DNSPROBLEM.com

DNS Problem Checker

Zone Management

Zone data, SOA serials, primary/secondary nameservers, and zone transfers.

SOA Serial

The SOA serial is traditionally a version number for a DNS zone. Secondary nameservers use it to decide whether they need to transfer a newer copy of the zone from the primary nameserver. When authoritative nameservers disagree on the serial, it can point to stale or unsynchronised zone data.

Some large DNS platforms do not use serial numbers in the traditional primary-to-secondary transfer model, and may distribute records through databases or internal replication systems instead. In those environments, inconsistent serials can still be a useful warning sign, but the most important test is whether all authoritative nameservers return the same correct records.

SOA Record

The SOA record, or Start of Authority record, contains administrative information about a DNS zone, including its primary nameserver, responsible mailbox, serial number, and timing values used by secondary nameservers.

Primary Nameserver

In a traditional DNS setup, the primary nameserver is the source of truth for a zone. Secondary nameservers copy zone data from the primary.

Secondary Nameserver

A secondary nameserver serves authoritative answers for a zone after copying the zone data from a primary nameserver, often using AXFR or IXFR transfers.

Zone File

A zone file is the file or data set containing DNS records for a zone. Some DNS systems still use literal zone files, while larger platforms may store equivalent data in databases or configuration systems.

AXFR / Zone Transfer

AXFR is a full DNS zone transfer. It is the traditional mechanism a secondary nameserver can use to copy the complete contents of a zone from a primary nameserver.

Zone transfers should normally be restricted to trusted secondary nameservers. If AXFR is open to the public, it may expose every record in the zone, including hostnames that were not intended to be easily discoverable.

IXFR

IXFR is an incremental DNS zone transfer. Instead of copying the entire zone, a secondary nameserver can request only the changes since its current SOA serial.