Secondary (Backup) DNS zone

What is a Secondary (Backup) DNS zone?

The Secondary (Backup) DNS zone is the read-only copy of the DNS records. This means that the DNS records cannot be added directly to the Secondary DNS zone. The Secondary (Backup) DNS zone can receive the updated records only from the Master zone of the DNS server. The records in the Backup DNS zone can be managed only on your Master server. Secondary DNS is available in all our paid plans.

How does a Secondary DNS zone work?

The DNS operates in a hierarchical manner, with multiple DNS servers responsible for resolving domain names. When a user enters a domain name (e.g., example.com) in their browser, the system must resolve it into an IP address to access the website. The Domain Name System (DNS) is responsible for this resolution.

In the event of a failure or unavailability of the Primary DNS server, the Secondary DNS Zone comes into play. When properly configured, the Backup DNS Zone allows the secondary DNS server to step in and serve DNS records for the domain. This ensures that even if the Primary DNS server is unreachable, users can still access the website or service by resolving domain names through the backup server.

How to add a Secondary (Backup) zone in ClouDNS?

Creating your Secondary (Backup) DNS zone is an easy process. Follow the steps below:

  1. Login to your account.
  2. Click on the "create zone" button in the DNS Hosting section.
  3. Choose a type of zone (Secondary zone).
  4. Enter the domain name (without www or http://)
  5. Enter the Master Server IP 
  6. Click on the "CREATE" button. 

How to add a Secondary (Backup) DNS zone in ClouDNS - Step by Step:

Why to use it?

Using a Secondary (Backup) DNS zone is crucial for ensuring continuous access to your domain by providing redundancy in the event of Primary DNS server failures caused by different reasons. It ensures high availability by automatically redirecting DNS queries to the Secondary server and improves performance through load balancing. In addition, implementing a Secondary DNS can strengthen security by offering an alternative resolution path during cyber attacks, thereby maintaining continuous and secure access to your website or services.

FAQs 

Question: Why do I need a Secondary DNS Zone if my Primary DNS server is reliable?

Answer: While your Primary DNS server may be reliable, unforeseen events like hardware failures, DDoS attacks, or network outages can lead to its temporary unavailability. A Secondary (Backup) DNS Zone acts as an insurance policy, ensuring continuous DNS resolution even if the primary server experiences downtime.

Question: What is the best TTL value for DNS records in a Secondary DNS Zone?

Answer: The TTL (Time-to-Live) value determines the duration for which DNS information is cached by resolvers. A balance must be struck between lower TTL values for quicker propagation during failover and higher TTL values to reduce query traffic. Common TTL values range from a few minutes to several hours.

Question: Can I manually update the Secondary (Backup) DNS Zone when changes occur on the primary DNS server?

Answer: Change of the Secondary DNS zone is possible only if it is forced through the Master DNS zone since it is just a copy that cannot be updated directly.

Question: What happens if the Secondary DNS Zone itself becomes unavailable?

Answer: To address this, consider setting up multiple Secondary DNS servers, strategically located in different geographic regions. This approach ensures further redundancy and minimizes the risk of the Secondary DNS Zone becoming unavailable. 


Last modified: 2025-03-25
Cookies help us deliver our services. By using our services, you agree to our use of cookies. Learn more