An upgrade to another product can be carried out quickly and easily at any time by the account owner. The upgrade options for the Starter/Medium/Large products can be found under the menu item Accounting / Subscription / Upgrade. A product downgrade is only possible after written notification to rcodezero@ipcom.at.

A contract must be concluded for an upgrade to PRO.

If you have any questions about the products, please contact rcodezero@ipcom.at.

First, the relevant zone has to be added in the web interface at "Add Domain". Primary DNS zones can be edited directly in the web interface. Secondary DNS edits the zone as usual at the primary name server, increase serial and send notifies at our control name server (the relevant IP addresses will be displayed in your web interface). Our control name server will then retrieve the zone from your name server.

Zone transfers can be initiated via the "retrieve" command on the REST API or via the web interface. In this case, the serial is ignored and the zone is transferred and deployed to the Anycast nodes even if the serial has not increased. Note: Even if a zone was transferred, the Anycast name servers may respond a few minutes with old data due to internal caching in the name server software.

You have two possibilities:
1. Configure your zone via web interface or REST API as primary zone and add the relevant records also via web interface or REST API.
2. Another opportunity is to configure the zone as secondary zone. To do this, it is necessary to allow zone transfers from the RcodeZero DNS name servers and send notifications (when changes are made) to them. The corresponding IP addresses can be found in the web interface.

Also, in the web interface you will find the names and IP addresses of the name servers where your zones are hosted.

We support every record type. For primary DNS zones these types can be entered directly (all other types can be entered in the generic form as TYPExxx with hex encoding): A, A6, AAAA, ADDR, AFSDB, ALIAS, ANY, AXFR, CAA, CDNSKEY, CDS, CERT, CNAME, DHCID, DLV, DNAME, DNSKEY, DS, EUI48, EUI64, HINFO, IPSECKEY, IXFR, KEY, KX, LOC, MAILA, MAILB, MINFO, MR, MX, NAPTR, NS, NSEC, NSEC3, NSEC3PARAM, OPENPGPKEY, OPT, PTR, RKEY, RP, RRSIG, SIG, SMIMEA, SOA, SPF, SRV, SSHFP, TKEY, TLSA, TXT, URI, WKS

Yes, please get in contact with us for a configuration.

Primary and secondary DNS use the same clouds and locations.

If the RcodeZero DNSSEC signing service is used for a zone, this zone will be re-signed periodically. In order for more Secondary Name Servers to load the new signatures, the serial must also be increased. This happens every Thursday at 0:00 o'clock UTC. The difference of the serials corresponds to the number of the past weeks since January 1, 1970.

Typically below 3 minutes, but this depends on several facts and timers which needs to be accumulated:

DNS Caching: Our name servers cache DNS responses for 3 minutes. Thus, if the domain was queried just before the zone was updated, the name server will respond with the old data for 3 minutes. Note: As there are multiple name servers with load-balancing on every Anycast location, it may happen that some responses still contain the old data while some responses already contain the new data.

 

DNS NOTIFY:
For Secondary DNS zones, the Primary Server must send notifications to our Control Name Server on zone changes to initiate a zone transfer. The transfer is normally started immediately, but can also take a few minutes.

 

For hosted Primary DNS zones it is possible to customize the NS and SOA records (SOA partially).

The number of locations depends on the selected product. There are 2 independent clouds in 2 autonomous systems (AS) with more than 50 nodes for Enterprises and ISP/Registrars customers. There is one cloud with more than 30 nodes for TLD customers (Status December 2023).

No separate DNS infrastructure is required for Primary DNS. New zones and zone updates can processed using the web interface or API on the RcodeZero DNS system. Secondary DNS requires its own local DNS infrastructure, although existing infrastructure can usually be used. The zones are picked up by RcodeZero DNS via AXFR from the customer and distributed on the Anycast name servers.

A web interface and REST API (for Enterprises and Internet Service Providers) is available for managing your zones.

DNSSEC is included for free in every RcodeZero DNS package. The user may, at any time, activate or deactivate the DNSSEC signing service free of charge, for some or all of the zones.

Yes, absolutely. RcodeZero DNS nodes offer you services over iPv4 or iPv6.

