How to Setup a DNS Zone on NSD

A comprehensive guide to setting up and managing DNS zones using NSD (Name Server Daemon).

Table of Contents

Prerequisites

Before setting up a DNS zone on NSD, ensure you have:

  • NSD installed and running
  • Root or sudo access to the server
  • Basic understanding of DNS concepts
  • Domain name registered
Note: These instructions assume you're using a Linux-based system.

Basic Concepts

Understanding key NSD concepts:

NSD Terminology
  • Zone File: Contains all DNS records for a domain
  • Master Zone: Primary authoritative zone configuration
  • Slave Zone: Secondary copy of a zone from master
  • Zone Transfer: Process of replicating zone data between servers

Zone Configuration

Use our configuration generator to create your NSD configuration:

1. Edit nsd.conf
server:
    server-count: 1
    ip-address: 0.0.0.0
    port: 53
    verbosity: 3
    zonesdir: "/etc/nsd/zones"

zone:
    name: "example.com"
    zonefile: "example.com.zone"
    notify: 192.0.2.2 NOKEY
    provide-xfr: 192.0.2.2 NOKEY
2. Create Zone File
$ORIGIN example.com.
$TTL 3600

@ IN SOA ns1.example.com. admin.example.com. (
    2024040101  ; Serial
    7200        ; Refresh
    3600        ; Retry
    1209600     ; Expire
    3600        ; Minimum
)

@ IN NS ns1.example.com.
@ IN A 192.0.2.1
ns1 IN A 192.0.2.1
www IN A 192.0.2.1
mail IN A 192.0.2.1
@ IN MX 10 mail.example.com.

Record Types

  • A Record: Maps hostname to IPv4 address
  • AAAA Record: Maps hostname to IPv6 address
  • CNAME: Creates an alias for another hostname
  • MX: Specifies mail servers
  • TXT: Text records for various purposes
  • PTR: Reverse DNS lookup

Testing

Verify your NSD configuration:

  1. Check configuration syntax: 
    nsd-checkconf /etc/nsd/nsd.conf
  2. Check zone file: 
    nsd-checkzone example.com /etc/nsd/zones/example.com.zone
  3. Restart NSD: 
    sudo systemctl restart nsd
  4. Test DNS resolution: 
    dig @localhost example.com
nslookup example.com localhost

Troubleshooting

  • Zone not loading: Check file permissions and syntax
  • Transfer issues: Verify TSIG keys and allow-transfer settings
  • Resolution failures: Check zone file format and records
  • Log analysis: Check syslog for NSD messages

Best Practices

  • Security:
    • Use TSIG for zone transfers
    • Implement DNSSEC
    • Regular security updates
  • Performance:
    • Optimize server resources
    • Monitor query statistics
    • Configure appropriate number of server processes

Advanced Configuration

Advanced NSD features and configurations:

Advanced Topics
  • DNSSEC Implementation
  • Secondary Zones
  • TSIG Configuration
  • Pattern-based Configuration
  • Response Rate Limiting
Note: Advanced configurations should be implemented with caution and proper testing.

DNSCaptain is an independent service. We are not affiliated with any commercial DNS provider.

Privacy Policy
Terms of Service
Refund Policy
Contact Us