diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 35ccd278d..d77d00c05 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -184,7 +184,42 @@ let
           ) host.nets
         ) cfg.hosts
       ));
-    }
+
+      # krebs.hosts.bob = rec {
+      #   addrs4 = "10.0.0.1";
+      #   extraZones = {
+      #     # extraZones
+      #     "krebsco.de" = ''
+      #     krebsco.de.       IN MX 10 mx1
+      #     mx1               IN A     ${addrs4}
+      #     '';
+      #     "dickbutt.de" = ''
+      #     dickbutt.de.       IN NS    ns
+      #     ns                IN A     ${addrs4}
+      #     ''
+      #   }
+      # }
+      # krebs.hosts.khan = rec {
+      #   addrs4 = "10.0.0.2";
+      #   extraZones = {
+      #      "krebsco.de" = ''
+      #      khan.krebsco.de     IN A   ${addrs4}
+      #   };
+      # }
+      #
+      #  =>
+      #  "zone/krebsco.de".text = ''
+      #    krebsco.de.         IN MX 10 mx1
+      #    mx1                 IN A     10.0.0.1
+      #    khan.krebsco.de     IN A     10.0.0.2
+      #  '';
+
+
+      environment.etc = mapAttrs'
+                        (name: value:
+                          nameValuePair (("zones/" + name)) ({ text=value;}))
+                        cfg.hosts.pigstarter.extraZones;
+      }
   ];
 
   lass-imp = {
@@ -363,9 +398,19 @@ let
           };
         };
       };
-      pigstarter = {
+      pigstarter = rec {
         cores = 1;
         dc = "frontrange"; #vps
+
+        extraZones = {
+          "de.krebsco" = ''
+            pigstarter.krebsco.de       IN A ${elemAt nets.internet.addrs4 0}
+            krebsco.de.                 IN NS io
+            io                          IN A ${elemAt nets.internet.addrs4 0}
+            krebsco.de.                 IN MX 10 mx42
+            mx42                        IN A ${elemAt nets.internet.addrs4 0}
+            '';
+        };
         nets = {
           internet = {
             addrs4 = ["192.40.56.122"];
@@ -373,13 +418,6 @@ let
             aliases = [
               "pigstarter.internet"
             ];
-            zones = [
-              { "pigstarter.krebsco.de" = "A";}
-              { "io.krebsco.de" = "NS";}
-              { "io.krebsco.de" = "A";}
-              { "mx42.krebsco.de" = "MX";}
-              { "mx42.krebsco.de" = "A";}
-            ];
           };
           retiolum = {
             addrs4 = ["10.243.0.153"];
diff --git a/krebs/4lib/types.nix b/krebs/4lib/types.nix
index 975c36b08..f767d20fe 100644
--- a/krebs/4lib/types.nix
+++ b/krebs/4lib/types.nix
@@ -21,6 +21,12 @@ types // rec {
         apply = x: assert hasAttr "retiolum" x; x;
       };
 
+      extraZones = mkOption {
+        default = {};
+        # TODO: string is either MX, NS, A or AAAA
+        type = with types; attrsOf string;
+      };
+
       secure = mkOption {
         type = bool;
         default = false;
@@ -74,11 +80,6 @@ types // rec {
         }));
         default = null;
       };
-      zones = mkOption {
-        default = [];
-        # TODO: string is either MX, NS, A or AAAA
-        type = with types; listOf (attrsOf str);
-      };
     };
   });