Amazon Route 53
Developer Guide (API Version 2013-04-01)

NS and SOA Resource Record Sets that Amazon Route 53 Creates for a Public Hosted Zone

For each public hosted zone that you create, Amazon Route 53 automatically creates a name server (NS) resource record set and a start of authority (SOA) resource record set. Don't change these records.

The Name Server (NS) Resource Record Set

Amazon Route 53 automatically creates a name server (NS) resource record set that has the same name as your hosted zone. It lists the four name servers that are the authoritative name servers for your hosted zone. Do not add, change, or delete name servers in this resource record set.

The following examples show the format for the names of Amazon Route 53 name servers (these are examples only; don't use them when you're updating your registrar's name server records):





To get the list of name servers for your hosted zone:

  1. Sign in to the AWS Management Console and open the Amazon Route 53 console at

  2. In the navigation pane, click Hosted Zones.

  3. On the Hosted Zones page, choose the radio button (not the name) for the hosted zone.

  4. In the right pane, make note of the four servers listed for Name Servers.

Alternatively, you can use the GetHostedZone action. For more information, see GetHostedZone in the Amazon Route 53 API Reference.

After you create a hosted zone, update your registrar's or your DNS service's name server records, as applicable, to refer to the Amazon Route 53 name servers:


Some registrars only allow you to specify name servers using IP addresses; they don't allow you to specify fully qualified domain names. If your registrar requires that you use IP addresses, you can get the IP addresses for your name servers using the dig utility (for Mac, Unix, or Linux) or the nslookup utility (for Windows). We rarely change the IP addresses of name servers; if we need to change IP addresses, we'll notify you in advance.

The Start of Authority (SOA) Resource Record Set

The start of authority (SOA) resource record set identifies the base DNS information about the domain, for example:

Copy 1 7200 900 1209600 86400

The elements of the SOA record include:

  • The host that created the SOA record, for example,

  • The email address of the administrator in a format with the @ symbol replaced by a period, for example, The default value is an email address that is not monitored.

  • A revision number to increment when you change the zone file and distribute changes to secondary DNS servers, for example 1.

  • A refresh time in seconds that secondary DNS servers wait before querying the primary DNS server's SOA record to check for changes, for example 7200.

  • The retry interval in seconds that a secondary server waits before retrying a failed zone transfer, for example 900 (15 minutes). Normally, the retry time is less than the refresh time.

  • The expire time in seconds that a secondary server will keep trying to complete a zone transfer, for example 1209600 (two weeks). If this time expires prior to a successful zone transfer, the secondary server will expire its zone file. This means that the secondary server will stop answering queries because it considers its data too old to be reliable.

  • The minimum time to live (TTL). This value helps define the length of time that an NXDOMAIN result, which indicates that a domain does not exist, should be cached by a DNS resolver. Caching this negative result is referred to as negative caching. The duration of negative caching is the lesser of the SOA record's TTL or the value of the minimum TTL field. The default minimum TTL on Amazon Route 53 SOA records is 900 seconds. To change the TTL for resource record sets, including SOA resource record sets, you can use the Amazon Route 53 console. For more information, see Editing Resource Record Sets. You can also use the ChangeResourceRecordSets API. For more information, see ChangeResourceRecordSets in the Amazon Route 53 API Reference.