named.conf.docbook revision 1da14e066c23245c255dedb311d5a9cf0e5bb667
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
135bcc2e42a94543f11af2a4196b13552ab46d89Automatic Updater "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
499b34cea04a46823d003d4c0520c8b03e8513cbBrian Wellington [<!ENTITY mdash "&#8212;">]>
40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence<!--
ec5347e2c775f027573ce5648b910361aa926c01Automatic Updater - Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC")
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson -
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson - Permission to use, copy, modify, and/or distribute this software for any
40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence - purpose with or without fee is hereby granted, provided that the above
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - copyright notice and this permission notice appear in all copies.
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews -
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson - PERFORMANCE OF THIS SOFTWARE.
135bcc2e42a94543f11af2a4196b13552ab46d89Automatic Updater-->
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein<!-- $Id: named.conf.docbook,v 1.36 2008/01/02 23:47:01 tbox Exp $ -->
9c3531d72aeaad6c5f01efe6a1c82023e1379e4dDavid Lawrence<refentry>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson <refentryinfo>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson <date>Aug 13, 2004</date>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson </refentryinfo>
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrence
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrence <refmeta>
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrence <refentrytitle><filename>named.conf</filename></refentrytitle>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson <manvolnum>5</manvolnum>
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington <refmiscinfo>BIND9</refmiscinfo>
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington </refmeta>
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrence
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington <refnamediv>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson <refname><filename>named.conf</filename></refname>
7dde2780aeae0da4e965d823578a604d8ce1215fAndreas Gustafsson <refpurpose>configuration file for named</refpurpose>
7dde2780aeae0da4e965d823578a604d8ce1215fAndreas Gustafsson </refnamediv>
f5862b6f22761d83c230e17f7d443211df19e52cBrian Wellington
9259fed3d8ac5d1efa9b5a647969e40c9c934484Andreas Gustafsson <docinfo>
9259fed3d8ac5d1efa9b5a647969e40c9c934484Andreas Gustafsson <copyright>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson <year>2004</year>
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews <year>2005</year>
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews <year>2006</year>
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews <year>2007</year>
c6d4f781529d2f28693546b25b2967d44ec89e60Mark Andrews <year>2008</year>
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews <holder>Internet Systems Consortium, Inc. ("ISC")</holder>
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews </copyright>
4e1d3e67cdc76609bad5f0310ac48de10b442b9fMark Andrews </docinfo>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson <refsynopsisdiv>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson <cmdsynopsis>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson <command>named.conf</command>
fb01226bcd598c36b5edc566489c890c39f03ed3Brian Wellington </cmdsynopsis>
c6d4f781529d2f28693546b25b2967d44ec89e60Mark Andrews </refsynopsisdiv>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington <refsect1>
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington <title>DESCRIPTION</title>
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington <para><filename>named.conf</filename> is the configuration file
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington for
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews <command>named</command>. Statements are enclosed
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews in braces and terminated with a semi-colon. Clauses in
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson the statements are also semi-colon terminated. The usual
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington comment styles are supported:
4e1d3e67cdc76609bad5f0310ac48de10b442b9fMark Andrews </para>
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington <para>
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington C style: /* */
4e1d3e67cdc76609bad5f0310ac48de10b442b9fMark Andrews </para>
9df7d74e421cf715c6e3cbbad2aba6d33a5d1c9bBrian Wellington <para>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson C++ style: // to end of line
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington </para>
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington <para>
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington Unix style: # to end of line
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington </para>
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington </refsect1>
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington <refsect1>
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington <title>ACL</title>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson <literallayout>
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrenceacl <replaceable>string</replaceable> { <replaceable>address_match_element</replaceable>; ... };
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrence
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrence</literallayout>
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington </refsect1>
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington <refsect1>
6e49e91bd08778d7eae45a2229dcf41ed97cc636David Lawrence <title>KEY</title>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson <literallayout>
307d2084502eddc7ce921e5ce439aec3531d90e0Tatuya JINMEI 神明達哉key <replaceable>domain_name</replaceable> {
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson algorithm <replaceable>string</replaceable>;
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson secret <replaceable>string</replaceable>;
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson};
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrence</literallayout>
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrence </refsect1>
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrence
fb64c9cf757422c5473764521ffc7c6111b8c821Brian Wellington <refsect1>
c6d4f781529d2f28693546b25b2967d44ec89e60Mark Andrews <title>MASTERS</title>
c6d4f781529d2f28693546b25b2967d44ec89e60Mark Andrews <literallayout>
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellingtonmasters <replaceable>string</replaceable> <optional> port <replaceable>integer</replaceable> </optional> {
c6d4f781529d2f28693546b25b2967d44ec89e60Mark Andrews ( <replaceable>masters</replaceable> | <replaceable>ipv4_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> |
c6d4f781529d2f28693546b25b2967d44ec89e60Mark Andrews <replaceable>ipv6_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> ) <optional> key <replaceable>string</replaceable> </optional>; ...
