Secondary DNS with Hidden Master server

Secondary DNS can be used not only to combine two or more servers to work together, but it can be used to have a Hidden Master server where to manage all DNS zones, records and settings and the zones and changes to be propagated automatically to a public server which will face all the DNS traffic. Such configuration allows you to protect the backend hidden server from DDoS attacks or your domain names.

What is a Hidden Master DNS server?

Hidden Master is a simple DNS configuration that prevents attacks on the Master DNS server. Usually, this server is not listed at the registrar or as an NS record in the DNS zone. This way, the Master DNS server is always protected, as nobody will be able to see that it exists. If something wrong happens to the Slave DNS server, there will be no impact on the Master DNS server. Optionally, it can be behind a Firewall.

How to use Hidden Master with ClouDNS?

Here's a step-by-step guide on how to use a Hidden Master DNS server with ClouDNS:

1. In your Master DNS zone add NS records the same as the name servers available for you at ClouDNS. These servers are listed in the pop-up window when you click on "available name servers" on your Dashboard page - DNS hosting section, right next to the "create zone" button. In order to use the Hidden Master role, make sure that only our name servers are there.
2. Log in to your profile here and create a Slave DNS zone.
3. Once the zone is created and you have entered the IP address of your Master DNS server/s, you must click on "Primary Settings" on the DNS zone management page. 
4. You have to allow zone transfer and notify on your Master DNS server for the listed IP addresses. If you are using BIND, you can simply copy and paste the suggested configuration into your zone file.
5. After you complete the steps above, you can check the SOA serial on your Master DNS server. Then, you can click on the "Check SOA" button in your DNS zone page here in your Dashboard. If the SOA serials match, your DNS zone is synchronized.
6. In case your Master DNS server is behind a Firewall, please allow connection from the IP addresses of ClouDNS name servers.

That's it! Follow these simple steps to use a Hidden Master DNS server with ClouDNS.

How to set Secondary DNS with Hidden Master at ClouDNS - Step by Step

How to add a Secondary zone in ClouDNS?

Creating your Secondary (Backup) DNS zone is an easy process. Follow the steps below:

1. Login to your account.
2. Click on the "create zone" button in the DNS Hosting section.
3. Choose a type of zone (Secondary zone).
4. Enter the domain name (without www or http://)
5. Enter the Master Server IP 
6. Click on the "CREATE" button. 

Secondary DNS Support

ClouDNS provides full support for Secondary DNS, which is available in the following plans: 

• Premium DNS
• DDoS Protected DNS

Just write to our 24/7 Live chat Support, if you need any assistance with your Secondary DNS with Hidden Master server configuration.

FAQ

Question: How often do updates propagate from the Primary DNS server to the Secondary DNS servers?

Answer: The frequency of updates depends on the Time To Live (TTL) value set for the DNS records. Once the TTL value has expired, the Secondary DNS servers will check for updates from the Primary DNS server.

Question: Can Secondary DNS with a Hidden Master server improve website performance?

Answer: Yes, it can improve website performance by distributing the load of DNS queries across multiple servers and reducing the response time.

Question: Is Secondary DNS with Hidden Master Server more secure than other DNS architectures?

Answer: Yes, using a Hidden Master server reduces the risk of attacks such as DNS cache poisoning or DNS amplification attacks, making it a more secure option for DNS management.

Question: What type of plan do I need to use Secondary DNS with a Hidden Master server?

Answer: Secondary DNS with a Hidden Master server is a feature available in Premium DNS and DDoS Protected DNS plans offered by ClouDNS. These plans provide additional features and security measures to ensure the reliability and security of the DNS service.