0

If I set my DNS zone's SOA serial number to "1" and never change it, would domain name servers around the internet ignore or be slow in seeing zone updates?

Since all my primary DNS servers for my domain are masters, I don't have a case where slaves transfer zone data when the serial changes. Each of my DNS maintain identical master zone files.

Say I have an "A" record. I assume each time the TTL expires, resolvers re-query the domain's masters for a new "A" record and will return the IP in the master zone at each time of query. So does the SOA serial matter?

Some additional context. I see that AWS Route53 defaults new DNS zones to serial "1" and says that incrementing the serial is "optional" but does not say why it's optional https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/SOA-NSrecords.html

Crash Override
  • 571
  • 1
  • 8
  • 20

1 Answers1

4

The primary purpose of the SERIAL field in the SOA is indeed to allow secondary nameservers to determine whether they should initiate a zone transfer because the zone has been updated. If you sync your zones via some other method, then this is not relevant and the SERIAL can be pretty much whatever.

The SERIAL is not involved in any way in authoritative queries for records from arbitrary clients on the network. The TTL of the requested record is considered in this case, by the server that receives the query.

There is a corner case, though: If you use DNS UPDATE messages (RFC 2136) to update the SOA record, the SERIAL must be higher than the previous SERIAL or the update will be ignored.

Michael Hampton
  • 237,123
  • 42
  • 477
  • 940