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington};
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington</literallayout>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson </refsect1>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington <refsect1>
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington <title>SERVER</title>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson <literallayout>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafssonserver ( <replaceable>ipv4_address<optional>/prefixlen</optional></replaceable> | <replaceable>ipv6_address<optional>/prefixlen</optional></replaceable> ) {
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson bogus <replaceable>boolean</replaceable>;
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson edns <replaceable>boolean</replaceable>;
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson edns-udp-size <replaceable>integer</replaceable>;
6e49e91bd08778d7eae45a2229dcf41ed97cc636David Lawrence max-udp-size <replaceable>integer</replaceable>;
734ae1f7c6abafe1f1ca164aad7a3dd01ee82cbdBrian Wellington provide-ixfr <replaceable>boolean</replaceable>;
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson request-ixfr <replaceable>boolean</replaceable>;
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson keys <replaceable>server_key</replaceable>;
6e49e91bd08778d7eae45a2229dcf41ed97cc636David Lawrence transfers <replaceable>integer</replaceable>;
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson transfer-format ( many-answers | one-answer );
fb01226bcd598c36b5edc566489c890c39f03ed3Brian Wellington transfer-source ( <replaceable>ipv4_address</replaceable> | * )
7a184cd4e5a54a4e530f9bff8a4e46be392d0b52Brian Wellington <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
fb01226bcd598c36b5edc566489c890c39f03ed3Brian Wellington transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * )
c6d4f781529d2f28693546b25b2967d44ec89e60Mark Andrews <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson support-ixfr <replaceable>boolean</replaceable>; // obsolete
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson};
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson</literallayout>
c6d4f781529d2f28693546b25b2967d44ec89e60Mark Andrews </refsect1>
c6d4f781529d2f28693546b25b2967d44ec89e60Mark Andrews
c6d4f781529d2f28693546b25b2967d44ec89e60Mark Andrews <refsect1>
c6d4f781529d2f28693546b25b2967d44ec89e60Mark Andrews <title>TRUSTED-KEYS</title>
c6d4f781529d2f28693546b25b2967d44ec89e60Mark Andrews <literallayout>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafssontrusted-keys {
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington <replaceable>domain_name</replaceable> <replaceable>flags</replaceable> <replaceable>protocol</replaceable> <replaceable>algorithm</replaceable> <replaceable>key</replaceable>; ...
