{pkgs, lib, config, ...}:
let
  inherit (config) networking;
  inherit (config.services) nsd;
in
{
  imports = [
    nsd/sourcephile.nix
  ];
  services.nsd = {
    enable = true;
    ipv4 = true;
    ipv6 = true;
    verbosity = 5;
    #zones = {};
    /*
    interfaces = lib.unique [
      #(builtins.elemAt networking.interfaces."${networking.defaultGateway.interface}".ipv4.addresses 0).address
      #networking.privateIPv4
    ];
    */
    # SEE: http://www.nlnetlabs.nl/blog/2012/10/11/nsd-ratelimit/
    ratelimit.enable = true;
     # 100 less than the default to preserve a few Mio of RAM
    ratelimit.size = 10000;
    ratelimit.ratelimit = 200;
    extraConfig = ''
    '';
  };
}