The SOA record (Start of Authority) is a mandatory DNS record that marks the beginning of a DNS zone and contains administrative information about it. There is exactly one SOA record per zone and it is returned first in any DNS zone transfer.
SOA Record Format
example.com. 86400 IN SOA ns1.example.com. admin.example.com. (
2024010101 ; Serial number
3600 ; Refresh (1 hour)
900 ; Retry (15 minutes)
604800 ; Expire (1 week)
3600 ; Minimum TTL (1 hour)
)SOA Record Fields
- Primary nameserver — The master DNS server for the zone.
- Responsible mailbox — Admin email address (dots replace @, so
admin.example.com=[email protected]). - Serial number — Incremented each time the zone is updated. Secondary servers use this to detect changes.
- Refresh — How often secondary servers check for zone updates.
- Retry — How long to wait before retrying a failed refresh.
- Expire — How long secondary servers keep serving the zone if they cannot reach the primary.
- Minimum TTL — Default TTL for records in the zone (also used as negative cache TTL for NXDOMAIN responses).
Practical Relevance
Most website owners never directly edit SOA records — DNS providers manage them automatically. However, understanding the SOA serial number is important when troubleshooting zone transfer failures in self-managed DNS setups.