To run an authoritative DNS server, modify /cfg/$sysname/termrc or /cfg/$sysname/cpurc (whichever is appropriate) to include the following: ndb/dns -srR The flag -s allows the DNS server to answer requests sent to UDP port 53. -r allows ndb/dns to act as a resolver; -R causes ndb/dns to ignore recursive lookups on behalf of remote systems. This may help prevent DDoS ampli- fication attacks. Note: You *must* run ip/ipconfig before running ndb/dns (and possibly other network services). Otherwise, you might see errors like: ndb/dns: can't read my ip address You will want to add your records to /lib/ndb/local, similar to the following: sys=example dom=example.com ether=f2b2b3daeb89 ip=198.51.100.2 ipmask=255.255.255.0 ipgw=198.51.100.1 ntp=pool.ntp.org dns=198.51.100.1 auth=198.51.100.1 authdom=example.com dom=example.com soa= refresh=300 ttl=300 ns=ns1.example.com ns=ns2.example.com ip=198.51.100.2 dnsslave=ns2.example.com mb=postmaster@example.com mx=mail.example.com pref=5 txt="v=spf1 mx -all" sys=ns1 dom=ns1.example.com ip=198.51.100.2 sys=ns2 dom=ns2.example.com ip=198.51.100.2 sys=mail dom=mail.example.com ip=198.51.100.2 sys=_dmarc dom=_dmarc.example.com txt="v=DMARC1; p=none" dom=p9auth.example.com cname=example.com dom=2.100.51.198.in-addr.arpa soa= refresh=300 ttl=300 ns=ns1.example.com ns=ns2.example.com Replace 198.51.100.1, 198.51.100.2, example.com, and postmaster@example.com with your actual values. NOTE: ndb may be sensitive to poorly formatted whitespace. If ndb is not recognizing your tuples properly, double check your whitespace. November 23, 2024 - 2 - NOTE: Make sure to define your tuple for sys=example.com in /lib/ndb/local right after the definition for localhost, before other tuples. Otherwise, the system might use the wrong subnet mask, causing routing issues. To refresh cs and dns after an update to /lib/ndb/local: echo -n refresh > /net/cs echo -n refresh > /net/dns Suppose you have a server example.com, and you want to dele- gate subdomain.example.com. In example.com, you need to have something like this in /lib/ndb/local: dom=subdomain.example.com soa=delegated ns=ns1.subdomain.example.com ns=ns2.subdomain.example.com dom=ns1.subdomain.example.com ip=198.51.100.3 dom=ns2.subdomain.example.com ip=198.51.100.4 Then, in subdomain.example.com, add this to /lib/ndb/local: sys=ns1 dom=ns1.subdomain.example.com ip=198.51.100.3 sys=ns2 dom=ns2.subdomain.example.com ip=198.51.100.4 dom=subdomain.example.com soa= refresh=300 ttl=300 ns=ns1.subdomain.example.com ns=ns2.subdomain.example.com ip=198.51.100.3 dnsslave=ns2.subdomain.example.com mb=username@subdomain.example.com mx=mail.subdomain.example.com txt="v=spf1 mx -all" dom=3.100.51.198.in-addr.arpa soa= refresh=300 ttl=300 ns=ns1.subdomain.example.com ns=ns2.subdomain.example.com November 23, 2024