By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

The SOA serial number is set to "1" and it does not automatically increment, even after I create, edit, or delete DNS records in the hosted zone.

0

Hello community,

I am experiencing an issue with my Route 53 hosted zone for the domain akcoreconsulting.com. The SOA serial number is set to "1" and it does not automatically increment, even after I create, edit, or delete DNS records in the hosted zone.

As a result, new TXT records (such as for Microsoft 365 verification) do not propagate externally and cannot be detected by external systems (e.g., checked via MXToolbox TXT lookup).

I have tried the following:

  • Created and deleted various DNS records to try and force the SOA serial to change.
  • Deleted and re-created the TXT record for verification.
  • Checked my hosted zone and confirmed that my domain and nameservers are all properly set up in Route 53.
  • Waited several hours, but the SOA serial does not update and remains "1".

I found via MXToolbox Domain Health Report that this SOA serial format is causing an "SOA Serial Number Format is Invalid" warning, and I believe this is why my DNS changes do not propagate.

Screenshots attached:

  • SOA record settings in my Route 53 hosted zone
  • TXT record as created for Microsoft 365

My question:

  • How can I reset or update the SOA serial number in my Route 53 hosted zone?
  • Is there a way to force Route 53 to generate a correct SOA serial (YYYYMMDDnn format), or should I recreate the hosted zone altogether?
  • Is there any risk or recommended procedure if I have to delete and then recreate the hosted zone for my domain?

Thank you in advance for any guidance.

Topics
Networking & Content Delivery
Tags
Amazon Route 53
Language
English
Karen Valle
asked 18 days ago51 views
1 Answer
0

The issue you're experiencing with the SOA (Start of Authority) serial number not incrementing and remaining at "1" is unusual for Route 53, as it typically manages this automatically. However, there are a few steps you can take to address this problem:

  1. Manually update the SOA serial number: You can try to manually edit the SOA record in your Route 53 hosted zone. Use the format YYYYMMDDNN (Year, Month, Day, and a two-digit number) for the serial. For example, if today is July 30, 2023, you could set it to 2023073001. This should resolve the "SOA Serial Number Format is Invalid" warning.

  2. Increment the serial number: If manually setting the serial number doesn't work, try incrementing it by 1. For example, if it's currently set to 1, change it to 2.

  3. Ensure consistency across SOA records: If you have multiple SOA records, make sure the serial numbers are consistent across all of them.

  4. Recreate the hosted zone: If the above steps don't resolve the issue, you may need to recreate the hosted zone. Before doing this:

    • Export all your existing DNS records.
    • Note down the current name servers associated with your domain.

    To recreate the hosted zone: a. Create a new hosted zone for your domain in Route 53. b. Import all your DNS records into the new zone. c. Update the name servers for your domain to match those of the new hosted zone. You can do this in the Route 53 console under the domain's registration settings.

    Be aware that recreating the hosted zone will result in new name servers being assigned. You'll need to update these at your domain registrar, which could cause some temporary DNS resolution issues during propagation (up to 48 hours, though often much faster).

  5. Verify DNS propagation: After making changes, use tools like 'dig' or online DNS lookup services to verify that your changes are propagating correctly.

If these steps don't resolve the issue, you may need to contact AWS Support for further assistance, as there could be an underlying problem with the Route 53 service for your specific hosted zone.
Sources
SOA Serial Number Format is Invalid | AWS re:Post
recover hosted zones | AWS re:Post
I transferred the domain to Route 53 and created a DNS zone, but unable to verify using txt record. | AWS re:Post

profile picture
re:Post Agent
answered 18 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content