04.08.2025

How to Set Up a Secondary DNS Server with BIND9 on Ubuntu 20.04

The secondary DNS server works for fault tolerance. If the primary one stops working for some reason, the secondary one will ensure the functionality of the website and other resources specified in it.

First, you need to install and make a basic configuration of the BIND9 DNS server.

Initial settings

Additional settings for the primary DNS server BIND9

If you configured the primary DNS server according to our instructions, you can skip this step.

We must allow the primary DNS server to transmit DNS zone data to the secondary server. Open the BIND9 configuration file.

sudo nano /etc/bind/db.domain-name.com

Add the following 2 parameters to the zone settings: allow-transfer and also-notify, substituting the IP address of the secondary server in them. The result will be something like this.

zone "domain-name.com" {
type master;
file "/etc/bind/db.domain-name.com";
allow-transfer { 10.1.1.10; };
also-notify { 10.1.1.10; };
};

Save this file and reload BIND9.

sudo systemctl reload bind9

Configuring BIND9 as a secondary DNS Server

Open the BIND9 configuration file.

sudo nano /etc/bind/named.conf.local

Add the following directive to it.

zone "domain-name.com" {
type slave;
file "db.domain-name.com";
masters { 10.1.1.9; };
};

The masters parameter must contain the IP address of the primary DNS server. Save the file and reload BIND9.

sudo systemctl reload bind9

To check if the secondary DNS server is working correctly, use the command on any remote computer:

nslookup domain-name.com 10.1.1.10

Use your FQDN instead of domain-name.com and the IP address of your secondary DNS server instead of 10.1.1.10.

Output

Server: 10.1.1.10
Address: 10.1.1.10#53
Name: domain-name.com
Address: 10.1.1.10

Conclusion

By setting up a secondary DNS server with BIND9, you significantly improve the resilience and availability of your domain’s name resolution. If the primary DNS server goes down, the secondary server will seamlessly take over, ensuring that your website and other critical resources remain accessible. Following this step-by-step guide helps you build a fault-tolerant DNS infrastructure and avoid costly downtime.

FAQ