Running your own name server with NSD

Posted on Sunday, 20 Mar 2022 by Andrei Z Crnkovic

I wanted to run my own Name server forever now. Since I’ve started self hosting this was on my todo list. This weekend I’ve decided to do just that and started with a VM on OpenBSD Amsterdam. Once you have a VM and you SSH into it you can start setting up everything.

Zones and domains

I had a ready for me to use so I’ve picked that up. Let’s start by preparing our zone file. Our IP of the server let’s say is

$ cat >> cat /var/nsd/zones/master/ <<EOF
$TTL    300
@       3600  SOA (
        2018121401  ; serial YYYYMMDDnn
        1440        ; refresh
        3600        ; retry
        604800      ; expire
        300 )       ; minimum TTL
@       NS
@       NS
ns1     A
ns2     A
@       A
www     CNAME


This will be our zone, Yes - I’m cheating and using only one server. I don’t wanna pay for two and it’s a lab :D.

NSD config

$ cat > /var/nsd/etc/nsd.conf <<EOF
  hide-version: yes
  verbosity: 1
  database: "" # disable database

  control-enable: yes
  control-interface: /var/run/nsd.sock

  zonefile: master/


After this is in place do the following:

$ rcctl enable nsd
$ rcctl start nsd

And you can try and look for your domain now:

$ dig @localhost

; <<>> dig 9.10.8-P1 <<>> @localhost
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59864
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
;; WARNING: recursion requested but not available

; EDNS: version: 0, flags:; udp: 1232
;                       IN      A

;; ANSWER SECTION:                300     IN      A

;; AUTHORITY SECTION:                300     IN      NS                300     IN      NS

;; ADDITIONAL SECTION:            300     IN      A            300     IN      A

;; Query time: 0 msec
;; WHEN: Mon Mar 21 17:45:38 GMT 2022
;; MSG SIZE  rcvd: 120

Set up the glue records and point the domain to your new ns records: and