Secondary DNS How-To
Creating and configuring Secondary DNS from start to finish
- Step One: Domain Registration
- Step Two: Create Secondary DNS Service
- Step Three: Delegation
- Step Four: Zone Transfers
Step One: Domain Registration
Before you can create Custom DNS service for a domain, the domain itself will need to be registered. You generally have three options:
- The registration does not exist: You can create both Secondary DNS and domain registration simultaneously with DynDNS.
- The registration already exists with DynDNS: You only need to create the Secondary DNS service.
- The registration exists with another registrar: You can create the Secondary DNS service and transfer the domain to us, or create just the Secondary DNS service and delegate the domain to us.
If you need to create a new registration or transfer the domain to us, please see the Domain Registration guides for more information.
Step Two: Create Secondary DNS Service
You will need to create the Secondary DNS zone in our Add Zone Services Wizard. Enter your domain name (domain.com not www.domain.com) and select "Yes, I have my own primary DNS service and need Secondary DNS service" under the Domain Name Services option, and click Next. (If you are also purchasing domain registration or mail services, you can select these as well.)
You will need to select a Service Period between one and five years, and enter the IP address of your primary DNS server in the Master Server IP field. This server is where our Secondary DNS nameservers will attempt to transfer the zone file. Generally, this nameserver is one you own and operate yourself; please see our third-party DNS information in the Readme.
Once you have selected a Service Period and entered your Master Server IP, click Next. The service will be added to your shopping cart. You can continue shopping or check out to create the service.
Step Three: Delegation
Now that the Secondary DNS zone has been created, you will need to change your domain's delegation to use our nameservers. Nameserver delegation defines which servers are responsible for a domain's resolution. If your domain is registered with DynDNS, you can visit the domain registration section of your account, select the domain from the list, and click Nameservers to access the delegation list; if your domain is registered elsewhere, you will need to proceed through their interface to reach the list. You will then need to add the following nameservers to the delegation:
Secondary DNS Nameservers
| Server | IP Address |
|---|---|
| ns2.mydyndns.org (Required) | 204.13.249.76 |
| ns3.mydyndns.org | 208.78.69.76 |
| ns4.mydyndns.org | 91.198.22.76 |
| ns5.mydyndns.org | 203.62.195.76 |
Depending on the TLD (e.g. .com, .net, .org) of your domain, delegation may be instantaneous or can take upwards of 24 hours to complete. We have a list of some of the most common TLDs and their propagation times here. Some registrars may require that our servers be pre-activated for your domain; if this is the case, please contact our support team to have the zone pre-activated for you. (Many ccTLDs pre-activate automatically, which will be noted in your zone's configuration.)
Glue Records for New Registrations
If you have created a brand new domain registration and wish to use hosts at that domain for the primary nameservers (e.g. ns1.mydomain.com and ns2.mydomain.com), you will need to create glue records for the nameservers before you are able to delegate to them. Visit the domain registration portion of your account, select your domain from the list, and click the Glue Records link. This will allow you to create the necessary records to delegate your domain to the new nameservers.
Step Four: Zone Transfers
Our Secondary DNS nameservers will detect this change within an hour of its completion, and attempt to transfer the zone file from your master server. You will need to ensure our nameservers are listed as allowed to transfer in your master server's configuration. Here is an example for BIND (syntax may vary depending on the system used):
In named.conf:
zone "mydomain.com" {
type master;
file "db.mydomain.com";
allow-transfer { 1.2.3.4; 2.3.4.5; 3.4.5.6; 4.5.6.7; };
};
Remember, substitute the real IPs of our nameservers (listed under "Secondary DNS Nameservers" above) for 1.2.3.4, 2.3.4.5, etc.
In your zone file:
mydomain.com. IN NS ns2.mydyndns.org. mydomain.com. IN NS ns3.mydyndns.org. mydomain.com. IN NS ns4.mydyndns.org. mydomain.com. IN NS ns5.mydyndns.org.
If you use IP-whitelist-based firewall rules, you will need to ensure the addresses for our nsX.mydyndns.org servers are added into the whitelist as permitted to connect on port 53 on both TCP and UDP.