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson};
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson</literallayout>
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington </refsect1>
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington
26a5f97dd8770ced729025488091b77d8beb0ab6Brian Wellington <refsect1>
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington <title>CONTROLS</title>
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington <literallayout>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafssoncontrols {
9df7d74e421cf715c6e3cbbad2aba6d33a5d1c9bBrian Wellington inet ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> | * )
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson <optional> port ( <replaceable>integer</replaceable> | * ) </optional>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson allow { <replaceable>address_match_element</replaceable>; ... }
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson <optional> keys { <replaceable>string</replaceable>; ... } </optional>;
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson unix <replaceable>unsupported</replaceable>; // not implemented
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews};
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington</literallayout>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson </refsect1>
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews
45e1bd63587102c3bb361eaca42ee7b714fb3542Mark Andrews <refsect1>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson <title>LOGGING</title>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson <literallayout>
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellingtonlogging {
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington channel <replaceable>string</replaceable> {
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt file <replaceable>log_file</replaceable>;
351b62535d4c4f89883bfdba025999dd32490266Evan Hunt syslog <replaceable>optional_facility</replaceable>;
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington null;
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington stderr;
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington severity <replaceable>log_severity</replaceable>;
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington print-time <replaceable>boolean</replaceable>;
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington print-severity <replaceable>boolean</replaceable>;
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington print-category <replaceable>boolean</replaceable>;
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson };
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson category <replaceable>string</replaceable> { <replaceable>string</replaceable>; ... };
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson};
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson</literallayout>
c885fad9b8bf204ae9e62c9acb0321e2bcca30a4Andreas Gustafsson </refsect1>
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington <refsect1>
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington <title>LWRES</title>
40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence <literallayout>
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellingtonlwres {
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington listen-on <optional> port <replaceable>integer</replaceable> </optional> {
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> ) <optional> port <replaceable>integer</replaceable> </optional>; ...
90c099e88e9f16bfee9edee3ac1a51fc98843772Brian Wellington };
8c7eaac6bbcc9746afe8f57b60bb964745c01eafAndreas Gustafsson view <replaceable>string</replaceable> <replaceable>optional_class</replaceable>;
8c7eaac6bbcc9746afe8f57b60bb964745c01eafAndreas Gustafsson search { <replaceable>string</replaceable>; ... };
8c7eaac6bbcc9746afe8f57b60bb964745c01eafAndreas Gustafsson ndots <replaceable>integer</replaceable>;
c885fad9b8bf204ae9e62c9acb0321e2bcca30a4Andreas Gustafsson};
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson</literallayout>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson </refsect1>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson <refsect1>
433e06a25cdd92d665abda3e64c2c65f4a3f9b21Mark Andrews <title>OPTIONS</title>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafsson <literallayout>
f93d33e24fdf76eb2558168f018b8992bcfc5681Andreas Gustafssonoptions {
avoid-v4-udp-ports { <replaceable>port</replaceable>; ... };
avoid-v6-udp-ports { <replaceable>port</replaceable>; ... };
blackhole { <replaceable>address_match_element</replaceable>; ... };
coresize <replaceable>size</replaceable>;
datasize <replaceable>size</replaceable>;
directory <replaceable>quoted_string</replaceable>;
dump-file <replaceable>quoted_string</replaceable>;
