Setup Vanity DNS on your zones

Vanity DNS allows you to use BuddyNS infrastructure and present it to the Internet as your own.

With Vanity DNS, your domain names appear to the DNS hierarchy as served by ns3.your-company.com (or any personalized name), but these names are actually backed by servers from the BuddyNS Backbone.

Warning!

Delegation with Vanity DNS is restricted to users on certain plans, and recommended to none. Read carefully to avoid issues.


Vanity DNS incurs risks in return for trivial business value.

Risks and value of Vanity DNS

A decade experience in DNS makes us recommend you against Vanity DNS. Why? Vanity DNS poses and extra maintenance burden and major security risk in return for negligible business value. It's just not worth it.

Regarding value: Vanity DNS may make your network look bigger and more important. However, what fraction of your users will actually go and look up your domain delegation? Even those who do, they'll discover long cryptographic keys. If they get to the end of it, they'll realize they are operated by a specialized, high-security DNS network. So what? That 0.1 ‰ will see you take DNS seriously, like you should.

Regarding risk: whenever an IP address changes, e.g. for network or location optimizations, you must accurately, timely update your delegation. Miss that, and you'll inadvertently empower unknown third parties to control your most sensitive Internet asset. What could happen? Lose ownership of your domain name, get a website defaced, leak your clients' access credentials and more. We've seen enough distractions with delegation already.

So, is it worth it? If not, go back to setup your domains with standard straight delegation, let us handle the network and keep your safety and zen

If Vanity DNS has to be, proceed on this page.

I am allowed to use Vanity DNS?

Check if you are allowed to you use Vanity DNS here:


Free

Advanced

Astronaut

Enterprise
Allowed
DNS cluster deploys zones that use Vanity DNS.
No Yes Yes Yes
Supported
Our team notifies you and responds about Vanity DNS.
No No Yes Yes
Recommended
We advise using Vanity delegation.
No No No No

Users subscribed for Advanced plans until January 2019 avail of support for Vanity DNS.

How to set up Vanity DNS for your BuddyNS zones

Setting up Vanity DNS is easy and only involves a few naming steps on your side. Here's the general steps you take to Vanity-enable your zone mydomain.com:

  1. BuddyNS offers you 5 servers; choose the names you want to give them in your zone.
    E.g. ns2.mydomain.com, ns3.mydomain.com, ns4.... See naming notes below.
  2. add new A entries to your zones mapping these names to BuddyNS server addresses.
    E.g. ns2 → 185.34.136.178, ns3 → 108.61.224.67 etc. See naming notes below.
  3. update the NS records of your zone adding the new server names.
    E.g. mydomain.com IN NS ns2, mydomain.com IN NS ns3, etc.
  4. reflect the nameservers you set at step #3 at your registry (domain name vendor).

Notes on naming your new servers

Pick which BuddyNS servers to use for replication:

  • BuddyNS offers you multiple servers at different locations.
  • You can use a subset of them. The more you use, the more reliable.
  • You are free to choose whichever name you like for them:
    • traditional names look like ns2,3,...mydomain.com
    • fantasy names like huey,dewey,louie.mydomain.com work just as well
  • The order of the servers is irrelevant.

Vanity with many domains

If you are hosting many domain names, you may be tempted to delegate each one of them with its own Vanity servers. Don't!

Instead, follow this best practice: delegate your "host" domain name with a vanity mapping to BuddyNS. Then, delegate all your other domains to your "host" domain nameservers.

For example: say your primary ("host") domain is coolhosting.com, and you host domains c1.com through c1000.com for your clients. Delegate with vanity only coolhosting.com, e.g. defining ns{2,3,4,5}.coolhosting.com to point to your favorite BuddyNS servers. Then, delegate all other c*.com domain names to your host nameservers (e.g. ns{2,3,4,5}.coolhosting.com), as opposed to defining and delegating new ns{2,3,4,5}.c*.com for all clients.

So, this is good:

coolhosting.com → {ns2,ns3,...}.coolhosting.com   # vanity-delegated to BuddyNS
c1.com → {ns2,ns3,...}.coolhosting.com            # vanity-delegated to your host domain
c2.com → {ns2,ns3,...}.coolhosting.com

... while this is bad:

# don't do this!
coolhosting.com → {ns2,ns3,...}.coolhosting.com
c1.com → {ns2,ns3,...}.c1.com
c2.com → {ns2,ns3,...}.c2.com

Why? Besides giving better visibility to your host domain, this setup makes your life much simpler when you need to change the Vanity destination, e.g. because you decided to switch to another BuddyNS server, or because we migrated one and instructed you to update its address.

IPv6 and Vanity DNS

As part of BuddyNS's outstanding support for IPv6, you can use BuddyNS's IPv6 nameservers to make DNS for your zones available over IPv6 without having IPv6 infrastructure at your side.

To add IPv6 support to your DNS, map each of the new NS entries you just defined to BuddyNS' IPv6 server addresses, using AAAA record types. Make sure to point each name to the IPv4 and IPv6 address of the same BuddyNS server.

