The Anatomy of a DNS Zone File: SOA Record


Part ONE What is a Start of Authority (SOA) Record and What Does it Do? The first resource record in any Domain Name System (DNS) zone file is the Start of Authority (SOA) resource record. The SOA resource record is an essential part of the DNS zone file, it indicates the basic properties of the domain name server and the zone that the domain is in. Each zone file can contain only one SOA record. The SOA record is broken down into the following fields. (Please refer to the example below: each section is color-coded to match it’s corresponding field definition) ;; QUESTION SECTION: ; IN SOA ;; ANSWER SECTION: 565 IN SOA 600 300 604800 600

  1. name- The root name of the zone.
  2. TTL- Time-to-Live, is the length of time for when a zone file is set to expire. This is usually expressed in a number of seconds.
  3. class- Defines the class of record. IN stands for the Internet.
  4. name-server: The Name of the primary name server for the zone
  5. email-addr: The E-mail Address of the individual who is in charge of the domain. This is the person that emails should be directed to in order to report errors or problems with the domain.
  6. sn = serial number: The Serial Number for the zone. This number helps keep track of changes that have been made to the DNS zone file. The number has to increment when changes are made. The standard convention is YYYYMMDDnn, where YYYYMMDD is the date of revision and nn is the revision number (in case there are multiple revisions for the day). So, today’s first revision would be 2011030200 and the second would be 2011030201.
  7. refresh: The time a secondary DNS server waits before checking to see if there are changes to the zone.
  8. retry: The time the secondary DNS server should wait before retrying to check if there have been changes to the zone (if the first refresh fails).
  9. expiry: The time in seconds before the secondary DNS server should stop responding to queries for the zone.
  10. min=minimum: The minimum time-to-live (TTL). This value is supplied in query responses by servers for the zone to inform others how long they should cache a resource record provided in an answer.

A properly optimized and updated SOA record can reduce bandwidth between name servers, increase the speed of website access and ensure the site is live, even when the primary DNS server is down. Please leave any questions or comments below… Check out Part 2 and Part 3 of this series:

Part Two: What are NS Records and Why Are They Important to DNS

Anatomy of a DNS Zone File Part Three: MX Records Hit By Major DDoS Attack!

Early this morning, three of’s data centers were successfully taken down by a major DDoS attack. WordPress is describing it as the largest one in it’s history. The following is an excerpt from their blog

“ is currently being targeted by a extremely large Distributed Denial of Service attack which is affecting connectivity in some cases. The size of the attack is multiple Gigabits per second and tens of millions of packets per second.
We are working to mitigate the attack, but because of the extreme size, it is proving rather difficult. At this time, everything should be back to normal as the attack has subsided, but we are actively working with our upstream providers on measures to prevent such attacks from affecting connectivity going forward. We will be making our VIP sites a priority in this endeavor, and as always, you can contact us via for the latest update. We will also update this post with more information as it becomes available.”

DDoS attacks happen. Is your business protected?  What can help your business survive a DDoS attack? Anycast. Anycast is a routing and networking method.  In this method, the same IP address is allocated to multiple name servers or hosts that all behave the same way, carry the same content and are capable of answering the same queries.  These name servers are located in various locations across the globe. Anycast automatically directs your customers to the name server that is located closest to them.

So, why is Anycast DNS so important?

Anycast makes DNS more reliable. Instead of traffic being sent to one name server, traffic is diverted to many different name servers.  If one server is congested, another server can take some of the load.

Anycast improves performance. We are a generation of instant gratification and one of my biggest pet peeves is waiting for a website to load. With Anycast, your customers can connect to a name server that is located closest to them, therefore reducing the amount of time it takes to receive the query. If the name server is located in California all queries from the west coast will be fast, but if the query is from New York, the queries will be slow, and queries from London will be even slower.  Anycast solves this problem and assures that all of your traffic is fast, no matter where the query is coming from.

Increase resilience to Internet Based Attacks. With multiple name servers available, attacks are mitigated and often concentrated to one server, rather than taking down the entire network.  Queries can be diverted to another name server in this instance, therefore causing no interruption of service.

Maintenance can be performed without any interruptions in service. During regular maintenance, DNS traffic is simply routed to the next available name server, therefore your customers are never without service.

Anycast DNS is great way to improve performance and resiliency of your network.

Since 2007, No-IP has been using IP anycast on some of our name server (NS) records. In the coming months all Managed and Backup DNS NS records will use anycast. Contact us today to learn more about what has to offer and how we can help implement Anycast DNS for your business!

