Secondary DNS Services

What is Secondary DNS?

While it may sound like a secondary DNS provider is a backup to your primary DNS provider… It’s actually when you have two providers that are authoritative for answering your queries.

Think of it as an extra set of name servers that are authoritative for your domain(s). Whenever you query a domain with Secondary DNS enabled, you will have a 50/50 chance of seeing the nameservers for each provider.

How It Works

Single DNS Provider

In a basic, single provider DNS configuration all users will be answered by the provider’s nameserver set. History has shown us that this is not a reliable practice, as this leaves domains vulnerable to single provider outages.

Provider Outage

If a DNS provider is unavailable, all of its clients’ domains will not resolve. It actually happens more often than you would think. There are dozens of DNS provider outages every year with downtime ranging from a few minutes to entire days.

Multiple DNS Providers

But there is hope! Savvy admins that use more than one DNS provider are able to withstand these kinds of outages because there are multiple nameserver sets authoritative for their domains.

Single Provider Outage

If one of the providers were to be unavailable, resolving nameservers would only send query traffic to the available nameserver set. All of this happens automatically with no appreciable effects to end users.

Single DNS Provider

blurple server

Provider Outage

grey server

Multiple DNS Providers


Single Provider Outage

multiple down

Benefits of Secondary DNS

Speed Boost

Secondary DNS can actually improve page load times. Resolving nameservers will start to prefer the provider that responds the fastest.

That means queries will more often be served to the better performing provider and over time improve resolution times.


Even if you are using on-premises DNS architecture you can still enjoy the benefits of Secondary DNS. Add a cloud-based provider, like DNS Made Easy, as a primary or secondary provider to your existing infrastructure.

For extra security, you can configure your in-house name servers as hidden masters. Queries will appear to be answered by your in-house nameservers but really the cloud provider is authoritative.


Think of all the parts of your business that have redundancies. Secondary DNS is simply a safeguard that all Internet-dependant businesses should use.

Over the past year, there has been a 5% growth in enterprise adoption of multi-vendor DNS configurations.

Top 3 Secondary DNS Strategies

Primary / Secondary

Most Popular

Query traffic is split evenly across both providers’ nameservers. The secondary provider receives all the zone updates from the primary.

This is the easiest strategy both for setup and maintenance. Instantly double the number of authoritative nameservers for your domains and enjoy immediate updates.

Hidden Primary

Great for Hybrid

Hidden primary is also referred to as a Master / Slave configuration because only one set of name servers actually answers queries, the secondary nameservers. However, those nameservers are not shown when you query that domain. Rather, the world will see the nameservers of the hidden primary.

This configuration allows you to run your DNS in-house, but propagate to the cloud when needed. Hybrid configurations benefit from the security of on-prem while also that of an Anycast network: global scalability, cost effectiveness, and can be turned up in an instant.

Primary / Primary

Best for Enterprise

A primary/primary setup means you have two providers equally authoritative for your domain. This is the most popular and widely used configuration, especially among large-scale domains.

This is the only technique that can be used with services that aren’t RFC compliant. Overall, the best technique for faster and more accurate query routing.

Primary/primary also works great with CDN’s, because it allows for region-specific routing.

It's as Easy as 1-2-3-4

Finger one


First, you’ll need to transfer your zone file information from your primary to your secondary provider. Depending on the strategy you chose, you will do this manually through an API or a provider’s control panel.

Finger two

NS Records

Just like when you change DNS providers, you will need to add the appropriate NS (nameserver) records with a list of both nameserver sets at each provider.

Finger three

Notify Registrar

Tell your registrar the nameserver set(s) that are authoritative for your domains.

Finger four

Setup Updates

Whenever you make an update to your primary provider, the primary will automatically update the secondary provider. If you are using a primary/primary then you will need to update both providers with the same configurations.

Related Articles


Tutorial: Learn how to setup Secondary DNS in the DNS Made Easy Control panel.

Learn how

New Study: 65% of top retail domains are vulnerable to single DNS provider outages.

Read more
On off graphic

More domains are using multiple DNS providers after recent devastating outages.

Read more

Webinar: Secondary DNS is no longer just a backup plan. Four strategies to try and exclusive Q&A with Founder Steven Job.

Watch now

Like what you see?

Start your free (no credit card required) 30 day trial and you can have fast DNS in a matter of minutes.
Yep, it really is that easy.

Sign up