How to configure slave DNS and vanity nameservers on Zerigo

Dan

Moderator
Hello,

There's been questions in the past about using a backup or secondary DNS service and I'd been thinking about it for a while myself so this last week I went ahead and signed up for one so thought I would show how I configured it here in case anyone else is interested.

The service I signed up for is Zerigo and I am on the DNS Plus/Plus 1 plan which is quite reasonably priced.

After signing up and receiving your confirmation email you can log into your control panel. After doing so you'll see multiple tabs for Account, Servers, DNS, and Watchdog. We'll be working in the DNS tab obviously.

It took some digging but I eventually came up with the following information:

US Nameservers

a.ns.zerigo.net - Denver, Colorado, USA (IP#: 64.27.57.11)
b.ns.zerigo.net - Washington, DC, USA (IP#: 174.37.229.229
d.ns.zerigo.net - Dallas, Texas, USA (IP#: 174.36.24.250)

Slave Nameservers
68.71.141.22
174.36.24.251

They also have 2 European nameservers and one in Asia which I will list here for informational purposes

c.ns.zerigo.net - London, United Kingdom (IP#: 109.74.192.232)
e.ns.zerigo.net - Amsterdam, Netherlands (IP#: 72.26.219.150)
f.ns.zerigo.net - Singapore (IP# 223.27.170.242)

You'll want to use nameservers that are at least relatively geographically close to you and those you think will be trafficking your server's websites so I chose Denver and Dallas.

Step 1

Configure the vanity nameservers, or, to give Zerigo's nameservers your own name. This is an optional step to be done only if you want Zerigo's nameservers to show with your own domain name when people do a whois.

Log into WHM and go to DNS Functions | Edit DNS zone then edit the DNS zone for your main domain. Scroll down to the empty lines and enter the information for the nameservers you are using:

ns3 14400 IN A 64.27.57.11
ns4 14400 IN A 174.36.24.250

So I am defining NS3 and NS4 to Zerigo's IP numbers. You can of course use NSA or ZED or however you define your nameservers.

Scroll down and click Save.

Step 2

Here we are defining our new nameservers with our domain registrar. This step is also optional, if you chose not to use vanity nameservers then skip this step as well.

Go to your registrar that you have your main domain registered with. I use Godaddy so will use their terminology. Different registrars use different terms but the functionality should still be there.

Log in and go to Domains | Domain Management then click on your main domain's name.

Scroll down until you see the Host Summary box and then click Add.

For Host name enter the first name server you defined above and then for Host IP 1 enter Zerigo's IP address for it.

Repeat this for however many of Zerigo's nameservers you want to use.

When done click OK at the bottom of the window.

Step 3

In this step we need to allow transferring our DNS zones to Zerigo.

Here we need to log into our server using SSH using Putty or whatever you use.

Edit the Bind configuration file: pico /etc/named.conf

Locate the options section. For mine it was the second section from the top below the controls section. It will be the section following:

options {

Locate the line in that section that says:

allow-transfer {"none";};

I'm paranoid so I made a copy and then commented out the first line. To copy the line cursor down to it and hit CRTL-k and then paste it back in pushing CTRL-u twice, one to comment out and the other to change for our purposes. You should end up with this:

# allow-transfer {"none";};
allow-transfer { 68.71.141.22; 174.36.24.251; };

Those are the IP numbers for Zerigo's slave servers and will tell your server to allow transfers to them.

Save the changes and exit by pressing CTRL-x then y to save then press Enter.

Restart Bind: service named restart

Step 4

Add the new nameservers to the DNS zones in WHM and at the registrar.

Go back to your WHM to DNS Functions | Edit DNS Zone and edit the zone you want to add secondary DNS to. Scroll down to the empty lines and enter the information. For example:

domain.com. 86400 IN NS ns3.domain.com.
domain.com. 86400 IN NS ns4.domain.com.

Make SURE to put periods at the ends of your domain name in BOTH cases, for the domain name AND for the nameserver.

Scroll down and click Save.

After that go back to your registrar, click to edit the pertinent domain and then click Set Nameservers. Enter your new nameservers into the empty boxes.

When finished click OK at the bottom of the window.

Step 5

Add the domain to your Zerigo control panel.

Log into Zerigo and go to the DNS tab.

Enter the domain name into the Domain Name box.

Enter tags if you want or need them.

I left the Default refresh period (TTL) at the default.

Then for Service select Slave only.

Click the Add button.

You will then see the status screen for the domain. If you click Tools you will see whether or not your DNS zone is updated or not yet. DNS rules of propagation may very well apply although my changes took place very quickly.

Done

That is it! Repeat steps 4 and 5 for each additional domain you want backup DNS for and everything should be good to go!
 
I recently set up secondary DNS with DNS Made Easy and found your instructions very helpful.

When editing named.conf I also added the line:

also-notify { x.x.x.x; x.x.x.x; };

Where x.x.x.x represents an DNS Made Easy IP address to be notified each time a zone file is changed. These are the same IPs as used in the allow-transfer option.

From what I gather this lets any zone changes propagate immediately to the secondary nameservers, rather than waiting for them to query your primary nameserver.

I found that tip here: http://www.devcheater.com/tips/dns-notify.php
 
With Zerigo's price increase effective the end of this month (from $40/year to $456/year) I have said goodbye to them. I'm now using Buddyns for secondary (slave) DNS services.

I'll leave this write up as it's still good information and could still be used for configuring Zerigo or even other services by just plugging in the correct IP numbers for the applicable service.
 
How did you figure out the pricing at BuddyDNS ? Looks like DNSMadeEasy is tiered, starting at:
* 10 domains, 400 records, 5M queries/month = $30/year

While BuddyDNS has more granular pricing and starts at:
* 10 zones, 3M queries/month = $3/month = $36/year

I guess those are comparable, domain = zone.

Seems you only really need this for domains with email, since in that case a DNS failure causes the sender to give up and not try again later. For web hosting, if the DNS is down the site is down anyway, with the kind of setup we're talking about. Is that about right?
 
Hi kitchin,

I did this mostly for externally hosted email clients which, right now, is pretty much all of them. In the case that my VPS goes down the external DNS will continue to allow email to flow. With small businesses that's their life's blood.

Beyond that, individual services can and will go down on a server as well though in which case an external DNS will help and is recommended too. It does help :)
 
Where do you host email? It's such a PITA. Only Gmail seems to have good spam filtering, but it's kinda expensive.
 
Hi kitchin,

They're all on Google Apps or host their own Exchange server. Luckily I was able to get the Google Apps ones in before they went to for pay only.

Not much help, I know. Sorry
 
Top