NSD is an open-source Domain Name System (DNS) server. It was developed by NLnet Labs of Amsterdam in cooperation with the RIPE NCC, from scratch as an authoritative name server. NSD is a NS that comes as a part of OpenBSD base.

====== Configuration of NSD ======
The main configuration file for NSD is a file called nsd.conf located in the /var/nsd/etc/ directory.
Now, open/create the new file in your text editor with root privileges. Here's a sample:

<code>
server:
	ip-address: 0.0.0.0
	ip4-only: yes
	identity: "DNS"
	hide-version: yes
	verbosity: 1
	database: ""
	username: _nsd
	logfile: "/var/log/nsd.log"
	pidfile: "/var/nsd/run/nsd.pid"
	difffile: "/var/nsd/db/ixfr.db"
	xfrdfile: "/var/nsd/db/xfrd.state"
	database: "/var/nsd/db/nsd.db"

remote-control:
        control-enable: yes
        control-interface: /var/nsd/run/nsd.sock

zone:
	name: "example.net"
	zonefile: "master/example.net.zone"
	#notify: 193.201.116.2 NOKEY
	#provide-xfr: 193.201.116.2 NOKEY
</code>

====== Primary and secondary server ======
If you need a secondary server to host the zone, you can do this as follows. Add to the block that describes your master zone, records about the secondary zone as in the example:

<code>
zone:
	name: "example.net"
	zonefile: "master/example.net.zone"
	notify: 20.20.20.20 NOKEY
	provide-xfr: 20.20.20.20 NOKEY
</code>

Create a new block in the secondary server config file, as in the example:
<code>
zone:
	name: "example.net"
	zonefile: "slave/example.net.zone"
	allow-notify: 10.10.10.10 NOKEY
	request-xfr: 10.10.10.10 NOKEY
</code>

====== The zone file for NSD ======
The next step is to write the zone files for NSD. First the forward lookup zone example.net:

<code>
; Domain file from My project

example.net.    3600  SOA   ns.example.net. admin.example.net. (
                            2020070701   ; serial YYYYMMDDnn
                            10800        ; refresh
                            3600         ; retry
                            604800       ; expire
                            86400 )      ; minimum TTL

example.net.    NS    ns.example.net.
example.net.    NS    ns.secondary.net.ua.
ns              A     10.10.10.10
example.net.    A     10.10.10.10
www             A     10.10.10.10
irc             A     10.10.10.10
imap            A     10.10.10.10
smtp            A     10.10.10.10
example.net.    mx    10 smtp.example.net.
</code>

Save this zone file as /var/nsd/zones/master/example.net.zone

====== Configuration check and start ======
NSD bring along a tool to check the configuration file before you start or reload the daemon:
<code>
$ doas nsd-checkconf /var/nsd/etc/nsd.conf
</code>

Any errors are reported, so no news are good news. You can go ahead and start NSD:
<code>
$ doas rcctl enable nsd
$ doas rcctl start nsd
</code>