For de-Domains a secondary DNS with a different IP is mandatory. For this problem I used puck.nether.net, but this service is down. I don’t know if it’s just temporarily or forever. I tried several other services, but no one worked.
These are the services that didn’t worked for severeal reasons:
Same - saw puck.nether.net has been down for nearly a week … 
But I added afraid.org without any trouble. Chose them because they handle IPv6 and DNSSEC. They picked up my DNS entries very promptly, and it propagated with the usual DNS delays - all messages cleared overnight.
I hope puck comes back - it had been a simple and effective service.
I tried setting up afraid.org and it’s failing. Any tips on the problem you encountered and/or what you did to get it to work?
Here’s an example of the error shown in afraid.org:
query-errors: info: client @0x80f1ea600 143.110.153.147#44886 (mydomain.org): query failed (SERVFAIL) for mydomain.org/IN/A at query.c:7201
And here’s a couple corresponding errors in the MiaB syslog file:
Apr 16 12:15:08 mail nsd[349829]: [2025-04-16 12:15:08.509] nsd[349829]: error: xfrd: zone mydomain.org: received notify response error SERVER NOT AUTHORITATIVE FOR ZONE from 69.65.50.223
Apr 16 12:15:08 mail nsd[349829]: [2025-04-16 12:15:08.509] nsd[349829]: error: xfrd: zone mydomain.org: max notify send count reached, 69.65.50.223 unreachable```I used the same process at afraid.org as at most secondary DNS providers:
At the secondary (puck, afraid, etc): you enter your domain name, and the IP address of your primary DNS server (your box). If you have multiple domains on your box, enter each other domain and your primary DNS server. (This tells the secondary where to get the info from.)
On your box: go to Admin / Custom DNS, in the “Using a secondary nameserver” / Hostname field, enter the name of the secondary server, space, “xfr:”, and the IP address of the secondary server. Note the spacing, eg “ns2.afraid.org xfr:69.65.50.192” and care with the details - the name and IP address of the secondary server are probably different to the name and address of the website. (This tells MIAB that the secondary is allowed to copy the info.)
At your domain registrar, go to the nameservers list (which might show ns1.box.yourdomain.com, ns2.box.yourdomain.com) and add the name of the secondary server. (I also remove the reference to my ns2 server, just for neatness.) Repeat for any other domains on your box. (This tells the rest of the world where to find your DNS info.)
Wait. Initial fetching by the secondary is usually quite quick, but propagation through the DNS system might take a day…
Thanks for the reply and detailed info. I had done everything in your description except the “xfr:69.65.50.192” bit. I just updated that field in Custom DNS and as I write this I see it appears to be working. Thanks again.
PS. Looks like puck.nether.net is on the way back up … their web page is back, and the signon page gives a reply (though not a signon). Those who have been happy with puck, could wait and see what happens.
Why do you say dns.he.net does not work? It’s been working flawless for me for months now! See attached image. This is how you need to configure.
I highly recommend using Hurricane Electric’s DNS. They are such a big company and support the backbone of the Internet that their service is highly reliable. I’m using all FIVE of their nameservers with my MIAB setup.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.
