Hetzner - DokuWiki

Anycast/secondary setup


Anycast/secondary setup

Please note, that this portion of the new DNS system is not active yet. For secondary DNS, please continue to use the Robot IPs and DNS addresses.

When testing compatibility of the proposed setup with DNS software, some configuration snippets were gathered.

Support by DNS software

This section contains configuration examples for different DNS software, how it might be configured on a customer's server. All configurations have been tested.


 name: example.com
 notify: NOKEY
 provide-xfr: NOKEY

Man page


 zone "example.com" {
 type master;
 file "/etc/bind/example.com";
 also-notify  {; };
 allow-transfer  {; };


 pdnsutil set-meta example.com ALSO-NOTIFY
pdnsutil set-meta example.com ALLOW-AXFR-FROM


 - id: slave
 - id: acl_slave
   action: transfer
 - domain: example.com
   storage: /etc/knot/
   file: "example.com.zone"
   notify: slave
   acl: acl_slave

Knot documentation


 # Coredns file
example.com {
   file /etc/coredns/example.com {
       transfer to

Support by web panels


No direct support, requires editing of respective nameserver configuration files. Example for cpanel with bind (default DNS server):

 # /etc/named.conf
options {
 also-notify  {; };
 allow-transfer  {; };

Global definitions for the notify and allow-transfer seem pretty stable. Definitions inside a zone may be overwritten.


Basically the same as cPanel/WHM. Bind is the one and only DNS software, that is supported by plesk. There is an extension called Slave DNS Manager but this does not rely on sending NOTIFYs to the slave servers to trigger an AXFR. It rather expects to be the slave fully under your control and allowing access via rndc (bind control utility).
Global definitions for the notify and allow-transfer seem pretty stable. Definitions inside a zone are overwritten when one applies e.g. DNS templates to all zones.


Webmin provides the module BIND DNS Server which adds bind to the server. After adding a master zone, one can edit zone options for this zone.

Webmin edit master zone.png

In the zone options, add the dedicated AXFR server's IP address to the fields Allow transfers from.. and Also notify slaves..

Webmin zone options.png

This will create a bind configuration similar to those proposed for plain bind. You may need to restart the bind DNS server after this.

© 2020. Hetzner Online GmbH. Alle Rechte vorbehalten.