Have Questions or Need Help? Check Out These No-IP Support Tips

At No-IP, we strive to be one of the best in our industry at providing A+ support to all of our customers. Please follow these No-IP support tips when you have any issues or concerns with our service. Also,have you seen our Guides and FAQs? They’re really cool, honest! A lot of common issues and questions can be answered from these guides.

The phone lines may be busy at times, so please leave us a message and the next representative will call you back as soon as possible. I cannot stress enough that our paid users SHOULD ALWAYS CALL technical support when possible, believe me when I say that your issue is important to us and we can respond fastest when we’re speaking with you directly.

But What If…
You don’t have a phone (really?) or you aren’t a paying customer? In this case, please submit a Support Ticket, it WILL take longer for us to respond to a ticket, but we will get an answer to you as quickly as we can. Tickets are responded to in the order in which they were received.

Please remember to include the following when submitting Support Tickets:

  • Subject Line: Provide either your email address or domain/host name.
  • Body: Be as descriptive as possible about the issue, what’s occurring, etc. Explain what you have already tried. (Because lets face it, I know there’s nothing more annoying than someone telling you to try what you have already done.) Also, please include what software is used in conjunction with your domain/hostname, if any.

What About E-mail?
Please do not submit support questions via email unless you have one of our Support Technicians direct email addresses. Any messages sent to other addresses will most likely be lost, forever.

We Want to Hear From You!
If you have any suggestions for guides, please let us know! Leave comments below or send then over to

IPv6 Implementation Roll-out in the Works

In the past few decades, the online world has grown in an astounding pace.  The current Internet addressing system, Internet Protocol Version 4 (IPv4), which uses 32-bit (four-byte) addresses and supports approximately 4 billion unique IP addresses, is running out of space. As of January 4th there was less than 3% of address space available.   To continue providing support to an increasing number of connections, a new Internet addressing system, Internet Protocol Version 6 (IPv6), is being rolled out to networks worldwide.

As a leader in Managed DNS, No-IP is making great strides to ensure our v6 users are well-supported during this transition.  We have already implemented the IPv6 technology on one of our anycast name server clouds with plans to roll-out additional IPv6 support capabilities on all networks throughout 2011.   Our team is dedicated to being at the forefront of this industry-wide transition, and strive to support our users with 100% uptime throughout the use of IPv6 and into future versions of internet protocol.

Privacy Concerns? Six Tips for Conducting Safer Online Activity

You wouldn’t leave your bank or credit card statements out on the table, so why should your confidential online activity be any different?   Deleting your browser cookies is always a best practice, but even that will only get you so far.

Here are some quick and easy tips to help safeguard your privacy when surfing online:

  1. Use unique passwords for all of your online accounts.   This sounds simple enough, but given the increasing number of accounts we sign up for online, it can be tough advice to follow (especially if you’ve got over 50 passwords to remember).  Quick tip: keep a password protected Excel file of all your account passwords, so you really only have to remember 1 password to access all of your online accounts.
  2. Install a reputable browser addon to alert you of potential privacy threats.  It’s easy to miss the fine print when browsing online, and add-ons such as BetterPrivacy (via Firefox) can help alert you to any possible dangers you may have overlooked.
  3. Be sure to read through the privacy agreements on all websites, opting out where necessary.  Social media and other free online networking sites are notorious for collecting and distributing your personal information to third parties.  Before signing up for a new account, be sure to read through the privacy agreement and “opt-out” of any permissions or requests to use your information for marketing purposes.
  4. Beware of social gaming applications and other freeware services.  Facebook apps such as Farmville, Jungle Jewels, etc. have taken a hit recently due to user complaints regarding privacy.  Before you sign up to play, be sure to read the reviews and fine print.
  5. Be careful what information you choose to share with who.  This goes without saying, but it’s easy to forget how many “friends” we’ve added to our social networks that aren’t necessarily our friends.  Before you list your address out for a birthday party or tell people you’ll be out of town for awhile with an unattended house, double check who’s on the receiving end of that message and tailor it appropriately.
  6. Look for SSL certificates on websites (especially e-commerce sites).  When making a purchase online or sharing confidential information such as SSN #s, DOBs, etc. make sure the website has a Secure Sockets Layer (SSL) certificate.  This ensures the information you share with the site is secure and will not be compromised.

With these few tips put to practice, you’ll be well on your way to a safer, more spam-free and secure online experience.