“SOA record”的意思、由来-开放百科全书

词条 SOA record

释义

Background
Structure
Sample SOA record in BIND syntax
Serial number changes
References

A Start of Authority record (abbreviated as SOA record) is a type of resource record in the Domain Name System (DNS) containing administrative information about the zone, especially regarding zone transfers. The SOA record format is specified in RFC 1035.^[1]

Background

Normally DNS name servers are set up in clusters. The database within each cluster is synchronized through zone transfers. The SOA record for a zone contains data to control the zone transfer. This is the serial number and different timespans.

It also contains the email address of the responsible person for this zone, as well as the name of the primary master name server.

Usually the SOA record is located at the top of the zone. A zone without a SOA record does not conform to the standard required by RFC 1035.

Structure

name

name of the zone

IN

zone class (usually IN for internet)

SOA

abbreviation for Start of Authority

MNAME

Primary master name server for this zone

UPDATE requests should be forwarded toward the primary master^[2]
NOTIFY requests propagate outward from the primary master^[3]

RNAME

Email address of the administrator responsible for this zone. (As usual, the email address is encoded as a name. The part of the email address before the @ becomes the first label of the name; the domain name after the @ becomes the rest of the name. In zone-file format, dots in labels are escaped with backslashes; thus the email address john.doe@example.com would be represented in a zone file as john\\.doe.example.com.)

SERIAL

Serial number for this zone. If a secondary name server slaved to this one observes an increase in this number, the slave will assume that the zone has been updated and initiate a zone transfer.

REFRESH

number of seconds after which secondary name servers should query the master for the SOA record, to detect zone changes. Recommendation for small and stable zones:^[4] 86400 seconds (24 hours).

RETRY

number of seconds after which secondary name servers should retry to request the serial number from the master if the master does not respond. It must be less than Refresh. Recommendation for small and stable zones:^[4] 7200 seconds (2 hours).

EXPIRE

number of seconds after which secondary name servers should stop answering request for this zone if the master does not respond. This value must be bigger than the sum of Refresh and Retry. Recommendation for small and stable zones:^[4] 3600000 seconds (1000 hours).

TTL, a.k.a. MINIMUM

Time To Live for purposes of negative caching. Recommendation for small and stable zones:^[4] 172800 seconds (2 days). Originally this field had the meaning of a minimum TTL value for resource records in this zone; it was changed to its current meaning by RFC 2308.^[8]

Sample SOA record in BIND syntax

$TTL 86400@   IN  SOA     startech60serve root.startech60serve.com (        2018110201  ;Serial        3600        ;Refresh        1800        ;Retry        604800      ;Expire        86400       ;Minimum TTL)        IN  NS      startech60serve        IN  A       192.168.1.3        IN  MX 10   startech60servestartech60serve     IN  A       192.168.1.3

Serial number changes

Two methods have been established for updates to the SERIAL field of a zone's SOA record:

The serial number begins at 1, and is simply incremented at every change.
The serial number contains the date of the last change (in ISO 8601 basic format) followed by a two-digit counter (e.g. 2017031405 = the fifth change dated March 14, 2017). This method is recommended in RFC 1912.^[9]

References

^[1]^[2]^[3]^[4]^[5]^[6]

1 : DNS record types

随便看

开放百科全书收录14589846条英语、德语、日语等多语种百科知识，基本涵盖了大多数领域的百科知识，是一部内容自由、开放的电子版国际百科全书。