The customer web interface allows you for example to add / delete / query zones, fetch a complete zone list, see and download DNS query statistics.

Libcloud, Kubernetes External DNS, Acme.sh are available. Our R&D department is continuously working on new API integrations for common platforms.

RcodeZero is a "supported provider" at Libcloud. Libcloud is a standard python-library and interacts with different cloud-providers. A dedicated API ensures that applications only have to be written once and interact them with various cloud providers without being bound to a specific one. You can find more information here: https://libcloud.readthedocs.io/en/stable/dns/drivers/rcodezero.html

The token can be used via REST API and provides the features for ACME (automated domain validation via DNS for Let's Encrypt certificates).

RcodeZero DNS can be tested directly on the production system. The test account can be seamlessly converted into a production account.

The test system is a 1:1 clone of the production system. The system is suitable for performing automated API tests or for testing new features before they are rolled out to the production system. You can use the testing system for free but there are no Anycast DNS service or SLAs. You can find the special test system at https://my-test.rcodezero.at

In general you can use your normal RcodeZero DNS account for testing. The first 30 days are free of charge. Furthermore, we offer a special "test system", which is independent of the production system. For example you can test the integration in your systems or run CI tests. You can find our test system at https://my-test.rcodezero.at where you can also register your test-account for free but there are no Anycast DNS service or SLAs.

We offer a product PRO DEDICATED to customers with over 50,000 domains, as opposed to the normal shared system. On the shared system a domain may only be added once. It may happen that adding a domain fails as another customer has already added this domain. Then manual fixing is required.

With a dedicated system you get a dedicated name server only used by you – so an "add domain" will always succeed. Dedicated systems require dedicated anycast IP addresses.

RcodeZero DNS can be used together with External DNS for automated entries from Kubernetes resources.

Yes, it is possible to choose your own DNS hostname. Additionally, you have the option to operate RcodeZero DNS with exclusive IP addresses (so called dedicated IP addresses) from the ipcom address, or bring your own network area (then your prefix will be routed from RcodeZero DNS).

First, you should check the serial of the zone on the RcodeZero control server. This can be done either by viewing the zone details on the website or by querying the control name server for the SOA record, e. g.: dig @83.136.34.7 yourdomain.com SOA

If the serial is smaller than the serial on the master server, then possible problems can be that the control server is not allowed to query and transfer the zone from the primary. Make sure to allow query and zone transfer from the control server IP addresses 83.136.34.7 and 2A02:850:8::6. The Control Name Server checks your server for changes at least every 24 hours, or immediately if your Primary Name Server sends a NOTIFY to the Control Name Server.

If the zone on the control server is up-to-date, you can also check the zone data on an Anycast name server. Due to asynchronous replication and name server internal caching the changes may be delayed up to 5 minutes.

 

dig @sec1.rcode0.net yourdomain.com SOA

 

Attention: If you change the zone on your Primary name server, the serial of the zone must also be increased!

There is a page in the web interface called "Problematic Zones".

This page lists all your zones for which the control server failed to check the serial, or failed to transfer the zone.

Statistics can be downloaded manually in the web interface or via REST API. There are basic statistics and advanced statistics starting with the product Medium. For example: Number of queries per day, number of queries per day per zone, most queried lables, most queried NXDOMAIN lables, ...

If the zone which should be added is already provisioned on RocdeZero DNS (under management by another RocdeZero DNS account), the system will by default rejects the request with a respective error message. To allow the transfer (change of ownership) from one RocdeZero DNS account to another, a transfer code has to be added to the zone (by the zone owner, thus the code should be added before transferring a domain to a new account). The transfer code has to be added as TXT record for the subdomain “rcode0” and has to look like this:
rcode0 IN TXT "allowed=XXXXXXXXX"

Where XXXXXXXXX is the md5-hash of the RocdeZero DNS username of the new account. If the transfer code check was successful, the domain will be switched from one customer to the other, the master server IP(s) will be changed to the new ones, and a zone transfer will be performed.

Transfer code example: In this example, the domain to be transferred is “example.com” and the username of the gaining RocdeZero DNS customer is "best-isp.com": rcode0.example.com. IN TXT "allowed=15c0bd9371ff658a5634ae16e7632ca6"