Configuring NSD

1. Log into your AUTH2 machine (10.10.X.2) and :

    # cd /usr/local/etc/nsd/

    Now edit the file nsd.conf, and make the following changes:

	- find the line:

		# verbosity: 0
	
	and change it to:

		verbosity: 1

	- Now let's add a slave for your TLD zone.  Insert the following lines,
	at the end of the file, replacing the appropriate values for your own
	zone:

- - - - - - - - - - - - - - - cut below - - - - - - - - - - - - - 
zone:
	name: "MYTLD"
	zonefile: "MYTLD"

	# Master server - replace X with the group of your master NS
	allow-notify: 10.10.X.1 NOKEY
	allow-notify: 127.0.0.1 NOKEY
	request-xfr: AXFR 10.10.X.1 NOKEY

- - - - - - - - - - - - - - - cut above - - - - - - - - - - - - - 

        - find the line:

      		port: 55

	and change it to:

	    	port: 53

	- Save the file, exit


2. Start NSD!

    # nsd -c /usr/local/etc/nsd/nsd.conf

    and check that nsd is running with

    # tail /etc/namedb/master/nsd.log
    # ps ax | grep nsd


3. Test that your new secondary is answering:

	# dig @127.0.0.1 MYTLD SOA

4. Controlling NSD

   To cause the NSD daemon to reload the zone:

   # kill -HUP `cat /etc/namedb/master/nsd.pid`

   To stop the NSD program:

   # kill `cat /etc/namedb/master/nsd.pid`

   To check if it is running:

   # ps ax | grep nsd


5. If all is OK, add "auth2.grpX.dns.nsrc.org" to your list of NSes in 
   your zone file on the AUTH1 host 

   - remember to increment the serial!

   ... when you modified the zone on AUTH1, it should have
   sent a notify to auth2.grpX.dns.nsrc.org regarding the 
   zone change, and it should have picked up the new version.

   To verify that auth2.grpX.dns.nsrc.org has picked up a new copy of the zone:

   # dig @auth2.grpX.dns.nsrc.org SOA MYTLD
   # dig @auth2.grpX.dns.nsrc.org NS MYTLD

   (and check your other slave NS as well) 

   Make sure you see all NSes, including auth2.grpX !

   Q: What else do you need to do to make your new NS public ?

   (hint: dig @a.root-servers.net NS MYTLD )