coredns/man/coredns-secondary.7

.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-SECONDARY" 7 "March 2021" "CoreDNS" "CoreDNS Plugins"

.SH "NAME"
.PP
\fIsecondary\fP - enables serving a zone retrieved from a primary server.

.SH "DESCRIPTION"
.PP
With \fIsecondary\fP you can transfer (via AXFR) a zone from another server. The retrieved zone is
\fInot committed\fP to disk (a violation of the RFC). This means restarting CoreDNS will cause it to
retrieve all secondary zones.

.SH "SYNTAX"
.PP
.RS

.nf
secondary [ZONES...]

.fi
.RE

.IP \(bu 4
\fBZONES\fP zones it should be authoritative for. If empty, the zones from the configuration block
are used. Note that without a remote address to \fIget\fP the zone from, the above is not that useful.


.PP
A working syntax would be:

.PP
.RS

.nf
secondary [zones...] {
    transfer from ADDRESS [ADDRESS...]
}

.fi
.RE

.IP \(bu 4
\fB\fCtransfer from\fR specifies from which \fBADDRESS\fP to fetch the zone. It can be specified multiple
times; if one does not work, another will be tried. Transfering this zone outwards again can be
done by enabling the \fItransfer\fP plugin.


.PP
When a zone is due to be refreshed (refresh timer fires) a random jitter of 5 seconds is applied,
before fetching. In the case of retry this will be 2 seconds. If there are any errors during the
transfer in, the transfer fails; this will be logged.

.SH "EXAMPLES"
.PP
Transfer \fB\fCexample.org\fR from 10.0.1.1, and if that fails try 10.1.2.1.

.PP
.RS

.nf
example.org {
    secondary {
        transfer from 10.0.1.1 10.1.2.1
    }
}

.fi
.RE

.PP
Or re-export the retrieved zone to other secondaries.

.PP
.RS

.nf
example.net {
    secondary {
        transfer from 10.1.2.1
    }
    transfer {
        to *
    }
}

.fi
.RE

.SH "BUGS"
.PP
Only AXFR is supported and the retrieved zone is not committed to disk.

.SH "SEE ALSO"
.PP
See the \fItransfer\fP plugin to enable zone transfers \fIto\fP other servers.