diff --git a/authoritative-dns.nix b/authoritative-dns.nix
index f13553a..a432998 100644
--- a/authoritative-dns.nix
+++ b/authoritative-dns.nix
@@ -39,10 +39,18 @@ let
         default = [ ];
       };
 
-      notify-ips = mkOption {
-        type = listOf str;
-        description = "List of IP addresses to notify of changes.";
-        default = [ ];
+      notify = {
+        ipv4 = mkOption {
+          type = listOf str;
+          description = "List of IPv4 addresses to notify of changes.";
+          default = [ ];
+        };
+
+        ipv6 = mkOption {
+          type = listOf str;
+          description = "List of IPv6 addresses to notify of changes.";
+          default = [ ];
+        };
       };
     };
   };
@@ -102,8 +110,10 @@ in {
           nameValuePair "${domain}." {
             dnssec = ksk.key-file != null;
             ksk.keyFile = ksk.key-file;
-            provideXFR = map (ns: "${ns}/32 NOKEY") zone.notify-ips;
-            notify = map (ns: "${ns} NOKEY") zone.notify-ips;
+            provideXFR = (map (ns: "${ns}/32 NOKEY") zone.notify.ipv4)
+              ++ (map (ns: "${ns}/64 NOKEY") zone.notify.ipv6);
+            notify =
+              map (ns: "${ns} NOKEY") (zone.notify.ipv4 ++ zone.notify.ipv6);
             data = zoneToZonefile {
               inherit domain;
               inherit (cfg) timestamp;
@@ -115,7 +125,7 @@ in {
           listToAttrs (map (network:
             reverseZonefile {
               inherit domain network;
-              inherit (zone) nameservers notify-ips;
+              inherit (zone) nameservers notify;
               keyFile = ksk.key-file;
               ipHostMap = cfg.ip-host-map;
               serial = cfg.timestamp;
diff --git a/reverse-zone.nix b/reverse-zone.nix
index 31b5496..a390a02 100644
--- a/reverse-zone.nix
+++ b/reverse-zone.nix
@@ -1,6 +1,6 @@
 { pkgs, ... }:
 
-{ domain, network, nameservers, notify-ips, ipHostMap, serial, keyFile ? null
+{ domain, network, nameservers, notify, ipHostMap, serial, keyFile ? null
 , zoneTTL ? 10800, refresh ? 3600, retry ? 1800, expire ? 604800, minimum ? 3600
 }:
 
@@ -54,8 +54,9 @@ let
 in nameValuePair "${getNetworkZoneName network}" {
   dnssec = keyFile != null;
   ksk.keyFile = keyFile;
-  provideXFR = map (ns: "${ns}/32 NOKEY") notify-ips;
-  notify = map (ns: "${ns} NOKEY") notify-ips;
+  provideXFR = (map (ns: "${ns}/32 NOKEY") notify.ipv4)
+    ++ (map (ns: "${ns}/64 NOKEY") notify.ipv6);
+  notify = map (ns: "${ns} NOKEY") (notify.ipv4 ++ notify.ipv6);
   data = ''
     $ORIGIN ${getNetworkZoneName network}
     $TTL ${toString zoneTTL}