Secondary DNS Readme

Important information to know about Secondary DNS

Common Mistakes

There are a number of common mistakes that can be made with Secondary DNS that will prevent our servers from updating or retrieving the zone file from your primary nameserver.

Firewalls

You need to ensure all of our nameservers are properly whitelisted in any software or hardware firewalls, including routers. Even if you do not utilize all of our nameservers in the delegation, it is a good idea to ensure all nameservers are whitelisted by IP to connect to your network on port 53 using both TCP and UDP. If you do not see any transfer attempts from our nameservers in your logs, our nameservers are likely being blocked by a firewall.

Zone Incrementing

Our nameservers listen for NOTIFY messages from your primary nameserver, and also attempt to retrieve the zone when the refresh value in the zone's SOA is exceeded. However, our nameservers will only transfer the new zone file if the zone serial has been properly incremented. If you have made a change to your zone file and we have not received it, check to make sure you have incremented the zone serial. (If your zone serial at the master server is lower than the zone serial our Secondary DNS servers currently use, please see the zone serial fix below.)

Allowed Zone Transfers

If our servers are not explicitly allowed to transfer the zone file from your primary nameserver in your server's configuration, our nameservers will be unable to transfer. You can usually see the failed transfer attempts in your nameserver's logs. You should check to ensure all available nameservers are listed in the configuration, even if you do not utilize all of the nameservers in the delegation, and ensure the IP addresses are entered correctly (no typos or transposed digits).

Incorrect Zone Serial

When using the Secondary DNS service, it is possible that your most recent zone serial may become a lower value than the zone serial currently available on our nameservers. To fix this problem, please see our Knowledge Base article on decrementing your zone serial.