diff --git a/library/roles/powerdns-authoritative/defaults/main.yml b/library/roles/powerdns-authoritative/defaults/main.yml
index e052af6..961018a 100644
--- a/library/roles/powerdns-authoritative/defaults/main.yml
+++ b/library/roles/powerdns-authoritative/defaults/main.yml
@@ -30,6 +30,7 @@ powerdns_auth_backend_data:
   - { key: 'gpgsql-dnssec', value: '' }
   - { key: 'gpgsql-extra-connection-parameters', value: '' }
   
+# pdns_eight_bit_query: 'no'
 # pdns_zone_transfer_ip:
 # - '0/0'
 # pdns_allow_dnsupdate_from:
@@ -38,8 +39,9 @@ powerdns_auth_backend_data:
 # - '0/0'
 # pdns_allow_unsigned_notify: 'yes'
 # pdns_allow_unsigned_supermaster: 'yes'
-# pdns_also_notify_from:
-# - '0/0'
+# also_notify wants IP addresses and not CIDR
+# pdns_also_notify:
+# - 'x.y.z.x.t'
 # powerdns_auth_enable_api: 'no'
 # powerdns_auth_api_key: 'use a vault file'
 # powerdns_auth_api_readonly: 'no'
diff --git a/library/roles/powerdns-authoritative/templates/pdns.conf b/library/roles/powerdns-authoritative/templates/pdns.conf
index 9780754..3e9bc67 100644
--- a/library/roles/powerdns-authoritative/templates/pdns.conf
+++ b/library/roles/powerdns-authoritative/templates/pdns.conf
@@ -2,7 +2,9 @@
 #################################
 # 8bit-dns	Allow 8bit dns queries
 #
-# 8bit-dns=no
+{% if pdns_eight_bit_query is defined %}
+8bit-dns={{ pdns_eight_bit_query }}
+{% endif %}
 
 #################################
 # allow-axfr-ips	Allow zonetransfers only to these subnets
@@ -49,8 +51,8 @@ allow-unsigned-supermaster={{ pdns_allow_unsigned_supermaster | default('yes') }
 # also-notify	When notifying a domain, also notify these nameservers
 #
 # also-notify=
-{% if pdns_also_notify_from is defined %}
-also-notify={%for ip in pdns_also_notify_from %}{{ ip }}{%if not loop.last %},{% endif %}{% endfor %}
+{% if pdns_also_notify is defined %}
+also-notify={%for ip in pdns_also_notify %}{{ ip }}{%if not loop.last %},{% endif %}{% endfor %}
 {% endif %}
 
 #################################