files <replaceable>size</replaceable>;
heartbeat-interval <replaceable>integer</replaceable>;
host-statistics <replaceable>boolean</replaceable>; // not implemented
host-statistics-max <replaceable>number</replaceable>; // not implemented
hostname ( <replaceable>quoted_string</replaceable> | none );
interface-interval <replaceable>integer</replaceable>;
listen-on <optional> port <replaceable>integer</replaceable> </optional> { <replaceable>address_match_element</replaceable>; ... };
listen-on-v6 <optional> port <replaceable>integer</replaceable> </optional> { <replaceable>address_match_element</replaceable>; ... };
match-mapped-addresses <replaceable>boolean</replaceable>;
memstatistics-file <replaceable>quoted_string</replaceable>;
pid-file ( <replaceable>quoted_string</replaceable> | none );
port <replaceable>integer</replaceable>;
querylog <replaceable>boolean</replaceable>;
recursing-file <replaceable>quoted_string</replaceable>;
random-device <replaceable>quoted_string</replaceable>;
recursive-clients <replaceable>integer</replaceable>;
serial-query-rate <replaceable>integer</replaceable>;
server-id ( <replaceable>quoted_string</replaceable> | none |;
stacksize <replaceable>size</replaceable>;
statistics-file <replaceable>quoted_string</replaceable>;
statistics-interval <replaceable>integer</replaceable>; // not yet implemented
tcp-clients <replaceable>integer</replaceable>;
tcp-listen-queue <replaceable>integer</replaceable>;
tkey-dhkey <replaceable>quoted_string</replaceable> <replaceable>integer</replaceable>;
tkey-gssapi-credential <replaceable>quoted_string</replaceable>;
tkey-domain <replaceable>quoted_string</replaceable>;
transfers-per-ns <replaceable>integer</replaceable>;
transfers-in <replaceable>integer</replaceable>;
transfers-out <replaceable>integer</replaceable>;
use-ixfr <replaceable>boolean</replaceable>;
version ( <replaceable>quoted_string</replaceable> | none );
allow-recursion { <replaceable>address_match_element</replaceable>; ... };
allow-recursion-on { <replaceable>address_match_element</replaceable>; ... };
sortlist { <replaceable>address_match_element</replaceable>; ... };
topology { <replaceable>address_match_element</replaceable>; ... }; // not implemented
auth-nxdomain <replaceable>boolean</replaceable>; // default changed
minimal-responses <replaceable>boolean</replaceable>;
recursion <replaceable>boolean</replaceable>;
rrset-order {
<optional> class <replaceable>string</replaceable> </optional> <optional> type <replaceable>string</replaceable> </optional>
<optional> name <replaceable>quoted_string</replaceable> </optional> <replaceable>string</replaceable> <replaceable>string</replaceable>; ...
};
provide-ixfr <replaceable>boolean</replaceable>;
request-ixfr <replaceable>boolean</replaceable>;
rfc2308-type1 <replaceable>boolean</replaceable>; // not yet implemented
additional-from-auth <replaceable>boolean</replaceable>;
additional-from-cache <replaceable>boolean</replaceable>;
query-source ( ( <replaceable>ipv4_address</replaceable> | * ) | <optional> address ( <replaceable>ipv4_address</replaceable> | * ) </optional> ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
query-source-v6 ( ( <replaceable>ipv6_address</replaceable> | * ) | <optional> address ( <replaceable>ipv6_address</replaceable> | * ) </optional> ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
use-queryport-pool <replaceable>boolean</replaceable>;
queryport-pool-ports <replaceable>integer</replaceable>;
queryport-pool-updateinterval <replaceable>integer</replaceable>;
cleaning-interval <replaceable>integer</replaceable>;
min-roots <replaceable>integer</replaceable>; // not implemented
lame-ttl <replaceable>integer</replaceable>;
max-ncache-ttl <replaceable>integer</replaceable>;
max-cache-ttl <replaceable>integer</replaceable>;
transfer-format ( many-answers | one-answer );
max-cache-size <replaceable>size</replaceable>;
max-acache-size <replaceable>size</replaceable>;
clients-per-query <replaceable>number</replaceable>;
max-clients-per-query <replaceable>number</replaceable>;
check-names ( master | slave | response )
( fail | warn | ignore );
check-mx ( fail | warn | ignore );
check-integrity <replaceable>boolean</replaceable>;
check-mx-cname ( fail | warn | ignore );
check-srv-cname ( fail | warn | ignore );
cache-file <replaceable>quoted_string</replaceable>; // test option
suppress-initial-notify <replaceable>boolean</replaceable>; // not yet implemented
preferred-glue <replaceable>string</replaceable>;
dual-stack-servers <optional> port <replaceable>integer</replaceable> </optional> {
( <replaceable>quoted_string</replaceable> <optional>port <replaceable>integer</replaceable></optional> |
<replaceable>ipv4_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> |
<replaceable>ipv6_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> ); ...
