How many SOA records can a zone have?

Every DNS zone must have exactly one SOA record. It marks the beginning of the zone and contains metadata about the zone's authoritative configuration.

What is the SOA minimum TTL field for?

The minimum TTL field (now called negative caching TTL) specifies how long to cache negative responses like NXDOMAIN. It tells resolvers how long to remember that a domain doesn't exist.

SOA Record Core DNS

Q: What is an SOA record?

An SOA record (Start of Authority) is a mandatory DNS record containing essential information about a DNS zone, including the primary nameserver, administrator contact, serial number, and timing parameters for zone synchronization.

Q: What is the SOA serial number?

The serial number is a version number that must be incremented whenever the zone is updated. Secondary nameservers compare this value to determine if they need to refresh their copy of the zone.

The SOA record (Start of Authority) is a mandatory DNS record that contains essential information about a DNS zone. Every DNS zone must have exactly one SOA record, which defines the zone's primary nameserver, administrator contact, and timing parameters for zone synchronization.

Look Up SOA Records

Check SOA records for any domain using our free DNS lookup tool.

Look Up SOA Records →

What Is an SOA Record?

The SOA record marks the beginning of a DNS zone and contains metadata about the zone. It specifies:

Which nameserver is the primary (master) for the zone
Contact information for the zone administrator
A serial number used to track zone changes
Timing values that control how secondary nameservers sync
How long to cache negative responses (NXDOMAIN)

SOA Record Format

Example SOA Record

example.com.    3600    IN    SOA    ns1.example.com. admin.example.com. (
                                      2024011501  ; Serial
                                      7200        ; Refresh
                                      3600        ; Retry
                                      1209600     ; Expire
                                      3600        ; Minimum TTL
                                      )

SOA Record Components

Field	Example	Description
Primary NS (MNAME)	ns1.example.com.	The primary (master) nameserver for the zone
Admin Email (RNAME)	admin.example.com.	Administrator email (@ replaced with dot)
Serial	2024011501	Version number; must increment on each change
Refresh	7200	Seconds before secondary checks for updates
Retry	3600	Seconds before retry if refresh fails
Expire	1209600	Seconds before secondary discards zone data
Minimum TTL	3600	Default TTL for negative caching (NXDOMAIN)

Understanding Each Field

Primary Nameserver (MNAME)

The hostname of the primary (master) nameserver that holds the authoritative copy of the zone. Zone transfers originate from this server.

Administrator Email (RNAME)

The email address of the zone administrator, written with a dot instead of @. For example:

[email protected] → admin.example.com.

If the email contains a dot before the @, escape it with a backslash:

[email protected] → john\.doe.example.com.

Serial Number

A version number that must be incremented whenever the zone is updated. Secondary nameservers compare this value to determine if they need to refresh their copy.

Common serial number formats:

Date-based (recommended) — YYYYMMDDnn (e.g., 2024011501)
Unix timestamp — Seconds since 1970
Sequential — Simple incrementing number

Refresh Interval

How often (in seconds) secondary nameservers should check with the primary for zone updates. Typical values: 3600-86400 seconds (1-24 hours).

Retry Interval

If a refresh attempt fails, how long to wait before trying again. Should be less than the refresh interval. Typical: 600-3600 seconds.

Expire Time

If a secondary can't reach the primary for this long, it stops answering queries for the zone. Should be much longer than refresh. Typical: 1-2 weeks (604800-1209600 seconds).

Minimum TTL (Negative Caching)

Originally the default TTL for all records, this field now specifies how long to cache negative responses (NXDOMAIN — domain doesn't exist). RFC 2308 clarified this behavior.

SOA Record Values by Use Case

Scenario	Refresh	Retry	Expire	Min TTL
Stable domain	86400	7200	2419200	3600
Frequently updated	3600	600	604800	300
RFC 1912 recommended	7200	3600	1209600	3600

SOA Record Best Practices

Always increment serial — After any zone change, increment the serial number or secondaries won't update.
Use date-based serials — Format like YYYYMMDD## makes it easy to see when the zone was last updated.
Set reasonable timers — Balance between keeping secondaries current and not overwhelming the primary.
Keep valid admin email — The RNAME should be a monitored email address for zone-related issues.
Don't use short expire times — If your primary is down, you want secondaries to continue serving the zone.

Checking SOA Records

You can query SOA records using dig:

# Query SOA record
dig example.com SOA

# Get just the SOA values
dig example.com SOA +short

# Query from a specific nameserver
dig @ns1.example.com example.com SOA

SOA vs NS Records

Aspect	SOA Record	NS Record
Count per zone	Exactly one	Two or more
Purpose	Zone metadata	Lists authoritative nameservers
Contains	Primary NS, admin, timers	Nameserver hostname
Used for	Zone synchronization	Delegation

Troubleshooting SOA Records

Common issues and solutions:

Secondary not updating — Check that the serial number was incremented after zone changes.
Zone transfer failing — Verify the MNAME server allows zone transfers and is reachable.
Invalid RNAME format — Remember to replace @ with a dot in the email address.
Serial number overflow — If using date format, ensure you haven't exceeded the maximum (about 4 billion).
Stale secondaries — If expire is too short and primary is unreachable, secondaries stop serving the zone.

Check Your SOA Record

Use our DNS Record Finder to look up SOA records for any domain.