply structured records in normal text files, a name is stored for each IP address. However, DNS records can do more than this. Also known as resource records, various types of them exist.
The Domain Name System makes it easy for every user to navigate the internet. One of its most important components are A records, which link a domain name to an individual IP address. Only a line of text is needed. But what does this kind of record look like, and how can you perform an A record check?
PTR records turn the DNS on its head: Instead of getting from a domain name to the corresponding IP address – as is normally the case – with reverse DNS the opposite occurs. Which domains belong to an IP address? You can acquire this information using PTR records, which are a special type of DNS record. How do the DNS records need to be structured for this?
The Domain Name System and name resolution enable hassle-free surfing for users on the World Wide Web. Here, the DNS has recourse to several types of resource records. One of these is CNAME. This allows different domains to be linked together with one IP address. But how do CNAME records work and how can you check the records?
TXT records are a highly flexible type of DNS resource record which can be used for a wide variety of purposes, such as verifying the domain for Google services like Google Analytics or providing the public key for the DKIM signature, to name just a few examples. We’ll explain what TXT records are, how to create them and how to look them up.
Provide powerful and reliable service to your clients with a web hosting package from IONOS.
View packages