};
edns-udp-size <replaceable>integer</replaceable>;
max-udp-size <replaceable>integer</replaceable>;
root-delegation-only <optional> exclude { <replaceable>quoted_string</replaceable>; ... } </optional>;
disable-algorithms <replaceable>string</replaceable> { <replaceable>string</replaceable>; ... };
dnssec-enable <replaceable>boolean</replaceable>;
dnssec-validation <replaceable>boolean</replaceable>;
dnssec-lookaside <replaceable>string</replaceable> trust-anchor <replaceable>string</replaceable>;
dnssec-must-be-secure <replaceable>string</replaceable> <replaceable>boolean</replaceable>;
dnssec-accept-expired <replaceable>boolean</replaceable>;
empty-server <replaceable>string</replaceable>;
empty-contact <replaceable>string</replaceable>;
empty-zones-enable <replaceable>boolean</replaceable>;
disable-empty-zone <replaceable>string</replaceable>;
dialup <replaceable>dialuptype</replaceable>;
ixfr-from-differences <replaceable>ixfrdiff</replaceable>;
allow-query { <replaceable>address_match_element</replaceable>; ... };
allow-query-on { <replaceable>address_match_element</replaceable>; ... };
allow-query-cache { <replaceable>address_match_element</replaceable>; ... };
allow-query-cache-on { <replaceable>address_match_element</replaceable>; ... };
allow-transfer { <replaceable>address_match_element</replaceable>; ... };
allow-update { <replaceable>address_match_element</replaceable>; ... };
allow-update-forwarding { <replaceable>address_match_element</replaceable>; ... };
update-check-ksk <replaceable>boolean</replaceable>;
masterfile-format ( text | raw );
notify <replaceable>notifytype</replaceable>;
notify-source ( <replaceable>ipv4_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
notify-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
notify-delay <replaceable>seconds</replaceable>;
notify-to-soa <replaceable>boolean</replaceable>;
also-notify <optional> port <replaceable>integer</replaceable> </optional> { ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> )
<optional> port <replaceable>integer</replaceable> </optional>; ... };
allow-notify { <replaceable>address_match_element</replaceable>; ... };
forward ( first | only );
forwarders <optional> port <replaceable>integer</replaceable> </optional> {
( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> ) <optional> port <replaceable>integer</replaceable> </optional>; ...
};
max-journal-size <replaceable>size_no_default</replaceable>;
max-transfer-time-in <replaceable>integer</replaceable>;
max-transfer-time-out <replaceable>integer</replaceable>;
max-transfer-idle-in <replaceable>integer</replaceable>;
max-transfer-idle-out <replaceable>integer</replaceable>;
max-retry-time <replaceable>integer</replaceable>;
min-retry-time <replaceable>integer</replaceable>;
max-refresh-time <replaceable>integer</replaceable>;
min-refresh-time <replaceable>integer</replaceable>;
multi-master <replaceable>boolean</replaceable>;
sig-validity-interval <replaceable>integer</replaceable>;
transfer-source ( <replaceable>ipv4_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
alt-transfer-source ( <replaceable>ipv4_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
alt-transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
use-alt-transfer-source <replaceable>boolean</replaceable>;
zone-statistics <replaceable>boolean</replaceable>;
key-directory <replaceable>quoted_string</replaceable>;
try-tcp-refresh <replaceable>boolean</replaceable>;
zero-no-soa-ttl <replaceable>boolean</replaceable>;
zero-no-soa-ttl-cache <replaceable>boolean</replaceable>;
allow-v6-synthesis { <replaceable>address_match_element</replaceable>; ... }; // obsolete
deallocate-on-exit <replaceable>boolean</replaceable>; // obsolete
fake-iquery <replaceable>boolean</replaceable>; // obsolete
fetch-glue <replaceable>boolean</replaceable>; // obsolete
has-old-clients <replaceable>boolean</replaceable>; // obsolete
maintain-ixfr-base <replaceable>boolean</replaceable>; // obsolete
max-ixfr-log-size <replaceable>size</replaceable>; // obsolete
multiple-cnames <replaceable>boolean</replaceable>; // obsolete
named-xfer <replaceable>quoted_string</replaceable>; // obsolete
serial-queries <replaceable>integer</replaceable>; // obsolete
treat-cr-as-space <replaceable>boolean</replaceable>; // obsolete
use-id-pool <replaceable>boolean</replaceable>; // obsolete
};
</literallayout>
</refsect1>
<refsect1>
<title>VIEW</title>
<literallayout>
view <replaceable>string</replaceable> <replaceable>optional_class</replaceable> {
match-clients { <replaceable>address_match_element</replaceable>; ... };
match-destinations { <replaceable>address_match_element</replaceable>; ... };
match-recursive-only <replaceable>boolean</replaceable>;
key <replaceable>string</replaceable> {
algorithm <replaceable>string</replaceable>;
secret <replaceable>string</replaceable>;
};
zone <replaceable>string</replaceable> <replaceable>optional_class</replaceable> {
...
