Nsd /


Master/Slave Servers

## slave zone example
#       name: "example.net"
#       zonefile: "slave/example.net"
#       allow-notify: tsig1.example.com.
#       request-xfr: tsig1.example.com.
## tsig key example
       name: "example.ircnow.org"
       algorithm: hmac-sha256
       secret: "bXBjY3B3alVhaDJrYTBSRENtc01RUmNlYmlj"

It's a good idea to name the key after your domain, with a final period at the end to show that it is a fully qualified domain name?. For the secret, you must put in the base64 encoding of a random string. Make it longer for more security.

Primary and secondary server

If you need a secondary server to host the zone, you can do this as follows. Add to the block that describes your master zone, records about the secondary zone as in the example:

	name: "example.net"
	zonefile: "master/example.net"
	notify: NOKEY
	provide-xfr: NOKEY

Create a new block in the secondary server config file, as in the example:

	name: "example.net"
	zonefile: "slave/example.net"
	allow-notify: NOKEY
	request-xfr: NOKEY

The zone file for NSD

The next step is to write the zone files for NSD. First the forward lookup zone example.net:

; Domain file from My project

example.net.    3600  SOA   ns.example.net. admin.example.net. (
                            2020070701   ; serial YYYYMMDDnn
                            10800        ; refresh
                            3600         ; retry
                            604800       ; expire
                            86400 )      ; minimum TTL

example.net.    NS    ns.example.net.
example.net.    NS    ns.secondary.net.
ns              A
example.net.    A
www             A
irc             A
imap            A
smtp            A
example.net.    mx    10 smtp.example.net.

Save this zone file as /var/nsd/zones/master/example.net