Recent Changes - Search:
Nsd /

Troubleshoot NSD

nsd(8) provides two helpful tools for troubleshooting: nsd-checkconf(8) and nsd-checkzone(8). dig, host, and nslookup(1) are also valuable tools.

Check error logs

As always, check daemon logs first. In the sample nsd configuration, the logfile directive stores logs in /var/log/nsd.log.

Missing zone file

For example, suppose /var/log/nsd.log showed this error message: 

[2021-02-02 07:31:43.898] nsd[37575]: info: zonefile master/example.com does not exist

This indicates the zone file /var/nsd/zones/master/example.com is missing. Either the zone file must be created or nsd.conf(5) must be edited to remove the zone.

nsd-checkconf(8)

nsd-checkconf(8) can check if the conf file has proper syntax: 

# nsd-checkconf /var/nsd/etc/nsd.conf
/var/nsd/etc/nsd.conf:34: at 'name:': error: syntax error
read /var/nsd/etc/nsd.conf failed: 1 errors in configuration file

In the example above, an error is found on line 34 of nsd.conf(5). Lines 33-35 are shown below: 

#zone:
       name: "example.com"
       zonefile: "master/example.com"

Line 33, #zone:, is commented by mistake. Once that is line is uncommented, nsd-checkconf(8) no longer returns any output. No news is good news.

nsd-checkzone(8)

nsd-checkzone(8) checks if the zone is valid: 

# nsd-checkzone example.com /var/nsd/zones/master/example.com
[2021-02-02 03:49:14.921] nsd-checkzone[32265]: error: /var/nsd/zones/master/example.com:8: out of zone data: out.of.zone.com. is outside the zone for fqdn example.com.

The error is on line 8 of the zone file /var/nsd/zones/master/example.com: 

out.of.zone.example.com.        3600    IN      A       10.0.0.1

Here, the FQDN out.of.zone.example.com. is outside of the zone example.com. This is invalid, so nsd(8) refuses to look any further and quits. One possible fix is to delete this line. Another possible fix is to move the record to the proper zone file. Finally, perhaps the record was not intended to be a FQDN: in this case, trailing period should be removed.

Once a fix is provided, run the test again: 

# nsd-checkzone example.com /var/nsd/zones/master/example.com
zone example.com is ok

Run nsd(8) in foreground

nsd(8) can run in the foreground: 

# nsd -d -V 3 
/var/nsd/etc/nsd.conf:34: at 'name:': error: syntax error
read /var/nsd/etc/nsd.conf failed: 1 errors in configuration file
[2021-02-02 03:33:50.261] nsd[93210]: error: could not read config: /var/nsd/etc/nsd.conf

This is the same error message seen earlier when running nsd-checkconf(8) above.

See Also

Some helpful sites for troubleshooting authoritative nameservers:

  1. https://intodns.com/
  2. https://www.denic.de/en/service/tools/nast/