What do values in SOA record affect?
I am complete newbie in DNS world and I am moving our office subnet to another domain. Our DNS is using PowerDNS solution with MySQL backend.
I am unsure whether the SOA record for our domain is written correctly. Assuming the domain name is example.com and internal office infrastructure domain is office.example.com, office nameservers are ns0.office.example.com and ns1.office.example.com, then our SOA looks like (in MySQL records table):
ns0.office.example.com. hostmaster.office.example.com. 2013111504 28800 14400 2419200 86400
The values for refresh etc are taken from old configuration and it is not clear whether those values are standard or not.
Question: From all resources I could find on internet i still did not understand what will SOA record affect. Can someone please explain what do first two values affect? What is hostmaster value for? Old config has it as well, but there is no such host on our subnet and no DNS record for this host.
From RFC 1033 one of the core DNS RFC's (the DNS Wikipedia page has a nice list)
SOA (Start Of Authority)
<name> [<ttl>] [<class>] SOA <origin> <person> (
<serial>
<refresh>
<retry>
<expire>
<minimum> )
The Start Of Authority record designates the start of a zone. The one ends at the next SOA record.
<name>
is the name of the zone. (Comment: typically the domainname example.com or office.example.com)
<origin>
is the name of the host on which the master zone file resides. (Comment: the primary name server)
<person>
is a mailbox for the person responsible for the zone. It is formatted like a mailing address but the at-sign that normally separates the user from the host name is replaced with a dot. (Comment: [email protected] becomes hostmaster.office.example.com)
<serial>
is the version number of the zone file. It should be incremented anytime a change is made to data in the zone. (Comment: common is a timestamp like string yyyymmdd(hhmm)
<refresh>
is how long, in seconds, a secondary name server is to check with the primary name server to see if an update is needed. A good value here would be one hour (3600).
<retry>
is how long, in seconds, a secondary name server is to retry after a failure to check for a refresh. A good value here would be 10 minutes (600).
<expire>
is the upper limit, in seconds, that a secondary name server is to use the data before it expires for lack of getting a refresh.
You want this to be rather large, and a nice value is 3600000, about 42 days.
<minimum>
is the minimum number of seconds to be used for TTL value in RRs. A minimum of at least a day is a good value here (86400).
There should only be one SOA record per zone. A sample SOA record would look something like:
@ IN SOA SRI-NIC.ARPA. HOSTMASTER.SRI-NIC.ARPA. (
45 ;serial
3600 ;refresh
600 ;retry
3600000 ;expire
86400 ) ;minimum
The SOA records can be fitted on a single line.