0

I performed an SOA nslookup on a domain and I am little confused by the exact meaning of the output (see below...names have been changed to protect the innocent):

;; QUESTION SECTION:
;MYDOMAIN.COM.  IN SRV

;; AUTHORITY SECTION:
MYDOMAIN.COM. 10800 IN SOA dns23429.dizinc.COM. somename.hotmail.COM. 2010072201 86400 7200 3600000 86400

So I understand that "dns23429.dizinc.com" is the authoritative DNS server but what is the meaning of the entry after that ("somename.hotmail.COM")? Is that another authoritative DNS server? I didn't think you could have two authoritative servers. In addition, why would it be on a machine at in the "hotmail.com" domain? That seems kind of strange doesn't it?

GregH
  • 291
  • 1
  • 2
  • 15

2 Answers2

4

The SOA start of authority record has several values.

From rfc1035

MNAME RNAME SERIAL REFRESH RETRY EXPIRE MINIMUM

MNAME  The <domain-name> of the name server that was the
  original or primary source of data for this zone.

RNAME  A <domain-name> which specifies the mailbox of the
  person responsible for this zone.

SERIAL  The unsigned 32 bit version number of the original copy
  of the zone. Zone transfers preserve this value. This
  value wraps and should be compared using sequence space
  arithmetic.

REFRESH  A 32 bit time interval before the zone should be
  refreshed.

RETRY  A 32 bit time interval that should elapse before a
  failed refresh should be retried.

EXPIRE  A 32 bit time value that specifies the upper limit on
  the time interval that can elapse before the zone is no
  longer authoritative.

So for that record.

MYDOMAIN.COM. 10800 IN SOA dns23429.dizinc.COM. somename.hotmail.COM. 2010072201 86400 7200 3600000 86400
  • MYDOMAIN.COM. - the name that the rest of the details apply to.
  • 10800 - TTL for this specific record if the question was to an authoritative server.
  • IN - the class of records (IN = Internet)
  • SOA - the type of the record (SOA = start of authority)
  • dns23429.dizinc.COM - is the primary source of the zone
  • somename.hotmail.COM - is the email address (someone@hotmail.com) of someone responsible for the zone
  • 2010072201 - is the serial number
  • 86400 - is the refresh value (how often secondaries will try and reload the zone if no notifies are sent)
  • 7200 - is the retry time (how long a secondary will wait between retries after a transfer failure)
  • 3600000 - is the expiration time (how long a secondary will keep a copy of the zone if it cannot contact the primary server)
  • 86400 - the default time to live for records. That is the maximum value a record should be cached by any other DNS servers.
Community
  • 1
Zoredache
  • 130,897
  • 41
  • 276
  • 420
1

"somename.hotmail.COM" is actually "somename@hotmail.COM" as the email contact.

user48838
  • 7,431
  • 2
  • 18
  • 14