There are many different options to operate your own domain. From a registrar you buy a domain name. The registrar publishes NS records to the registry. Those NS records point to nameservers (or DNS servers or authoritative DNS servers). Registrars usually offer you to host the DNS zone on their nameservers. Think about a DNS Zone as a txt file. Here is a short zone file for bastelfreak.de:
$ORIGIN .
_dmarc.bastelfreak.de 86400 IN TXT "v=DMARC1; p=none; rua=mailto:dmarc-reports@bastelfreak.de; ruf=mailto:dmarc-reports@bastelfreak.de"
bastelfreak.de 86400 IN A 144.76.249.219
bastelfreak.de 86400 IN AAAA 2a01:4f8:171:1152::8
bastelfreak.de 86400 IN CAA 0 issue "letsencrypt.org"
bastelfreak.de 86400 IN CAA 0 iodef "mailto:tim@bastelfreak.de"
bastelfreak.de 86400 IN MX 1 mail.bastelfreak.de.
bastelfreak.de 86400 IN NS robotns3.second-ns.com.
bastelfreak.de 86400 IN NS robotns2.second-ns.de.
bastelfreak.de 86400 IN NS ns3.inwx.eu.
bastelfreak.de 86400 IN NS ns1.first-ns.de.
bastelfreak.de 86400 IN NS ns2.inwx.de.
bastelfreak.de 86400 IN NS ns.inwx.de.
bastelfreak.de 86400 IN SOA ns.inwx.de. postmaster.bastelfreak.de. 2021122302 1200 1800 1209600 3600
bastelfreak.de 86400 IN SSHFP 3 2 2006a5beab176e9061e0f8c4ab49097ebc2c4566093822a5e98b09a66a7627e3
bastelfreak.de 86400 IN SSHFP 2 2 eec6ad6e8b3b46ee2d27e24c5c299732bba2ca04f93435573f8391ad1193e116
bastelfreak.de 86400 IN SSHFP 1 2 d36e80e044c0ed9db13c623b4b480ef3b8c5c3d3a96dbb13a5434dc6ff152079
bastelfreak.de 86400 IN SSHFP 4 2 479269b5636c85b0b071cf084e6235168bd14309471da1cbd620a7cef9cab05e
bastelfreak.de 86400 IN TXT "v=spf1 ip4:144.76.249.221 ip6:2a01:4f8:171:1152::7 mx -all"
blog.bastelfreak.de 86400 IN A 144.76.249.219
blog.bastelfreak.de 86400 IN AAAA 2a01:4f8:171:1152::a
default._domainkey.bastelfreak.de 86400 IN TXT "v=DKIM1; k=rsa; s=email; " "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCkElHw8QtjcK39chikZjBgbN2pc6kI4z4Xa3TsfbtizWEbjnjPuO7WX0mvo+ARJBNeOuBN+Ez6fPo/UOBCjx/mIuHJFY68Vea81qeM5NSYvo16fUxEONojYTPAK7tn+Zf80n+e17MJGADNFTF7YcbhRJtxtK9jeRK0kNOm5qGMxwIDAQAB"
mail.bastelfreak.de 86400 IN A 144.76.249.221
mail.bastelfreak.de 86400 IN AAAA 2a01:4f8:171:1152::7
www.bastelfreak.de 86400 IN CNAME bastelfreak.de.
Often you can edit your zonefile via a webinterface from the registrar. Which alternatives exist? You can host your own nameserver(s)! Most Registries (for example the DENIC, that operates .de tld) require you to provide multiple nameservers, and if you want to have good connectivity around the globe and low latency, you need many many nameservers that are anycasted. So Instead of operating all nameservers for your domains, you can also just run one, called hidden primary, which sends updates via AXFR to the public nameservers, that will be queried by the rest of the internet / are written down via NS resource records at the registry. That’s the approach that I’m doing since some time.
I’ve all my domains registered via INWX. They are cheap and they support a hidden primary server. For each change on a domain, my DNS server needs to send a notify to their special nameserver. That will notify their public servers and they will do an IXFR from my DNS server. To make this more redundant, I also do AXFR to the Hetzner nameservers. This means all domains are served by three INWX DNS servers and three Hetzner DNS servers. I do all this with PowerDNS on Arch Linux.
How does that work you might ask yourself. Let me explain! First, I configured the desired nameserver in the registrar, INWX, to publish them into the .de zone:
# whois bastelfreak.de | grep Nserver
Nserver: ns1.first-ns.de
Nserver: ns2.inwx.de
Nserver: ns3.inwx.eu
Nserver: ns.inwx.de
Nserver: robotns2.second-ns.de
Nserver: robotns3.second-ns.com
Afterwards I configured the zone within PowerDNS, as shown in the zone above. In addition, we need to allow AXFR from the Hetzner nameserver and notify the special INWX nameserver when we update the zone:
pdnsutil get-meta bastelfreak.de
Metadata for 'bastelfreak.de'
ALLOW-AXFR-FROM = 185.181.104.96, 2a01:4f8:0:a101::a:1, 213.133.105.6, 2a01:4f8:d0a:2004::2, 193.47.99.3, 213.239.242.238, 2001:67c:192c::add:a3
ALSO-NOTIFY = 185.181.104.96