Notes on configuring a hidden primary TinyDNS server

Hidden Primary

Hidden Primary is a DNS configuration in which the primary DNS exports the authoritative data for the zone but all DNS lookups are handled by the secondary servers.

Reasons

  • Convenient management of the zone file on a server you control
  • Export DNS records to services like ZoneEdit which don't support all types of records (like SRV)

TinyDNS configuration

Types of records

| Identifier | Records declared | || | # | none | | Z | SOA | | & | NS | | . | NS, A, SOA | | + | A | | = | A, PTR | | : | custom format: SRV, AAAA (IPv6) | | @ | MX |

Transfer out

# dump markferry.net zone
tcpclient -v ns4.zoneedit.com 53 /usr/bin/axfr-get markferry.net mfdns mfdns.tmp
# dump cognomen.co.uk zone
tcpclient -v ns4.zoneedit.com 53 axfr-get cognomen.co.uk cogdns cogdns.tmp

/var/dnscache/tinydns/root/data

Zone

# markferry.net ZSOA +A :AAAA
Zmarkferry.net:ns1.markferry.net.:soacontact.zoneedit.com.:1245784646:14400:7200:950400:7200:7200

Primary nameserver

# ns1.markferry.net +A :AAAA @MX
+ns1.markferry.net:65.99.222.161:7200
:ns1.markferry.net:28:\040\001\004p\037\016\0014\000\000\000\000\000\000\000\002:7200

Primary domain

# markferry.net &NS =APTR +A :AAAA @MX
&markferry.net::ns4.zoneedit.com.:7200
&markferry.net::ns8.zoneedit.com.:7200
+markferry.net:65.99.222.161:7200
:markferry.net:28:\040\001\004p\037\016\0014\000\000\000\000\000\000\000\002:7200
@markferry.net::mail.zoneedit.com.:0:7200
@markferry.net::mail3.zoneedit.com.:0:7200
:_sip._udp.markferry.net:33:\000\012\000\144\023\304\011markferry\003net\000:7200

www domain

# www.markferry.net +A :AAAA @MX
+www.markferry.net:65.99.222.161:7200
:www.markferry.net:28:\040\001\004p\037\016\0014\000\000\000\000\000\000\000\002:7200

home domain

  • Added A and AAAA
  • Removed AAAA when migrating to AAISP

    home.markferry.net +A :AAAA @MX

    +home.markferry.net:xx.xx.xx.xx:7200

Links