After accidentally nuking DNS for my domains during a caffeinated hackfest, I decided to set up DNS like I meant it. ISP-types know that best current practices indicate using geographically and routing-policy diverse DNS servers. So, I had to find secondary DNS services that run on a box far away from my box and connect via a different ISP.

Every DNS provides free secondary DNS services for up to 20 domains and have servers around the world. I set up djbdns to support AXFRs from their networks ( they ask for the IP space below to be allowed ), and at the top of the hour, they rebuilt their tables, and my DNS tests worked.

208.76.56.:allow
208.76.57.:allow
208.76.58.:allow
208.76.59.:allow
208.76.60.:allow
208.76.61.:allow
208.76.62.:allow
208.76.63.:allow
208.96.6.134:allow
216.218.240.:allow
4.79.232.:allow
63.219.183.:allow
64.158.219.:allow
66.240.223.:allow
71.6.202.220:allow
78.129.207.168:allow
80.84.249.:allow
:deny

I want to know when their service falls over, so I created the following cron script to verify that each of my domains resolves on ns3.everydns.net:

grep @ /var/lib/tinydns/root/data | cut -f2 -d@ | cut -f1 -d: | 
    each dig a {} @ns3.everydns.net \|\| echo broken {}  | grep broken