diff --git a/pillar/role/dns/nsd.sls b/pillar/role/dns/nsd.sls
new file mode 100644
index 0000000..ebd5dd3
--- /dev/null
+++ b/pillar/role/dns/nsd.sls
@@ -0,0 +1,38 @@
+nsd:
+  config_data:
+    server:
+      hide-version: 'yes'
+      ip-address: 
+        - '127.0.0.1@5353'
+        - '192.168.0.160@5353'
+      verbosity: 2
+      ip4-only: 'yes'
+    remote-control:
+      control-enable: 'yes'
+      control-interface: '/run/nsd/nsd.sock'
+  zones:
+    lysergic.dev:
+      zone_source: salt://zones/lysergic.dev.zone
+      allow-notify: 192.168.0.115 tsig.lysergic.dev. 
+      request-xfr: 10.0.10.2@5353 tsig.lysergic.dev.
+      outgoing-interface: 192.168.0.160
+    psyched.dev:
+      zone_source: salt://zones/psyched.dev.zone
+      allow-notify: 192.168.0.115 tsig.psyched.dev.
+      request-xfr: 10.0.10.2@5353 tsig.psyched.dev.
+      outgoing-interface: 192.168.0.160
+    syscid.com:
+      zone_source: salt://zones/syscid.com.zone
+      allow-notify: 192.168.0.115 tsig.syscid.com.
+      request-xfr: 10.0.10.2@5353 tsig.syscid.com.
+      outgoing-interface: 192.168.0.160
+  keys:
+    tsig.lysergic.dev.:
+      algorithm: hmac-sha512
+      secret: ${'secret_nsd:tsig_key:lysergic_dev'} 
+    tsig.syscid.com.:
+      algorithm: hmac-sha512
+      secret: ${'secret_nsd:tsig_key:syscid_com'}
+    tsig.psyched.dev.:
+      algorithm: hmac-sha512
+      secret: ${'secret_nsd:tsig_key:psyched_dev'}