Question

SOA DNS not valid format?

I just changed my domain’s nameservers to DO’s and got this when I did a DNS check at mxtoolbox.com:

SOA Serial Number Format is Invalid ns1.digitalocean.com reported Serial 1421780039 : Suggested serial format year was 1421 which is before 1970.

SOA Expire Value out of recommended range ns1.digitalocean.com reported Expire 604800 : Expire is recommended to be between 1209600 and 2419200.

Is there any way to fix this?


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

it does not actually “cause” any issues, but it does cause errors/warnings for automated tasks that sys admins have setup. I’ve had to change a few of my sync scripts to process past SOA format error.

If you absolutely do need to have the SOA follow that format, you could install bind on your server, and manually modify your zone file (I wish the digitalocean interface had this option).

Aside from what mxtoolbox apparently say, do you have any problems with the current SOA values?

First of all, there is absolutely nothing wrong with the SOA Serial. Yes, YYYYMMDDnn might a commonly recommended format, but the only real requirement is that it is a “unsigned 32 bit version number”, which “wraps and should be compared using sequence space”, to quote RFC 1035. Here you appear to have a serial based on unix time, which is not an uncommon option either.

And for the SOA Expire value, that is definitely something there are different opinions about. Still 604800 seconds are still a week, which ought to be plenty of times for presumably well maintained DNS servers like the ones DigitalOcean provide.

Nope. You’re not in control of the SOA record directly. To be fair, those are warnings.