};
server ( <replaceable>ipv4_address<optional>/prefixlen</optional></replaceable> | <replaceable>ipv6_address<optional>/prefixlen</optional></replaceable> ) {
...
};
trusted-keys {
<replaceable>string</replaceable> <replaceable>integer</replaceable> <replaceable>integer</replaceable> <replaceable>integer</replaceable> <replaceable>quoted_string</replaceable>; ...
};
allow-recursion { <replaceable>address_match_element</replaceable>; ... };
allow-recursion-on { <replaceable>address_match_element</replaceable>; ... };
sortlist { <replaceable>address_match_element</replaceable>; ... };
topology { <replaceable>address_match_element</replaceable>; ... }; // not implemented
auth-nxdomain <replaceable>boolean</replaceable>; // default changed
minimal-responses <replaceable>boolean</replaceable>;
recursion <replaceable>boolean</replaceable>;
rrset-order {
<optional> class <replaceable>string</replaceable> </optional> <optional> type <replaceable>string</replaceable> </optional>
<optional> name <replaceable>quoted_string</replaceable> </optional> <replaceable>string</replaceable> <replaceable>string</replaceable>; ...
};
provide-ixfr <replaceable>boolean</replaceable>;
request-ixfr <replaceable>boolean</replaceable>;
rfc2308-type1 <replaceable>boolean</replaceable>; // not yet implemented
additional-from-auth <replaceable>boolean</replaceable>;
additional-from-cache <replaceable>boolean</replaceable>;
query-source ( ( <replaceable>ipv4_address</replaceable> | * ) | <optional> address ( <replaceable>ipv4_address</replaceable> | * ) </optional> ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
query-source-v6 ( ( <replaceable>ipv6_address</replaceable> | * ) | <optional> address ( <replaceable>ipv6_address</replaceable> | * ) </optional> ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
use-queryport-pool <replaceable>boolean</replaceable>;
queryport-pool-ports <replaceable>integer</replaceable>;
queryport-pool-updateinterval <replaceable>integer</replaceable>;
cleaning-interval <replaceable>integer</replaceable>;
min-roots <replaceable>integer</replaceable>; // not implemented
lame-ttl <replaceable>integer</replaceable>;
max-ncache-ttl <replaceable>integer</replaceable>;
max-cache-ttl <replaceable>integer</replaceable>;
transfer-format ( many-answers | one-answer );
max-cache-size <replaceable>size</replaceable>;
max-acache-size <replaceable>size</replaceable>;
clients-per-query <replaceable>number</replaceable>;
max-clients-per-query <replaceable>number</replaceable>;
check-names ( master | slave | response )
( fail | warn | ignore );
check-mx ( fail | warn | ignore );
check-integrity <replaceable>boolean</replaceable>;
check-mx-cname ( fail | warn | ignore );
check-srv-cname ( fail | warn | ignore );
cache-file <replaceable>quoted_string</replaceable>; // test option
suppress-initial-notify <replaceable>boolean</replaceable>; // not yet implemented
preferred-glue <replaceable>string</replaceable>;
dual-stack-servers <optional> port <replaceable>integer</replaceable> </optional> {
( <replaceable>quoted_string</replaceable> <optional>port <replaceable>integer</replaceable></optional> |
<replaceable>ipv4_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> |
<replaceable>ipv6_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> ); ...
