Notes on configuring a hidden primary TinyDNS server
Hidden Primary
Hidden Primary is a DNS configuration in which the primary DNS exports the authoritative data for the zone but all DNS lookups are handled by the secondary servers.
Reasons
- Convenient management of the zone file on a server you control
- Export DNS records to services like ZoneEdit which don't support all types of records (like SRV)
TinyDNS configuration
Types of records
| Identifier | Records declared | || | # | none | | Z | SOA | | & | NS | | . | NS, A, SOA | | + | A | | = | A, PTR | | : | custom format: SRV, AAAA (IPv6) | | @ | MX |
Transfer out
# dump markferry.net zone
tcpclient -v ns4.zoneedit.com 53 /usr/bin/axfr-get markferry.net mfdns mfdns.tmp
# dump cognomen.co.uk zone
tcpclient -v ns4.zoneedit.com 53 axfr-get cognomen.co.uk cogdns cogdns.tmp
/var/dnscache/tinydns/root/data
Zone
# markferry.net ZSOA +A :AAAA
Zmarkferry.net:ns1.markferry.net.:soacontact.zoneedit.com.:1245784646:14400:7200:950400:7200:7200
Primary nameserver
# ns1.markferry.net +A :AAAA @MX
+ns1.markferry.net:65.99.222.161:7200
:ns1.markferry.net:28:\040\001\004p\037\016\0014\000\000\000\000\000\000\000\002:7200
Primary domain
# markferry.net &NS =APTR +A :AAAA @MX
&markferry.net::ns4.zoneedit.com.:7200
&markferry.net::ns8.zoneedit.com.:7200
+markferry.net:65.99.222.161:7200
:markferry.net:28:\040\001\004p\037\016\0014\000\000\000\000\000\000\000\002:7200
@markferry.net::mail.zoneedit.com.:0:7200
@markferry.net::mail3.zoneedit.com.:0:7200
:_sip._udp.markferry.net:33:\000\012\000\144\023\304\011markferry\003net\000:7200
www domain
# www.markferry.net +A :AAAA @MX
+www.markferry.net:65.99.222.161:7200
:www.markferry.net:28:\040\001\004p\037\016\0014\000\000\000\000\000\000\000\002:7200
home domain
- Added A and AAAA
-
Removed AAAA when migrating to AAISP
home.markferry.net +A :AAAA @MX
+home.markferry.net:xx.xx.xx.xx:7200