8

I ran my domain through intoDNS and the report returned a warning saying

Your SOA EXPIRE number is: 3600000. That is NOT OK

So I've been looking to change the value ever since. You wouldn't believe it but I couldn't find one place that tells where or how to change the value of SOA Expire. I found out the recommended range is 2-4 weeks but no clue as to where to go to change it.

Can anyone point me in the right direction?

Whip
  • 251
  • 1
  • 2
  • 8
  • 1
    What dns server are you using? Normally the SOA details are defined in the zone file or equivalent type file for your server. – Payload Sep 15 '16 at 17:53
  • I'm not sure. I haven't configured any DNS servers. Can you find it out with my domain? Its [https://bwdmedia.net](https://bwdmedia.net) or a [summary from Network Tools](http://network-tools.com/default.asp?prog=express&host=bwdmedia.net) – Whip Sep 16 '16 at 09:03
  • 1
    In many cases mentioning the actual domain name is essential for the community to be able to help diagnose DNS issues. Thank you for doing that. – HBruijn Sep 16 '16 at 13:51
  • If DNS server is not managed by you - contact your hosting company – Martynas Saint Sep 16 '16 at 14:21

1 Answers1

13

The expire field in a SOA record is the upper limit, in seconds, that your secondary name servers are allowed to use the data before it expires for lack of getting a refresh.

You normally do want this to be rather large, and the value of 3600000 seconds (about 42 days) comes straight out of RFC 1033.

There is no real need to change it. Most DNS/hosting providers don't allow you to edit SOA records anyway either, with good reason as it determines how their DNS infrastructure will operate.

You would only need to worry about the values in the SOA record if you operate your own name servers, which doesn't appear to be the case.

dig soa bwdmedia.net +multiline

bwdmedia.net.       86400 IN SOA ns.inmotionhosting.com. exploitrip.outlook.com. (
                2016091000 ; serial
                86400      ; refresh (1 day)
                7200       ; retry (2 hours)
                3600000    ; expire (5 weeks 6 days 16 hours)
                86400      ; minimum (1 day)
                )

That shows that among other that your primary DNS server is ns.inmotionhosting.com. and your DNS is probably managed by that hosting company.

Community
  • 1
HBruijn
  • 72,524
  • 21
  • 127
  • 192
  • These are most likely managed by the hosting company. Thanks for letting me know. I'll have a chat with them – Whip Sep 19 '16 at 09:22
  • I have a glued ns that points to the domain itself. So I am my own nameserver. The only DNS server installed I have are the DNS controls from PLESK. – FMaz008 Jan 01 '21 at 15:25
  • Nit: The RFC standard you quoted suggests "A minimum of at least a day is a good value here (86400)" not 3600000. The value you're quoting was just an example. – Eric Le Fort Nov 07 '21 at 20:48