The SOA record
The SOA (start of authority) record contains information about the DNS zone, which is a part of the hierarchy of domains that makes up the Domain Name System.
It contains the following fields, in order:
- The name of the primary nameserver for this zone.
- The e-mail address of the party responsible for the zone.
(This is encoded where the first
- The internal serial number for this domain.
- The duration after which the zone should be refreshed.
- The duration before a failed refresh operation should be retried.
- The duration after which this zone should no longer be considered authoritative.
- The TTL for how long to cache the non-existence of domains inside this zone.
Here, we specifically query for
CNAME records for
The result is a nameserver administered by ICANN, along with the six other values.
$ dog SOA example.com SOA example.com. 1h00m00s "ns.icann.org." "noc.dns.icann.org." 2019121373 2h00m00s 1h00m00s 14d0h00m00s 1h00m00s
SOA records in the Authoritative section
SOA records are commonly seen when querying a domain that does not exist — even when the query is not asking for
SOA records specifically.
Here, we search for the nonsense domain name
Because there is no
moeuisn TLD, the DNS server responds with the names of the DNS root servers instead.
$ dog aotenhisou.osteouaou.moeuisn Status: NXDomain SOA example.org. 1h00m00s A "a.root-servers.net." "nstld.verisign-grs.com." 2020041702 30m00s 15m00s 7d0h00m00s 1d0h00m00s
To prevent these records being mistaken for a correct answer, they are placed in the Authoritative section of the response, specified in dog’s output by the