Yes you read that right you can setup backup DNS servers for your domain without spending a penny. This tutorial will tell you how to do this. The primary (master) DNS server runs BIND in Linux OS, this process makes use of the free DNS hosting service provided by freedns.afraid.org, so you’ll have t0 setup the primary DNS server for your domain and allow the transfer of the domain’s zone records to ns2.afraid.org’s IP address. I assume you know how to setup a primary (master) DNS server in BIND, so I’ll show you how to edit the configuration files to allow zone transfers and to add a backup DNS server.
The steps involved are outlined here
- Register at freedns.afraid.org and add your domain
- Allow zone transfers to ns2.afraid.org
- Add ns2.afraid.org as a nameserver of your domain
Make sure your primary DNS server is setup and working properly and can answer DNS queries originating from the internet. You can use the DNS Lookup Tool to check this.
Register at freedns.afraid.org and add your domain
Visit freedns.afraid.org, register, login and go to Backup DNS page, Click add a domain. Enter your domain and primary DNS server name.
Take note that your domains name server need necessarily not be ns1.yourdomain.com, to know your exact name server use the DNS Lookup Tool tool. Click check and move on to your server.
Allow zone transfers to ns2.afraid.org
We need to know the IP address of ns2.afraid.org. Use dig command to do this.
dig -t a ns2.afraid.org
Go to your Linux DNS server, open
BIND users /etc/named.conf
BIND chroot users /var/named/chroot/etc/named.conf
Open the file appropriate to your system, locate the entry for your domain, it should look like the following.
zone "yourdomain.com" {
type master;
allow-query { any; };
allow-transfer { 174.37.196.55; };
file "yourdomain.com.zone";
};
Add the allow-transfer option as specified above. The IP address (174.37.196.55) is the IP of ns2.afraid.org at the time of this article. It is always wise to check the IP address before you try this.
Add ns2.afraid.org as a nameserver of your domain
Now we need to add ns2.afraid.org as the NS record of the zone. Go to your domain registrar’s control panel and add ns2.afraid.org as a nameserver. Back to your primary DNS server open the file appropriate for your BIND installation.
BIND users /var/named/example.zone
BIND chroot users /var/named/chroot/var/named/example.com
Add the following line to the file
@ IN NS ns2.afraid.org.
Save the file and reload the named service.
service named reload
After some time take a look at your systems log at
/var/log/messages
you should see the message
Date named[process-id]: client ip-address-of-ns2.afraid.org: transfer of 'yourdomain.com/IN': IXFR ended
In your afraid.org’s account you’ll see the following
Notice that the zone file is updated every time the serial changes. So even if you update the zone file on your master DNS server, the slave won’t update unless you change the serial number. To check if all DNS records have been transferred to ns2.afraid.org execute dig as shown below
dig -t any yourdomain.com @ns2.afraid.org
This will display zone records from ns2.afraid.org. So now you have a complete Backup DNS solutions without spending anything.
Why making the tutorial off of Afraid? Afraid limits to 5 domains and only 20 (!) records per domain unless you pay 5 $/month. BuddyNS allows unlimited domains and records for free, and keeps very tight synchronization with the primary.
Hi Jasin,
good tut/solution, but only for backup domain. It is not for secondary ns when secondary ns still is with your mantainer and not on your server.
I have a domain (es. mydomain.com) registered with a mantainer, even I have a server with one IP address and Bind configured for that domain. At this point I would transfer the domain management on my server, so I create three records in the DNS Zone on the mantainer control panel:
A xxx.xxx.xxx.xxx (here I set the IP address of my server)
NS ns1.mydomain.com xxx.xxx.xxx.xxx (same IP)
NS ns2.mydomain.com xxx.xxx.xxx.xxx (same IP)
then I submit the changes and I get a NIC error due to the same IP used fro ns1 and ns2.
In this scenario, how can I apply your tut if freedns.afraid.org ask me for the ns2.mydomain.com record?
Thanks