You are on page 1of 10

NSD (DNS Server)

Autor Rafael Peres dos Santos

24/01/2017
About the Author

Is graduated in Computer Science and is Senior Java Architect, Software Engineer, Senior
Linux Administrator, Senior Software Developer and has more than ten years of experience in
Java, Java Web projects and JEE projects and has these certifications: Sun Certified Java
Programmer, Sun Certified Web Component Developer, Oracle Certified Business
Component Developer and a lot of knowledge and know how. Is number one Software
Architect and Engineer in the World for most JEE projects and published some IT articles that
can be found in: https://independent.academia.edu/RafaelPeresdosSantos or in
https://www.scribd.com/lists/21789183/TI
Summary
NSD............................................................................................................................................................4
Set hosts and hostname on Master NSD Server....................................................................................5
Set hosts and hostname on Slave NSD Server......................................................................................5
Install NSD on both Servers..................................................................................................................5
Configure Master NSD Server...................................................................................................................6
Edit nsd.conf file and cp........................................................................................................................6
Edit forward zone file and cp................................................................................................................6
Edit reverse zone file and cp.................................................................................................................6
Testing files and restarting nsd service (Master NSD Server)..............................................................6
Configure Slave NSD Server.....................................................................................................................8
Edit nsd.conf and cp..............................................................................................................................8
Testing files and restarting nsd service (Slave NSD Server).................................................................8
DNS utils:..............................................................................................................................................8
Delegate Authority to your Name Servers.................................................................................................8
References................................................................................................................................................10
NSD

NSD is a private domain server, every single dns domain in the the world use private domain
server, the most common is named but NSD is much more fast than named and protect. NSD
can use Master and Slave authoritative-only DNS servers that can be used to serve DNS
information (Slave Server(s) are not mandatory). Unlike Bind, NSD is optimized for high
performance authoritative behavior, nsd can be used with bind (nsd as master and slave(s)
with bind to use cache). AXFR transfer (the only kind that NSD masters are capable of). The
nsd.conf define most important cfg of nsd. The important sections of this file are:

• pattern section: to notify and transferring our zones to the same slave each time.

• zone section: with name: 'example.com' is to configure our forward zone.

• zone section: with name: ' 2.0.192.in-addr.arpa' is a reverse zone is a zone file that
allows DNS software to map an IP address back to a host name for clients. Tipycally
this is taken care of by the hosting provider.

TTL is in seconds. serial number YYYY|MM|DD|VR(VERSION)

Conf NSD for eg: domain: example.com

Purpose DNS FQDN IP Address


Master name server ns1.example.com. 192.168.0.1
Slave name server ns2.example.com. 192.168.0.2
Web Server www.example.com. 192.168.0.1
Using: IPv4 with DNS default port 53, detail is necessary open dns port on firewall.

Very important the IP(s) must be Static Global IP (in other words dedicated internet link) to
use a registered dns domain name, even is possible provide most all resources using
Dynamic IP, the Dns Domain Provider(s) don't has the intuit nowadays of provide resource for
private domain using Dynamic IP.
Set hosts and hostname on Master NSD Server
sudo nano /etc/hosts # with

127.0.0.1 localhost

192.168.0.1 ns1.example.com ns1

sudo nano /etc/hostname # with

ns1

sudo hostname -F /etc/hostname

Set hosts and hostname on Slave NSD Server


sudo nano /etc/hosts # add

127.0.0.1 localhost

192.168.0.2 ns2.example.com ns2

sudo nano /etc/hostname

ns2

sudo hostname -F /etc/hostname

Install NSD on both Servers


yum install nsd

nsd-control-setup # to use ssl


Configure Master NSD Server

Edit nsd.conf file and cp


Build pwd in bash using and replace master/nsd.conf:

dd if=/dev/random of=/dev/stdout count=1 bs=32 | base64

After build pwd and replace, cp nsd.conf file


Build masterNsd.conf with : https://gist.github.com/anonymous/e7230ac08a6e0d6de74c311e5f02e443

cp masterNsd.conf /etc/nsd/nsd.conf

Edit forward zone file and cp


Build masterExample.com.zone with : https://gist.github.com/anonymous/f2ae8b8f2c7ef460e9a497c318ee7f1a

nano masterExample.com.zone

cp masterExample.com.zone /etc/nsd/example.com.zone

Edit reverse zone file and cp


Build master192.168.0.zone with: https://gist.github.com/anonymous/fc46460de0ede6d4577624a684807d6c

nano master192.168.0.zone

cp master192.168.0.zone /etc/nsd/192.168.0.zone

Testing files and restarting nsd service (Master NSD Server)


nsd-checkconf /etc/nsd/nsd.conf

nsd-checkzone example.com /etc/nsd/example.com.zone

# nsd-control reload

service nsd restart

tail -f /var/log/nsd.log
netstat -an | grep :53

dig @localhost example.com soa


Configure Slave NSD Server

Edit nsd.conf and cp


Build slaveNsd.conf with : https://gist.github.com/anonymous/ffa0c1a0cb0fa32fa9ead9102d04f88b

nano slaveNsd.conf

cp slaveNsd.conf /etc/nsd/

Testing files and restarting nsd service (Slave NSD Server)


nsd-checkconf /etc/nsd/nsd.conf

service nsd restart

tail -f /var/log/nsd.log

DNS utils:
• http://dnscheck.pingdom.com/

• http://www.dnsinspect.com/

• http://dnssec-debugger.verisignlabs.com/

Delegate Authority to your Name Servers

Using for eg: Namecheap


Click → In a section "Nameserver Registration" → to set the IP addresses of name servers:

Set ips in opened screen like the bellow:


After set the active name servers that are being used for your domain.

Click in → "Domain Name Server Setup" :

Provide the host names of your name servers:

May is necessary wait some time to spread to the rest of the world's DNS servers. Typically in
the next 24-48 hours.
References

https://www.digitalocean.com/community/tutorials/how-to-use-nsd-an-authoritative-only-dns-
server-on-ubuntu-14-04

https://www.digitalocean.com/community/tutorials/how-to-set-up-dnssec-on-an-nsd-
nameserver-on-ubuntu-14-04

https://itpro.tv/course-library/dns/configuring-dnssecnsd/

https://www.nlnetlabs.nl/projects/nsd/

https://wiki.archlinux.org/index.php/nsd

https://linuxaria.com/howto/how-to-install-nsd-instead-of-bind-as-name-server-on-linux-to-
save-memory

https://www.statdns.com/resources/