Ques on SOA rec

[Kevin Darcy]

Eric N. Moyer wrote:

> In Chap 4 of the Cricket book it says, "Our name server is authoritative
> for the zone movie.edu because of the SOA record."  What confuses me is, a
> NON-authoritative server wouldn't have the file db.movie.edu anyway, would
> it?

Correct. I think the wording is a little misleading. It's probably more
strictly-correct to say "our nameserver considers itself authoritative
because it is configured as master or slave for the zone and was able to
load/transfer it without errors".

> So, are there some ways a name server can't distinguish between data
> it read on startup and data it cached from another server?

Nameservers *must* maintain this distinction. Among other things, it
determines whether they set the "Authoritative Answer" (AA) bit on answers of
that data.

> (It is the
> presence of an SOA rec in the data that tells a server it is authoritative
> for a given zone, and not the fact that the data was read from local
> files?)

It's really *both*, since a zonefile without an SOA must be rejected.

Generally speaking, I think it is more useful to disregard what
"SOA" actually stands for, and just think of it as a zone "header", i.e. a
special record which specifies certain zone-wide parameters. While it is true
that every zone must have an SOA, an SOA doesn't really "establish" or
"start" the authority of a zone, in my opinion. Thus the SOA abbreviation is
a bit of a misnomer.

As a historical matter, does anyone know why it was named SOA? Was it
originally intended that whole DNS databases would be stored in a single file
(or dataset <cringe>), read sequentially, and thus the SOA RRs were needed to
delimit one zone from another? I can't find any references to this storage
model even in the earliest DNS RFCs...


- Kevin