};
edns-udp-size <replaceable>integer</replaceable>;
max-udp-size <replaceable>integer</replaceable>;
root-delegation-only <optional> exclude { <replaceable>quoted_string</replaceable>; ... } </optional>;
disable-algorithms <replaceable>string</replaceable> { <replaceable>string</replaceable>; ... };
dnssec-enable <replaceable>boolean</replaceable>;
dnssec-validation <replaceable>boolean</replaceable>;
dnssec-lookaside <replaceable>string</replaceable> trust-anchor <replaceable>string</replaceable>;
dnssec-must-be-secure <replaceable>string</replaceable> <replaceable>boolean</replaceable>;
dnssec-accept-expired <replaceable>boolean</replaceable>;
empty-server <replaceable>string</replaceable>;
empty-contact <replaceable>string</replaceable>;
empty-zones-enable <replaceable>boolean</replaceable>;
disable-empty-zone <replaceable>string</replaceable>;
dialup <replaceable>dialuptype</replaceable>;
ixfr-from-differences <replaceable>ixfrdiff</replaceable>;
allow-query { <replaceable>address_match_element</replaceable>; ... };
allow-query-on { <replaceable>address_match_element</replaceable>; ... };
allow-query-cache { <replaceable>address_match_element</replaceable>; ... };
allow-query-cache-on { <replaceable>address_match_element</replaceable>; ... };
allow-transfer { <replaceable>address_match_element</replaceable>; ... };
allow-update { <replaceable>address_match_element</replaceable>; ... };
allow-update-forwarding { <replaceable>address_match_element</replaceable>; ... };
update-check-ksk <replaceable>boolean</replaceable>;
masterfile-format ( text | raw );
notify <replaceable>notifytype</replaceable>;
notify-source ( <replaceable>ipv4_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
notify-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
notify-delay <replaceable>seconds</replaceable>;
notify-to-soa <replaceable>boolean</replaceable>;
also-notify <optional> port <replaceable>integer</replaceable> </optional> { ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> )
<optional> port <replaceable>integer</replaceable> </optional>; ... };
allow-notify { <replaceable>address_match_element</replaceable>; ... };
forward ( first | only );
forwarders <optional> port <replaceable>integer</replaceable> </optional> {
( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> ) <optional> port <replaceable>integer</replaceable> </optional>; ...
};
max-journal-size <replaceable>size_no_default</replaceable>;
max-transfer-time-in <replaceable>integer</replaceable>;
max-transfer-time-out <replaceable>integer</replaceable>;
max-transfer-idle-in <replaceable>integer</replaceable>;
max-transfer-idle-out <replaceable>integer</replaceable>;
max-retry-time <replaceable>integer</replaceable>;
min-retry-time <replaceable>integer</replaceable>;
max-refresh-time <replaceable>integer</replaceable>;
min-refresh-time <replaceable>integer</replaceable>;
multi-master <replaceable>boolean</replaceable>;
sig-validity-interval <replaceable>integer</replaceable>;
transfer-source ( <replaceable>ipv4_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
alt-transfer-source ( <replaceable>ipv4_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
alt-transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
use-alt-transfer-source <replaceable>boolean</replaceable>;
zone-statistics <replaceable>boolean</replaceable>;
try-tcp-refresh <replaceable>boolean</replaceable>;
key-directory <replaceable>quoted_string</replaceable>;
zero-no-soa-ttl <replaceable>boolean</replaceable>;
zero-no-soa-ttl-cache <replaceable>boolean</replaceable>;
allow-v6-synthesis { <replaceable>address_match_element</replaceable>; ... }; // obsolete
fetch-glue <replaceable>boolean</replaceable>; // obsolete
maintain-ixfr-base <replaceable>boolean</replaceable>; // obsolete
max-ixfr-log-size <replaceable>size</replaceable>; // obsolete
};
</literallayout>
</refsect1>
<refsect1>
<title>ZONE</title>
<literallayout>
zone <replaceable>string</replaceable> <replaceable>optional_class</replaceable> {
type ( master | slave | stub | hint |
forward | delegation-only );
file <replaceable>quoted_string</replaceable>;
masters <optional> port <replaceable>integer</replaceable> </optional> {
( <replaceable>masters</replaceable> |
<replaceable>ipv4_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> |
<replaceable>ipv6_address</replaceable> <optional> port <replaceable>integer</replaceable> </optional> ) <optional> key <replaceable>string</replaceable> </optional>; ...