For example, assume you associated ns2.mydomain.com to BuddyNS server c.ns. This means you just added to zone mydomain.com an A record mapping ns2 to address 185.34.136.178. To have IPv6 reachability, add a new AAAA record mapping ns2 to address 2a00:dcc7:d3ff:88b2::1.

You end up with 2 records for each vanity name: one (type A) mapping the name to an IPv4 address, plus one (AAAA type) mapping the name to an IPv6 address.

Make sure to reflect this change at your registry.

When clients will query the DNS tree for NameServers of mydomain.com, they be given the list of your ns*.mydomain.com names, and the IPv4 and IPv6 addresses for each. IPv6-enabled clients will therefore be able to proceed resolving your domain names over IPv6 talking to BuddyNS servers.

BuddyNS server addresses

Locations of BuddyNS servers
BuddyNS name Secure name Location Addresses
b.ns.buddyns.com uz53c7fwlc89h7jrbxcsnxfwjw8k6jtg56l4yvhm6p2xf496c0xl40.pro.ns.buddyns.com USA, Texas 108.61.224.67
2001:19f0:6400:8642::3
c.ns.buddyns.com uz5x36jqv06q5yulzwcblfzcrk1b479xdttdm1nrgfglzs57bmctl8.pro.ns.buddyns.com Europe, Germany 116.203.6.3
2a01:4f8:1c0c:8115::3
d.ns.buddyns.com uz588h0rhwuu3cc03gm9uckw0w42cqr459wn1nxrbzhym2wd81zydb.pro.ns.buddyns.com USA, New York 107.191.99.111
2604:180:2:4cf::3
e.ns.buddyns.com uz5c15kc3lkws2mtwp7l8g9f33yffvvt96y54tlmn41zjy0043purm.pro.ns.buddyns.com Russia, St. Petersburg 185.22.172.112
2a00:1838:20:2::cd5e:68e9
f.ns.buddyns.com uz5154v9zl2nswf05td8yzgtd0jl6mvvjp98ut07ln0ydp2bqh1skn.pro.ns.buddyns.com Asia, India 103.6.87.125
2403:2500:4000::f3e
g.ns.buddyns.com uz5dkwpjfvfwb9rh1qj93mtup0gw65s6j7vqqumch0r9gzlu8qxx39.pro.ns.buddyns.com USA, Seattle 192.184.93.99
2604:180:1:92a::3
h.ns.buddyns.com uz5w6sb91zt99b73bznfkvtd0j1snxby06gg4hr0p8uum27n0hf6cd.pro.ns.buddyns.com Australia, Adelaide 119.252.20.56
2401:1400:1:1201::1:7853:1a5
i.ns.buddyns.com uz5qfm8n244kn4qz8mh437w9kzvpudduwyldp5361v9n0vh8sx5ucu.pro.ns.buddyns.com USA, California 31.220.30.73
2a04:bdc7:100:1b::3
j.ns.buddyns.com uz56xw8h7fw656bpfv84pctjbl9rbzbqrw4rpzdhtvzyltpjdmx0zq.pro.ns.buddyns.com Europe, Netherlands 185.34.136.178
2a00:dcc7:d3ff:88b2::1
k.ns.buddyns.com uz5x6wcwzfbjs8fkmkuchydn9339lf7xbxdmnp038cmyjlgg9sprr2.pro.ns.buddyns.com Europe, Romania 185.136.176.247
2a06:fdc0:fade:2f7::1
l.ns.buddyns.com uz52u1wtmumlrx5fwu6nmv22ntcddxcjjw41z8sfd6ur9n7797lrv9.pro.ns.buddyns.com Asia, Japan 45.77.29.133
2001:19f0:7001:381::3

A Vanity DNS setup example

Say you want to setup zone mydomain.com with Vanity DNS.

Let's pick the BuddyNS servers to use: we use servers f, j, i.

Let's pick the vanity names to refer these servers with: we can use anything, and we choose us-ns, eu-ns, as-ns.mydomain.com.

We can assign any name to any BuddyNS server: we make these combinations:

eu-ns.mydomain.com.     IN A    185.34.136.178      # j.ns.buddyns.com
as-ns.mydomain.com.     IN A    103.6.87.125        # f.ns.buddyns.com
us-ns.mydomain.com.     IN A    31.220.30.73        # i.ns.buddyns.com

We then refer these new names as nameservers for mydomain.com:

...
mydomain.com            IN NS       eu-ns.mydomain.com
mydomain.com            IN NS       as-ns.mydomain.com
mydomain.com            IN NS       us-ns.mydomain.com

This setup is sound and complete if we only want IPv4 support.

If we want to add IPv6 DNS reachability, we proceed by adding AAAA entries for the same names:

eu-ns.mydomain.com.     IN AAAA    2a00:dcc7:d3ff:88b2::1   # j.ns.buddyns.com
as-ns.mydomain.com.     IN AAAA    2403:2500:4000::f3e      # f.ns.buddyns.com
us-ns.mydomain.com.     IN AAAA    2a04:bdc7:100:1b::3      # i.ns.buddyns.com

Any question or feedback? Contact support.