A primary (or non-secondary) zone contains the source zone file corresponding to a fully qualified domain name (FQDN) and its subdomains. You can create a primary zone and the corresponding DNS records manually, or import a zone file from another DNS provider. After creating the zone and its associated records, you must update the delegation at the domain registrar to point to NS1 nameservers.
The instructions below reflect a configuration in which IBM NS1 Connect is the primary or only DNS provider for the specified domain. After publishing the zone to one or more NS1 DNS networks, you must update the nameserver delegation to point to the nameservers assigned to the zone. If you are using multiple DNS providers, you must configure outgoing zone transfers within the zone settings to allow secondary XFR servers to request and receive updated zone data. Refer to Configuring NS1 as a primary DNS provider for more information.
Follow the instructions below to create a primary zone on the NS1 Connect platform.
-
In the portal, go to DNS > Zones.
-
Click the "+" (add) button to create a new zone.
-
Under Domain name, enter the fully qualified domain name (FQDN) for the zone.
-
Under DNS networks, select one or more NS1 DNS networks on which to publish the zone. In most cases, this should include the Managed DNS network. The network(s) selected inform which nameservers are assigned to the zone. Optionally, deselect all networks to leave the zone unpublished. Note that DNS traffic to your domains will not flow through NS1 nameservers until the delegation is updated at the domain registrar.
-
Under Zone settings, select Normal setup, and enter or adjust the following zone settings:
-
SOA TTL - The amount of time in seconds that DNS resolvers should cache the SOA record which contains administrative information about the zone. The default value is 3600 (seconds) or one hour.
-
Refresh - The amount of time in seconds between each AXFR query from secondary servers to request an updated zone file from the NS1 Connect platform. The default value is 43200 (seconds) or 12 hours.
-
Retry - If the secondary servers' attempt to refresh the primary zone file fails, this is the amount of time before the secondary server attempts the refresh again. The default value is 7200 (seconds) or two hours. The secondary servers will repeat attempts to connect to the NS1 nameservers at this rate until the zone file is refreshed successfully or until the zone file expires.
-
Expire - If attempts by the secondary nameservers to refresh the primary zone file fail repeatedly, this is the amount of time in seconds before the zone file expires. At this point, the NS1 nameservers would be considered "down" and no longer authoritative for the zone. The default value is 1209600 (seconds) or 14 days.
-
NX TTL - The amount of time in seconds DNS resolvers should cache a "negative" response to a DNS query for a domain, such as an NXDOMAIN error or an EBOT/NODATA response. The default value is 3600 (seconds) or one hour.
-
RNAME - The email address of the primary administrator for this zone.
-
MNAME - The domain name of the nameserver that is the original or primary source of data for this zone.
-
-
Click Save zone. The new zone appears in the list, and an NS record is automatically generated containing the NS1 nameservers assigned to the zone.
After creating the primary zone, add the corresponding DNS records and adjust the zone configuration settings as desired. When you are ready to activate traffic flow to your domains through NS1 nameservers, you must locate the nameservers assigned to the zone and update the nameserver delegation at the domain registrar.
Warning: Do not update the nameserver delegation at the domain registrar until you are ready to begin sending DNS traffic to NS1 nameservers. If you are undergoing a large migration to or between services on the IBM NS1 Connect platform, consult with the customer support team or your dedicated support representative before updating the nameserver delegation at the registrar.