Dns Soa Serial Number Format
I have set up an Ubuntu box and everything seems to be working. Website shows, SSL is enabled and I thought everything was as it should but doing a check on mxtoolbox and i get the following warning:
More Information About Dns Soa Serial Numbers Match As part of our DNS check, we request SOA (Start of Authority) records for your domain from each of your name servers. These records each have a serial number used for consistency checks between name servers. Your SOA serial number is used as a version number for your DNS zone. For all name servers to be up to date with current version of your zone, they must have the same SOA serial number. In order for zone transfer to occur to secondary name servers, an ACL must be configured with the correct IP addresses for AXFR secondary name servers.
SOA Serial Number Format is Invalid
The serial number is an unsigned 32 bit value assigned to your SOA record must be between 1 and 4294967295.
We will issue a warning if your serial is either invalid by being outside of the allowed range or if it does not conform to this format.
Is this something I have done or is this something related to the Digital Ocean NameServers?
- HollyRidgeSeptember 9, 2014
What is your SOA in the DNS record?
Try the site http://intodns.com/ to check your DNS records. That is one I use quite often. Its kinda similar to the old dnsreport before they ruined it.
- uadevOctober 23, 2014
Hi there!
I have the same issue. Just checked intodns.com and got that message: “Your SOA serial number is: 1413986340. This can be ok if you know what you are doing.” .
I don’t known what I’m doing :), so could someone please help us?
Thanks!
When testing the SOA setting for example-domain.org on http://mxtoolbox.com/, it says that
The entry is
That, however, is exactly what Amazon suggest in their Route 53 documentation on http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/SOA-NSrecords.html
mxtoolbox issues a warning - why? They also consider the missing DMARC settings as an error.
Please bear with me - I am not a sysadmin. Any hint that uses a language that a developer can understand is greatly appreciated.
Soa Record Dns
2 Answers
There is a recommendation that the SOA serial number use a format that is four digits of year, two digits of month, two digits of day and two digits of count of changes in the same day. This format is common, but far from universal (look at .COM for a high-profile example of a zone that doesn't). The tool you got the error message from is oversensitive and should be adjusted.
The Official Mystery Case Files Site. Learn more about the world's #1 Hidden Object Game. Try Mystery Case Files for free today! New mystery case files game.
The SOASERIAL field is specified to be an an unsigned integer value that has special rules for how it wraps around, and consequently also for how serial numbers are compared, etc.
RFC1035 defines this field as:
SERIAL
The unsigned 32 bit version number of the original copy of the zone. Zone transfers preserve this value. This value wraps and should be compared using sequence space arithmetic.
The arithmetic of serial numbers is explained in detail in RFC1982.
Anyway, the popular YYYYMMDDnn 'format' is just a convention for picking integer values such that, when written out in decimal, convey some meaningful information to humans (may be helpful when troubleshooting). The use of such values have no special meaning in the system itself and using values that do not follow this convention is not an error.