named.conf revision 09c9fc94cf9eafea7f66449056d466f6a4584232
/*
*/
/*
*/
# So are shell-style comments
options {
version "my version string";
directory "/tmp";
# Obsolete
named-xfer "/usr/libexec/named-xfer"; // _PATH_XFER
dump-file "named_dump.db"; // _PATH_DUMPFILE
statistics-file "named.stats"; // _PATH_STATS
memstatistics-file "named.memstats"; // _PATH_MEMSTATS
auth-nxdomain yes; // always set AA on NXDOMAIN.
# Obsolete
// memstatistics-file.
# Obsolete
# Obsolete
# Obsolete
# Obsolete
also-notify { 10.0.2.3; };
// forwarders. "first" gives the normal BIND
// forwarding behavior, i.e. ask the forwarders first, and if that
1.2.3.4;
5.6.7.8;
};
blackhole { 45/24; };
10/24;
10.0.0.3; 1:2:3:4:5:6:7:8;
};
!1.2.3.4;
1.2.3/24;
};
# Now called 'provide-ixfr'
# maintain-ixfr-base no; // If yes, keep transaction log file for IXFR
coresize 100;
datasize 101;
files 230;
stacksize 231;
topology {
10/8;
!1.2.3/24;
{ 1.2/16; 3/8; };
};
sortlist { 10/8; 11/8; };
};
/*
*/
controls {
};
// here.
// than those on the NS list for this
// zone
forward first;
forwarders { 10.0.0.3; 1:2:3:4:5:6:7:8; };
};
zone "slave.demo.zone" {
type slave; // what used to be called "secondary"
file "slave.demo.zone";
ixfr-base "slave.demo.zone.ixfr"; // File name for IXFR transaction log file
masters {
1.2.3.4; // where to zone transfer from
5.6.7.8;
};
transfer-source 10.0.0.53; // fixes multihoming problems
check-names warn;
allow-update { none; };
allow-transfer { any; };
allow-update-forwarding { any; };
allow-query { any; };
max-transfer-time-in 120; // if not set, global option is used.
max-transfer-time-out 1; // if not set, global option is used.
max-transfer-idle-in 2; // if not set, global option is used.
max-transfer-idle-out 3; // if not set, global option is used.
also-notify { }; // don't notify any nameservers other
// zone
};
recursion true;
notify false;
transfer-source 10.0.0.55;
type master;
};
server 5.6.7.8 {
};
server 10.9.8.7 {
};
};
// are transferred.
masters {
5.6.7.8;
};
};
// pubkey 257 255 1 "AQP2fHpZ4VMpKo/jc9Fod821uyfY5p8j5h/Am0V/KpBTMZjdXmp9QJe6yFRoIIzkaNCgTIftASdpXGgCwFB2j2KXP/rick6gvEer5VcDEkLR5Q==";
};
"." 257 255 1 "AQP2fHpZ4VMpKo/jc9Fod821uyfY5p8j5h/Am0V/KpBTMZjdXmp9QJe6yFRoIIzkaNCgTIftASdpXGgCwFB2j2KXP/rick6gvEer5VcDEkLR5Q==";
};
// is disallowed; rest are OK
type master;
1.2.3.4;
5.6.7.8;
};
//
// issues:
//
grant foo.bar.com. self foo.bar.com. a;
};
};
};
};
server 1.2.3.4 {
// to this server
transfer-format one-answer; // set transfer format for this
// server (see the description of
// if not specified, the global option
// will be used
transfers 0; // not implemented
keys { "sample_key" }; // for TSIG; supported by the parser
// but not yet implemented in the
// rest of the server
# support-ixfr yes; // for IXFR supported by server
// if yes, the listed server talks IXFR
};
logging {
/*
* All log output goes to one or more "channels"; you can make as
* many of them as you want.
*/
channel syslog_errors { // this channel will send errors or
syslog user; // or worse to syslog (user facility)
severity error;
};
/*
* Channels have a severity level. Messages at severity levels
*
* error
* warning
* notice a normal, but significant event
* ...
*/
/*
*
* };
*
* channel default_debug {
* // option.
* // log anything if not
* // debugging.
* };
*
* channel null { // this is the bit bucket;
* // is discarded.
* };
*
* channel default_stderr { // writes to stderr
* file "<stderr>"; // this is illustrative only;
* // configuration language.
* severity info;
* };
*
* default_stderr only works before the server daemonizes (i.e.
* during initial startup) or when it is running in foreground
* mode (-f command line option).
*/
/*
* There are many categories, so you can send the logs
* you want to see wherever you want, without seeing logs you
*
* aren't classified into categories, and
* they all end up here. also, if you
* instead.
* update dynamic update
* ncache negative caching
* db all database operations
* eventlib debugging info from the event system
* (see below)
* packet dumps of packets received and sent
* (see below)
* notify the NOTIFY protocol
* cname messages like "XX points to a CNAME"
* security approved/unapproved requests
* os operating system problems
* insist consistency check failures
* maintenance periodic maintenance
* load zone loading
* response-checks messages like
* "Malformed response ..."
* "wrong ans. name ..."
* "unrelated additional info ..."
* "invalid RR type ..."
* "bad referral ..."
*/
category parser {
syslog_errors; // you can log to as many channels
default_syslog; // as you want
};
/*
*/
};
/*
* want to see any problems, you could do the following.
*/
channel no_info_messages {
syslog;
severity notice;
};
category load { no_info_messages; };
/*
* You can also define category "default"; it gets used when no
* "category" statement has been given for a category.
*/
category default {
default_syslog;
moderate_debug;
};
/*
*
*/
/*
* panic category will be used. It is
*
* category panic { default_syslog; default_stderr; };
*/
/*
* channel may be assigned to each of them, and it must be a
*
*
*/
};
#include "filename"; // can't do within a statement