NS1 status

Articles in this section

See more

Converting a secondary to a primary zone

  • Updated
Follow

If necessary, you can convert your secondary zone to a primary zone so that the NS1 nameservers are the authority for the domain. During the conversion process, you can adjust the DNS networks to which the zone is published, reassign nameservers to the zone, and enable DNSSEC online signing.

Before you begin

If you plan to enable DNSSEC on the new primary zone, you must remove the existing DS record from the parent zone at least 24 hours before converting the secondary zone. During the conversion process, if NS1 nameservers are included in the domain's delegation at the registrar, then all related DNSSEC records will be removed and the chain of trust will break. Thus, any resolver that validates DNSSEC will consider any query response from the IBM NS1 Connect platform as invalid, potentially causing DNS resolution to fail. After the zone is converted, add the new DS record at the domain registrar with the new DNSSEC configuration details.

Instructions

Follow the steps below to convert a secondary zone to a primary zone.

  1. In the portal, navigate to DNS > Zones.

  2. Click the name of the secondary zone you want to convert to drill into zone details. Tip: Select the “Secondary” checkbox to filter the list or perform a search for the specific zone.

    screenshot-secondarytoprimaryzone-details_page_before.png

  3. Click the Zone settings.

    screenshot-secondarytoprimary-convert_button.png

  4. Under “Secondary zone status,” click Change to primary.

    screenshot-secondarytoprimary-convert_to_primary_modal_1.png

  5. By default, the network on which the secondary zone is already published is selected as the network on which to publish the primary zone, if applicable. Use the search bar to search for other available networks on which you can publish the zone if desired. Note that you can click the “X” next to the network name to remove it.

  6. Optionally, click the checkbox next to “Replace current NS record set with the nameservers of the DNS networks to which you are publishing the zone.” If selected, the answers listed within the NS record are automatically updated upon saving your changes. Enabling this option might be preferred if you have changed or plan to change the delegation for the domain, preventing you from having to update the NS records manually, later on.

    Note

    If selected, you must update the zone delegation settings at the domain registrar to point to the new nameservers for this zone.

  7. Click Next step.

    screenshot-secondarytoprimary-convert_to_primary_modal_2.png

  8. Optionally, toggle the switch to enable DNSSEC on the primary zone. Refer to the note above about enabling DNSSEC.

  9. Once complete, click Confirm zone change to primary. A message appears in the top right corner of the screen indicating the conversion was successful.

    screenshot-secondarytoprimary-success_banner.png

  10. If you replaced the nameservers associated with the zone (see step 6), you must complete the reconfiguration by updating the zone delegation at the domain registrar to point to the new nameservers. You can view the assigned nameservers under the Nameservers tab in the zone details, or by navigating to the zone’s NS record to see the associated answers.

Related articles