Setting up nsd DNS server
NSD is an authoritative-only DNS server. The following page shows how to setup a single-zone configuration, with one server being a master where updates are made, and a slave which will have changes replicated to it automatically. In the examples 10.1.0.1 is used as the master server's IP, while 10.2.0.1 is the slave. The IP addresses used here (along with the domain) should be replaced with the proper IP addresses of your servers.
Installation is simple (perform this step on both servers):
First, setup the main configuration file on the master server, /etc/nsd/nsd.conf, replacing the secret with a proper one:
server: ip-address: 10.1.0.1 port: 53 server-count: 1 ip4-only: yes hide-version: yes identity: "" zonesdir: "/etc/nsd" key: name: "sec_key" algorithm: hmac-md5 secret: "WhateverSecretYouUse" zone: name: alpinelinux.org zonefile: alpinelinux.org.zone notify: 10.2.0.1 sec_key provide-xfr: 10.2.0.1 sec_key
Then, create the zone file for the zone in question (/etc/nsd/alpinelinux.org.zone in this case):
;## alpinelinux.org authoritative zone $ORIGIN alpinelinux.org. $TTL 86400 @ IN SOA ns1.alpinelinux.org. webmaster.alpinelinux.org. ( 2011100501 ; serial 28800 ; refresh 7200 ; retry 86400 ; expire 86400 ; min TTL ) NS ns1.alpinelinux.org. MX 10 mail.alpinelinux.org. lists MX 10 mail.alpinelinux.org. @ IN A 18.104.22.168 mail IN A 22.214.171.124 www IN A 126.96.36.199 www-prd IN A 188.8.131.52 www-qa IN A 184.108.40.206 wiki IN A 220.127.116.11 lists IN A 18.104.22.168 monitor IN A 22.214.171.124 bugs IN A 126.96.36.199 nl IN A 188.8.131.52 dl-2 IN A 184.108.40.206 dl-3 IN A 220.127.116.11 dl-4 IN A 18.104.22.168 rsync IN A 22.214.171.124 distfiles IN A 126.96.36.199 build-edge IN A 188.8.131.52 build64-edge IN A 184.108.40.206 build-2-2 IN A 220.127.116.11 build64-2-2 IN A 18.104.22.168 build-2-1 IN A 22.214.171.124 build-2-0 IN A 126.96.36.199 build-1-10 IN A 188.8.131.52
Next, on the slave server, setup /etc/nsd/nsd.conf:
server: ip-address: 10.2.0.1 port: 53 server-count: 1 ip4-only: yes hide-version: yes identity: "" zonesdir: "/etc/nsd" key: name: "sec_key" algorithm: hmac-md5 secret: "WhateverSecretYouUse" zone: name: alpinelinux.org zonefile: alpinelinux.org.zone allow-notify: 10.1.0.1 sec_key request-xfr: AXFR 10.1.0.1 sec_key
Create the zone file /etc/nsd/alpinelinux.org.zone as well on the slave.
First step, make sure you didn't have any typos in your configuration (on both boxes):
Then each time a change is made to the zone (including when you first start the server), you need to rebuild the NSD zone databases:
Finally, start the server and set it to auto-start: