Secondary DNS with Hidden Master server

Secondary DNS can be used not only to combine two or more servers to work together, but it can be used to have a Hidden Master server where to manage all DNS zones, records and settings and the zones and changes to be propagated automatically to a public server which will face all the DNS traffic. Such configuration allows you to protect the backend hidden server from DDoS attacks or your domain names to be served only from a fast Anycast network, so the Unicast network connection of the Hidden Master server will not affect the global speed of the domain name.

What is a Hidden Master DNS server?

Hidden Master is a simple DNS configuration that prevents attacks on the Master DNS server. Usually, this server is not listed at the registrar or as an NS record in the DNS zone. This way, the Master DNS server is always protected, as nobody will be able to see that it exists. If something wrong happens to the Slave DNS server, there will be no impact on the Master DNS server. Optionally, it can be behind a Firewall.

How to use Hidden Master with ClouDNS?

Here's a step-by-step guide on how to use a Hidden Master DNS server with ClouDNS:

1. Create NS records in your Master DNS zone for the name servers available to you at ClouDNS. These servers are listed in the pop-up window when you click on "available name servers" on your Dashboard page - DNS hosting section, right next to the "create zone" button. You must make sure that there are no NS records for your Master DNS server in your DNS zone. 
2. Create all other records in your Master DNS zone after creating the NS records.
3. Log in to your profile and create a Slave DNS zone.
4. Once the zone is created and you have entered the IP address of your Master DNS server, you must click on "Primary Settings" on the DNS zone management page. 
5. You have to allow zone transfer and notify on your Master DNS server for the listed IP addresses. If you are using BIND, you can simply copy and paste the suggested configuration into your zone file.
6. After you complete the steps above, you can check the SOA serial on your Master DNS server. Then, you can click on SOA next to your DNS zone in your Dashboard. If the SOA serials match, your DNS zone is synchronized, and you have a Hidden Master DNS server configuration.
7. In case your Master DNS server is behind a Firewall, please allow connection from the IP addresses of ClouDNS name servers.

That's it! Follow these simple steps to use a Hidden Master DNS server with ClouDNS.

How to setup Secondary DNS with Hidden Master at ClouDNS - Step by Step

How to start?

1. Open an account from here 
2. Verify your e-mail address
3. Log into your control panel
4. Create a new Master DNS from the [add new] button - read more here
5. Setup Secondary DNS with Hidden Master server as it is described in this article

Secondary DNS Support

ClouDNS provides full support for Secondary DNS, which is available in the following plans from: 

• Premium DNS
• DDoS Protected DNS

Just write to our 24/7 Live chat Support, if you need any assistance with your Secondary DNS with Hidden Master server configuration.

FAQ

Question: How often do updates propagate from the Primary DNS server to the Secondary DNS servers?

Answer: The frequency of updates depends on the Time To Live (TTL) value set for the DNS records. Once the TTL value has expired, the Secondary DNS servers will check for updates from the Primary DNS server.

Question: Can Secondary DNS with Hidden Master server improve website performance?

Answer: Yes, it can improve website performance by distributing the load of DNS queries across multiple servers and reducing the response time.

Question: Is Secondary DNS with Hidden Master Server more secure than other DNS architectures?

Answer: Yes, using a Hidden Master server reduces the risk of attacks such as DNS cache poisoning or DNS amplification attacks, making it a more secure option for DNS management.

Question: What type of plan do I need to use Secondary DNS with a Hidden Master server?

Answer: Secondary DNS with Hidden Master server is a feature available in Premium DNS and DDoS Protected DNS plans offered by ClouDNS. These plans provide additional features and security measures to ensure the reliability and security of the DNS service.