Hidden Master DNS

Simply speaking ‘Hidden Master DNS’ is done by removing the SOA DNS server from the NS records. The common practise is that the company controls their own DNS master or SOA, and uses ISP or other vendors’ DNS as secondary or slave. The benifit is to hide the master DNS from public, as generally speaking the ISP or vendors’ DNS servers are safer. 

$TTL 86400
@ IN SOA dns01.mylab.local. (
2014082100 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL

; nameserver
IN NS dns01.mylab.local.
IN NS Secondary.DNS.ISP.



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s