};
database <replaceable>string</replaceable>;
delegation-only <replaceable>boolean</replaceable>;
check-names ( fail | warn | ignore );
check-mx ( fail | warn | ignore );
check-integrity <replaceable>boolean</replaceable>;
check-mx-cname ( fail | warn | ignore );
check-srv-cname ( fail | warn | ignore );
dialup <replaceable>dialuptype</replaceable>;
ixfr-from-differences <replaceable>boolean</replaceable>;
journal <replaceable>quoted_string</replaceable>;
zero-no-soa-ttl <replaceable>boolean</replaceable>;
allow-query { <replaceable>address_match_element</replaceable>; ... };
allow-query-on { <replaceable>address_match_element</replaceable>; ... };
allow-transfer { <replaceable>address_match_element</replaceable>; ... };
allow-update { <replaceable>address_match_element</replaceable>; ... };
allow-update-forwarding { <replaceable>address_match_element</replaceable>; ... };
update-policy {
( grant | deny ) <replaceable>string</replaceable>
( name | subdomain | wildcard | self | selfsub | selfwild |
krb5-self | ms-self | krb5-subdomain | ms-subdomain |
tcp-self | 6to4-self ) <replaceable>string</replaceable>
<replaceable>rrtypelist</replaceable>; ...
};
update-check-ksk <replaceable>boolean</replaceable>;
masterfile-format ( text | raw );
notify <replaceable>notifytype</replaceable>;
notify-source ( <replaceable>ipv4_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
notify-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
notify-delay <replaceable>seconds</replaceable>;
notify-to-soa <replaceable>boolean</replaceable>;
also-notify <optional> port <replaceable>integer</replaceable> </optional> { ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> )
<optional> port <replaceable>integer</replaceable> </optional>; ... };
allow-notify { <replaceable>address_match_element</replaceable>; ... };
forward ( first | only );
forwarders <optional> port <replaceable>integer</replaceable> </optional> {
( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> ) <optional> port <replaceable>integer</replaceable> </optional>; ...
};
max-journal-size <replaceable>size_no_default</replaceable>;
max-transfer-time-in <replaceable>integer</replaceable>;
max-transfer-time-out <replaceable>integer</replaceable>;
max-transfer-idle-in <replaceable>integer</replaceable>;
max-transfer-idle-out <replaceable>integer</replaceable>;
max-retry-time <replaceable>integer</replaceable>;
min-retry-time <replaceable>integer</replaceable>;
max-refresh-time <replaceable>integer</replaceable>;
min-refresh-time <replaceable>integer</replaceable>;
multi-master <replaceable>boolean</replaceable>;
sig-validity-interval <replaceable>integer</replaceable>;
transfer-source ( <replaceable>ipv4_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
alt-transfer-source ( <replaceable>ipv4_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
alt-transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
use-alt-transfer-source <replaceable>boolean</replaceable>;
zone-statistics <replaceable>boolean</replaceable>;
try-tcp-refresh <replaceable>boolean</replaceable>;
key-directory <replaceable>quoted_string</replaceable>;
ixfr-base <replaceable>quoted_string</replaceable>; // obsolete
ixfr-tmp-file <replaceable>quoted_string</replaceable>; // obsolete
maintain-ixfr-base <replaceable>boolean</replaceable>; // obsolete
max-ixfr-log-size <replaceable>size</replaceable>; // obsolete
pubkey <replaceable>integer</replaceable> <replaceable>integer</replaceable> <replaceable>integer</replaceable> <replaceable>quoted_string</replaceable>; // obsolete
};
</literallayout>
</refsect1>
<refsect1>
<title>FILES</title>
<para><filename>/etc/named.conf</filename>
</para>
</refsect1>
<refsect1>
<title>SEE ALSO</title>
<para><citerefentry>
<refentrytitle>named</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>named-checkconf</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>rndc</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citetitle>BIND 9 Administrator Reference Manual</citetitle>.
</para>
</refsect1>
</refentry><!--
- Local variables:
- mode: sgml
- End:
-->