Name server configurations
Name servers must be equipped with NS records (Name Server) that have information on all name servers configured to serve the domain name. The NS records must point to servers, for which an IP address has been configured either with an A record or an AAAA record (or both) in name service. The NS records may only be name servers that have actually been configured to serve the domain name. The NS records must be consistent with the information configured in the fi-root.
The SOA record (Start of Authority) that defines the configuration of the name server of the domain name must comply with the following:
- The MNAME (Master Name) field must contain the name of the master name server of the domain name
- The RNAME (Responsible Name) field must contain a working email address that belongs to the administrator of the name servers. The email address must be configured without the @ symbol, which is replaced by a dot. For example: hostmaster.domain.fi. The best practice is to configure the hostmaster address in the RNAME field in accordance with RFC 2142.
FICORA recommends that the serial numbers and timers of SOA records should not differ essentially from published internet standards and recommendations. FICORA recommends the following:
example.com. 3600 SOA dns.example.com. hostmaster.example.com. (
1999022301 ; serial YYYYMMDDnn
86400 ; refresh ( 24 hours)
7200 ; retry ( 2 hours)
3600000 ; expire (1000 hours)
172800 ) ; minimum ( 2 days)
The recommended form of the serial number is YYYYMMDDnn, where YYYY is the year, MM is the month, DD is the day and nn is a running number that increases by one at each update. The number of the first version of the day is 01. The serial number helps to verify that the zone records of all domain name servers are the same. The serial number must not be zero (0).
The refresh and retry values determine how often secondary name servers check whether the domain name server information on the master name server has been changed. The retry value determines the time of a new attempt to retrieve the name server information if the previous attempt was unsuccessful.
The expire value indicates how long the name server keeps the old zone record if a new record cannot be retrieved.
The minimum TTL (time to live) value determines a default TTL for resource records (RR). In some cases, it is justifiable to set the TTL below the recommended value, for example if there are changes to a name server.