diff --git a/example-dns-01-nsupdate-script.md b/example-dns-01-nsupdate-script.md
index 13df2fb..4cfd7e8 100644
--- a/example-dns-01-nsupdate-script.md
+++ b/example-dns-01-nsupdate-script.md
@@ -45,4 +45,18 @@ case "$1" in
 esac
 
 exit 0
-```
\ No newline at end of file
+```
+
+If you are using CNAMEs to put all your dynamic updates into a single zone, then you can modify it:
+
+```
+ZONE="acme.mydomain.com"
+...
+    "deploy_challenge")
+        printf "server %s\nzone %s.\nupdate add _acme-challenge.%s.%s. %d in TXT \"%s\"\nsend\n" "${DNSSERVER}" "${ZONE}" "${2}" "${ZONE}" "${TTL}" "${4}" | $NSUPDATE
+        ;;
+    "clean_challenge")
+        printf "server %s\nzone %s.\nupdate delete _acme-challenge.%s.%s. %d in TXT \"%s\"\nsend\n" "${DNSSERVER}" "${ZONE}" "${2}" "${ZONE}" "${TTL}" "${4}" | $NSUPDATE
+```
+
+You will need to add static CNAMEs for `_acme-challenge.<certname>` pointing at `_acme-challenge.<certname>.acme.mydomain.com` for each certificate you want to issue.
\ No newline at end of file