You can support us by downloading this article as PDF from the Link below. Download the guide as PDF

In the previous post we covered how to setup a primary DNS server using BIND9. We shall be exploring how to setup a secondary DNS server. A slave DNS server gets a copy of data from the primary DNS using the zone transfer method. This method keeps the zone data in a cache for a particular time and uses it to serve DNS queries.

Master slave DNS ubuntu 20 04

In our setup, we have a primary DNS server whose IP is and domain name is ns1.computingforgeeks.local.

We are setting up a secondary server with and ns2.computingforgeeks.local.

Configuration on the Bind Master DNS

For the Master-Slave setup, we need to configure the master DNS server and enable zone transfer to the secondary Name Server.

We will edit the /etc/named.conf.local file on the primary server (ns1.computingforgeeks.local) and add the allow-transfer and also-notify parameters.

sudo vim /etc/bind/named.conf.local

This will be done for both the forward and reverse entries.

##Forward zone
zone "computingforgeeks.local" IN { // Domain name
      type master; // Primary DNS

     file "/etc/bind/forward.computingforgeeks.local.db"; // Forward lookup file

     allow-update { none; }; // Since this is the primary DNS, it should be none.
     allow-transfer  {; }; //Allow Transfer of zone from the master server

     also-notify {; }; //Notify slave for zone changes


##Reverse zone
zone "" IN { //Reverse lookup name, should match your network in reverse order

     type master; // Primary DNS

     file "/etc/bind/reverse.computingforgeeks.local.db"; //Reverse lookup file

     allow-update { none; }; //Since this is the primary DNS, it should be none.

     allow-transfer  {; }; //Allow Transfer of zone from the master server

     also-notify {; }; //Notify slave for zone changes


The allow-transfer parameter allows transfer of zone files from the master to the slave DNS while the also-notify helps notify the slave whenever there is an update on the zone files from the master.

We have to restart DNS service on ns1.computingforgeeks.local:

sudo systemctl restart bind9

Configure the Slave DNS

Install the necessary packages:

sudo apt-get install -y bind9 bind9utils bind9-doc dnsutils

Edit the file at /etc/bind/named.conf.local and add both the forward and reverse zone parameters:

sudo vi /etc/bind/named.conf.local

###Forward Zone

zone "computingforgeeks.local" IN { //Domain name

     type slave; //Secondary Slave DNS

     file "/var/cache/bind/forward.computingforgeeks.local.db"; //Forward Zone Cache file

     masters {; }; //Master Server IP


####Reverse zone

zone "" IN { //Reverse lookup name. Should match your network in reverse order

     type slave; // Secondary/Slave DNS

     file "/var/cache/bind/reverse.computingforgeeks.local.db"; //Reverse Zone Cache file

     masters {; }; //Master Server IP


Restart DNS service:

sudo systemctl restart bind9

Test Slave DNS

To test if the zone transfer was successful and DNS is working on the slave server, we’ll need to configure a client host and use the slave as its DNS server.

In Ubuntu:

sudo echo "nameserver" >> /etc/resolv.conf

We can then use the dig command to verify the DNS.

[email protected]:~# dig www.computingforgeeks.local

; <<>> DiG 9.16.1-Ubuntu <<>> www.computingforgeeks.local
;; global options: +cmd
;; Got answer:
;; WARNING: .local is reserved for Multicast DNS
;; You are currently testing what happens when an mDNS query is leaked to DNS
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24401
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

; EDNS: version: 0, flags:; udp: 4096
; COOKIE: b1e287dd1d118ad6010000005f8c88233ef562a7063e7a15 (good)
;www.computingforgeeks.local.	IN	A

www.computingforgeeks.local. 604800 IN	A

;; Query time: 0 msec
;; WHEN: Sun Oct 18 18:23:31 UTC 2020
;; MSG SIZE  rcvd: 100

You can use the dig domain-name @<nameserver> if you wish to explicitly direct the query to the slave DNS.

dig www.computingforgeeks.local @

The result shows that you the slave DNS is able to handle queries. This is an implication that the Master-slave DNS setup is working as desired.


You have successfully setup a slave DNS server on Ubuntu 20.04 using BIND9. Please share your feedback in the comments section.

Other guides:

Install PowerDNS on CentOS 8 with MariaDB & PowerDNS-Admin

How To add DNS Forward Lookup Zone in Windows Server 2019

How To Monitor BIND DNS server with Prometheus and Grafana

As an appreciation for the content we put out,
we would be thrilled if you support us!

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online.

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee.


Please enter your comment!
Please enter your name here