Nsd /
Masterslave
Master/Slave Servers
## slave zone example #zone: # name: "example.net" # zonefile: "slave/example.net" # allow-notify: 192.0.2.2 tsig1.example.com. # request-xfr: 192.0.2.2 tsig1.example.com.
## tsig key example key: name: "example.ircnow.org" algorithm: hmac-sha256 secret: "bXBjY3B3alVhaDJrYTBSRENtc01RUmNlYmlj"
It's a good idea to name the key after your domain, with a final period at the end to show that it is a fully qualified domain name?. For the secret, you must put in the base64 encoding of a random string. Make it longer for more security.
Primary and secondary server
If you need a secondary server to host the zone, you can do this as follows. Add to the block that describes your master zone, records about the secondary zone as in the example:
zone: name: "example.net" zonefile: "master/example.net" notify: 20.20.20.20 NOKEY provide-xfr: 20.20.20.20 NOKEY
Create a new block in the secondary server config file, as in the example:
zone: name: "example.net" zonefile: "slave/example.net" allow-notify: 10.10.10.10 NOKEY request-xfr: 10.10.10.10 NOKEY
The zone file for NSD
The next step is to write the zone files for NSD. First the forward lookup zone example.net:
; Domain file from My project example.net. 3600 SOA ns.example.net. admin.example.net. ( 2020070701 ; serial YYYYMMDDnn 10800 ; refresh 3600 ; retry 604800 ; expire 86400 ) ; minimum TTL example.net. NS ns.example.net. example.net. NS ns.secondary.net. ns A 10.10.10.10 example.net. A 10.10.10.10 www A 10.10.10.10 irc A 10.10.10.10 imap A 10.10.10.10 smtp A 10.10.10.10 example.net. mx 10 smtp.example.net.
Save this zone file as /var/nsd/zones/master/example.net