{pkgs, lib, config, ...}:
let
  inherit (config) networking;
  inherit (config.services) nsd;
in
{
  imports = [
    nsd/sourcephile.nix
  ];
  services.nsd = {
    enable = true;
    ipv4 = true;
    ipv6 = true;
    verbosity = 5;
    #zones = {};
    interfaces = lib.unique [
      (builtins.elemAt networking.interfaces.enp1s0.ipv4.addresses 0).address
      (builtins.elemAt networking.interfaces.enp2s0.ipv4.addresses 0).address
      #("["+(builtins.elemAt networking.interfaces.enp1s0.ipv6.addresses 0).address+"]")
    ];
    # SEE: http://www.nlnetlabs.nl/blog/2012/10/11/nsd-ratelimit/
    ratelimit.enable = true;
     # 100 less than the default to preserve a few Mio of RAM
    ratelimit.size = 10000;
    ratelimit.ratelimit = 200;
    extraConfig = ''
    '';
  };
}