Start Of Authority (SOA) Record
The Start Of Authority (SOA) record is a special resource record included in every database file (also called zone files). The SOA record supplies certain basic information about the zone. An SOA record is included in both forward and reverse zone files.
zippo.net. IN SOA apollo.zippo.net. james.zippo.net.
1999102003 ; Serial Number
14400 ; Refresh every 4 hours
3600 ; Retry in 1 hour
604800 ; Expire in 1 week
86400 ; Minimum TTL of 1 day
The above Start Of Authority (SOA) resource record identifies that our nameserver 'apollo' is the primary authoritative server for this domain, and that james@zippo.net is the e-mail address of the DNS Administrator for the domain. The settings in the SOA resource record affect solely nameservers that query the authoritative nameserver for domain or hostname information.
The SOA resource record should be followed by one nameserver resource record for each nameserver that is authoritative for that domain, which in turn should be followed by Address resource records defining the IP addresses of the nameservers.
A properly configured zone file with matching Start of Authority, nameserver and Address resource records will look something like this:
zippo.net. IN SOA apollo.zippo.net. james.zippo.net.
1999102003 ; Serial Number
14400 ; Refresh every 4 hours
3600 ; Retry in 1 hour
604800 ; Expire in 1 week
86400 ; Minimum TTL of 1 day
;
; Primary Nameserver
zippo.net. IN NS apollo.zippo.net.
;
; Secondary Nameserver
zippo.net. IN NS hermes.zippo.net.
;
; Address Records for the Nameservers
apollo.zippo.net. IN A 199.144.219.10
hermes.zippo.net. IN A 199.144.218.10
According to the SOA resource record above, the secondary authoritative nameserver (lets call it "Hermes") will attempt to get a copy of the zone file from the primary authoritative nameserver every four hours and the secondary nameserver will try again once an hour until it can successfully retrieve the db.zippo.com zone file. If Hermes is unable to retreive the domain after 1 day, it will no longer provide the answers contained in this zone, but Hermes will still have the information in it's cache. If, after 1 week, Hermes is still unable to reach the primary authoritative nameserver to download the zone, it will delete the zone file information from cache.
Note that host names are completely up to the administrator. It is not necessary to name a host according to it's function to get name resolution to work, nor must the host name configured on the host itself match the name in DNS. (ie. it is not necessary to call a nameserver ns.domain.com, or a mail server mail.domain.com). Host names are usually completely arbitrary, but for sanity's sake, administrators usually make sure that the names configured on hosts and the names in DNS match.
Also note that the ';' character is used within a zone file to indicate comments and are ignored by the DNS software.
Serial Number
The serial number is used to indicate which copy of the zone file is the most current. If the Primary nameserver's serial number is less than or equal to the secondary nameserver's serial number, no transfer of the zone file from the primary authoritative nameserver to the secondary authoritative nameserver will take place. It is common to use a date/version format for the serial number such as YYYYMMDDVV for Year Month Day and Version. In the example above, the file was modified the 20th of October, 1999, and this is the third version of the file produced that day. When editing zone files, you must increment the serial number by one make sure the secondary authoritative nameserver performs an update.
Refresh
The refresh value determines the interval between successful zone transfers of the entire zone file from the primary nameserver to the Secondary nameservers. The number indicates the number of seconds betwen refresh attempts.
Retry
If a zone transfer to refresh the zone file data fails, it will wait the designated number of seconds listed in the retry field to perform additional attempts to load the zone file. More than one attempt an hour is considered poor netiquette if someone else is providing secondary DNS for your domain as this creates extra queries to the nameserver and extra load.
Expire
When a zone transfer fails, a countdown clock begins. When the number of seconds set in the expire field elapses, the nameserver stops answering for that zone file. It is assumed that if the secondary nameserver cannot get the information from primary authoritative nameserver in this period of time, the data is incorrect or out of date.
Minimum TTL
The Minimum Time to Live is the number of seconds an external caching nameserver should keep any responses from the nameserver (apollo in our example). If ns.berkeley.edu queried our apollo.zippo.net nameserver, ns.berkeley.edu would delete the answer after holding it in it's cache for 1 day.