SOA
Start of Authority
The SOA record is the administrative record at the top of every DNS zone. Learn what each field means and why the serial number matters.
Record Type
SOA
Category
Zone Management
Zone Management
RFC
RFC 1035
RFC 1035
Email Relevant
Indirect
Indirect
Format
SOA <primary-ns> <admin-email> <serial> <refresh> <retry> <expire> <minimum>
Example
SOA ns1.example.com. admin.example.com. 2024010101 3600 900 604800 300
TTL Guidance
SOA TTL itself is typically 3600 s; the minimum field controls negative caching (300–900 s recommended)
SOA TTL itself is typically 3600 s; the minimum field controls negative caching (300–900 s recommended)
💬 What This Record Does
Every DNS zone has exactly one SOA (Start of Authority) record. It identifies the primary nameserver for the zone, provides the administrator's contact email (with "@" replaced by "."), and contains timing values used by secondary nameservers. The serial number is incremented each time the zone changes — secondary nameservers compare their serial to the primary's; if the primary is higher, they fetch an updated zone. The minimum TTL field controls how long resolvers cache negative answers ("this record does not exist").
Common Uses
- Diagnosing zone transfer problems between primary and secondary nameservers
- Checking whether a zone update has propagated (serial number verification)
- Tuning negative caching with the minimum TTL field
⚠️ Watch Out For
- Most DNS providers manage the SOA automatically — editing it manually can break zone transfers.
- If your serial doesn't increment on each change, secondary nameservers won't pick up updates.
- A very high minimum TTL (negative caching) means resolvers cache "record not found" for a long time, slowing propagation of new records.