Log in using SSH/Putty/… to your AUTH2 machine:
$ ssh sysadm@auth2.grpXX.dns.nsrc.org
Firstly, note that your hostname is configured correctly on your machine. Check that it is configured correctly by using the 'hostname' command
e.g. on auth2.grpXX.dns.nsrc.org, if you type:
# hostname
You should see:
auth2.grpXX.dns.nsrc.org
If not, then configure your server with its name:
e.g. for auth2.grp25.dns.nsrc.org, type:
# hostname auth2.grp25.dns.nsrc.org
Remember to replace “grpXX” with the the proper group number!
Edit the file /etc/rc.conf (using “vi” or “ee”, i.e.: ee /etc/rc.conf), and update the “hostname”:
hostname="auth2.grpXX.dns.nsrc.org"
In the file /etc/hosts, you should see a line:
10.10.X.2 auth2.grpXX auth2.grpXX.dns.nsrc.org
# cd /usr/local/etc/nsd/
Let's make a directory for slave zones to go into:
# mkdir slave # chown nsd slave
Let's copy the default configuration file:
# cp nsd.conf.sample nsd.conf # chmod 644 nsd.conf
Now edit the file nsd.conf, and make the following changes:
find the line:
# ip-address: 12fe::8ef0
and just below it add
ip-address: 10.10.xx.2 ip-address: fd90:10:10::XX:2 ip-address: 127 .0.0.1 ip-address: ::1
find the line:
# database: "/var/db/nsd/nsd.db"
and uncomment it (remove # in front):
database: "/var/db/nsd/nsd.db"
find the line:
# identity: "unidentified server"
and change it to:
identity: "nsd 4.1.1"
find the line:
# zonesdir: "/usr/local/etc/nsd"
and change it to:
zonesdir: "/usr/local/etc/nsd"
find the line:
# verbosity: 0
and change it to:
verbosity: 1
Allow the nsd-control program to manage the server by adding:
remote-control: control-enable: yes
# nsd-control-setup
edit /etc/rc.conf and add:
nsd_enable="YES"
start the service:
# service nsd restart
At this point the server should be running without any data!
Now let's add a slave for your TLD zone. Insert the following lines, at the end of the nsd.conf file, replacing the appropriate values for your own zone:
zone: name: "MYTLD" zonefile: "slave/MYTLD.zone" # Master server - replace X with the group of your master NS allow-notify: 10.10.X.1 NOKEY allow-notify: 127.0.0.1 NOKEY request-xfr: AXFR 10.10.X.1 NOKEY
Save the file, exit
Reconfigure NSD's base, check status and that the zone transferred:
# nsd-control reconfig # nsd-control status # nsd-control write MYTLD
Check the log file:
# tail /var/log/daemon.log
Check that the transfer has happened:
# ls -l slave/
should display:
-rw-r–r– 1 root wheel 414 Feb 17 07:28 MYTLD.zone
# dig @127.0.0.1 SOA MYTLD.
Go back to the section “Add a SLAVE for your TLD zone” and get your partner to repeat the instructions on their AUTH2 server.
add “auth2.grpX.dns.nsrc.org” and “auth2.grpY.dns.nsrc.org” to your list of NSes in your zone on the AUTH1 host - remember the serial!
… when you modify the zone on AUTH1, it should send a notifies to the two AUTH2 servers regarding the zone change, and the AUTH2 servers should pick up the new version.
To verify that the AUTH2 servers have picked up a new copy of the zone:
# dig @auth2.grpX.dns.nsrc.org SOA MYTLD. # dig @auth2.grpX.dns.nsrc.org NS MYTLD.
and
# dig @auth2.grpY.dns.nsrc.org SOA MYTLD # dig @auth2.grpY.dns.nsrc.org NS MYTLD
Make sure you see all the NS records!
Q: What else do you need to do to make your new NS public?