NSD as secondary nameserver

nsd | source | dnssec | secondary

warningwarning

make sure you declare both servers as NS –and– also provide glue records for those

setup – primarysetup – primary

see nsd then also prepare the secret for the sync

generate a secret for sending/receiving updates

dd if=/dev/random count=1 bs=32 | base64

vi /etc/nsd/nsd.conf

key:
    name: "sync"
    algorithm: hmac-sha256
    secret: "THAT-SECRET-HERE"

setup – secondarysetup – secondary

cd /etc/nsd/
vi nsd.conf

server:
(same as primary)

remote-control:
(same but points to local keys)

key:
(same as primary - yes both nodes need to share that secret)

pattern:
    name: "primary"
    allow-notify: PRIMARY-IP sync
    request-xfr: AXFR PRIMARY-IP sync

zone:
    ...
    include-pattern: "primary"

## acceptance<a id="acceptance" class="hide">acceptance</a>

make a dummy change on the primary and watch the logs

_on both sides_

    tail -F /var/log/syslog

_on the primary_

; sync test pouet IN A 1.2.3.4 ```

nsd-control reload $zone

resourcesresources

https://www.linode.com/docs/guides/dns-primary-and-secondary-server-setup/

https://discourse.mailinabox.email/t/guide-how-to-setup-nsd-as-a-secondary-nameserver-for-mail-in-a-box/9039

https://calomel.org/nsd_dns.html


HOME | GUIDES | LECTURES | LAB | SMTP HEALTH | HTML5 | CONTACT
Licensed under MIT