Bv9ARM.ch03.html revision 30c0c7470d5bfabd8f43c563f4eca636d06cc484
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC")
71cef386fae61275b03e203825680b39fedaa8c6Tinderbox User - Copyright (C) 2000-2003 Internet Software Consortium.
5347c0fcb04eaea19d9f39795646239f487c6207Tinderbox User - Permission to use, copy, modify, and/or distribute this software for any
5347c0fcb04eaea19d9f39795646239f487c6207Tinderbox User - purpose with or without fee is hereby granted, provided that the above
5347c0fcb04eaea19d9f39795646239f487c6207Tinderbox User - copyright notice and this permission notice appear in all copies.
d6fa26d0adaec6c910115be34fe7a5a5f402c14fMark Andrews - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - PERFORMANCE OF THIS SOFTWARE.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<title>Chapter�3.�Name Server Configuration</title>
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="up" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="prev" href="Bv9ARM.ch02.html" title="Chapter�2.�BIND Resource Requirements">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="next" href="Bv9ARM.ch04.html" title="Chapter�4.�Advanced DNS Features">
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr><th colspan="3" align="center">Chapter�3.�Name Server Configuration</th></tr>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<a accesskey="p" href="Bv9ARM.ch02.html">Prev</a>�</td>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<td width="20%" align="right">�<a accesskey="n" href="Bv9ARM.ch04.html">Next</a>
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User<div class="titlepage"><div><div><h2 class="title">
a1ff871f78b7d907d6fc3a382beea2a640fe8423Tinderbox User<a name="Bv9ARM.ch03"></a>Chapter�3.�Name Server Configuration</h2></div></div></div>
bfb7b680bf88c1fdd9949197b71c512c532280a4Tinderbox User<dt><span class="sect1"><a href="Bv9ARM.ch03.html#sample_configuration">Sample Configurations</a></span></dt>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<dt><span class="sect2"><a href="Bv9ARM.ch03.html#id2567995">A Caching-only Name Server</a></span></dt>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<dt><span class="sect2"><a href="Bv9ARM.ch03.html#id2568011">An Authoritative-only Name Server</a></span></dt>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<dt><span class="sect1"><a href="Bv9ARM.ch03.html#id2568034">Load Balancing</a></span></dt>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<dt><span class="sect1"><a href="Bv9ARM.ch03.html#id2568388">Name Server Operations</a></span></dt>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User<dt><span class="sect2"><a href="Bv9ARM.ch03.html#id2568393">Tools for Use With the Name Server Daemon</a></span></dt>
f9ce6280cec79deb16ff6d9807aa493ff23e10d9Tinderbox User<dt><span class="sect2"><a href="Bv9ARM.ch03.html#id2569462">Signals</a></span></dt>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt In this chapter we provide some suggested configurations along
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User with guidelines for their use. We suggest reasonable values for
0da02c26a6631c25f075a8e4ac6de9e58f49a0c2Tinderbox User certain option settings.
0da02c26a6631c25f075a8e4ac6de9e58f49a0c2Tinderbox User<div class="titlepage"><div><div><h2 class="title" style="clear: both">
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<a name="sample_configuration"></a>Sample Configurations</h2></div></div></div>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User<div class="titlepage"><div><div><h3 class="title">
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User<a name="id2567995"></a>A Caching-only Name Server</h3></div></div></div>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt The following sample configuration is appropriate for a caching-only
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User name server for use by clients internal to a corporation. All
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User from outside clients are refused using the <span><strong class="command">allow-query</strong></span>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt option. Alternatively, the same effect could be achieved using
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt firewall rules.
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User// Two corporate subnets we wish to allow queries from.
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Useracl corpnets { 192.168.4.0/24; 192.168.7.0/24; };
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User // Working directory
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User allow-query { corpnets; };
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User// Provide a reverse mapping for the loopback
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User// address 127.0.0.1
363b21045b718d06d414784c96193dc9a233e8c5Tinderbox User<div class="titlepage"><div><div><h3 class="title">
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User<a name="id2568011"></a>An Authoritative-only Name Server</h3></div></div></div>
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User This sample configuration is for an authoritative-only server
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User that is the master server for "<code class="filename">example.com</code>"
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User and a slave for the subdomain "<code class="filename">eng.example.com</code>".
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User // Working directory
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User // Do not allow access to cache
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User allow-query-cache { none; };
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User // This is the default
a1ff871f78b7d907d6fc3a382beea2a640fe8423Tinderbox User allow-query { any; };
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User // Do not provide recursive service
0da02c26a6631c25f075a8e4ac6de9e58f49a0c2Tinderbox User recursion no;
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User// Provide a reverse mapping for the loopback
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User// address 127.0.0.1
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User// We are the master server for example.com
3ca1a32241189d1e02e59f6b56399eb9b40f2aafTinderbox User // IP addresses of slave servers allowed to
3ca1a32241189d1e02e59f6b56399eb9b40f2aafTinderbox User allow-transfer {
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User 192.168.4.14;
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User 192.168.5.53;
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User// We are a slave server for eng.example.com
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User // IP address of eng.example.com master server
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User masters { 192.168.4.12; };
363b21045b718d06d414784c96193dc9a233e8c5Tinderbox User<div class="titlepage"><div><div><h2 class="title" style="clear: both">
363b21045b718d06d414784c96193dc9a233e8c5Tinderbox User<a name="id2568034"></a>Load Balancing</h2></div></div></div>
363b21045b718d06d414784c96193dc9a233e8c5Tinderbox User A primitive form of load balancing can be achieved in
363b21045b718d06d414784c96193dc9a233e8c5Tinderbox User the <acronym class="acronym">DNS</acronym> by using multiple records
363b21045b718d06d414784c96193dc9a233e8c5Tinderbox User (such as multiple A records) for one name.
550d3276d0490c4918f089ccb1528a3eb0951b0aTinderbox User For example, if you have three WWW servers with network addresses
550d3276d0490c4918f089ccb1528a3eb0951b0aTinderbox User of 10.0.0.1, 10.0.0.2 and 10.0.0.3, a set of records such as the
550d3276d0490c4918f089ccb1528a3eb0951b0aTinderbox User following means that clients will connect to each machine one third
d253648fe3331622cebea02d60aaecca3082d78dTinderbox User Resource Record (RR) Data
abe69df9a7de5cda07a2b8e19e8b7c981bcd7a9dTinderbox User When a resolver queries for these records, <acronym class="acronym">BIND</acronym> will rotate
c48fdfda7a8ae8973aadfeb88cbeaab013024a6cTinderbox User them and respond to the query with the records in a different
c48fdfda7a8ae8973aadfeb88cbeaab013024a6cTinderbox User order. In the example above, clients will randomly receive
c48fdfda7a8ae8973aadfeb88cbeaab013024a6cTinderbox User records in the order 1, 2, 3; 2, 3, 1; and 3, 1, 2. Most clients
c48fdfda7a8ae8973aadfeb88cbeaab013024a6cTinderbox User will use the first record returned and discard the rest.
abe69df9a7de5cda07a2b8e19e8b7c981bcd7a9dTinderbox User For more detail on ordering responses, check the
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <span><strong class="command">rrset-order</strong></span> sub-statement in the
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <span><strong class="command">options</strong></span> statement, see
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <a href="Bv9ARM.ch06.html#rrset_ordering">RRset Ordering</a>.
111d5ef471ecec90671f480afd8f93e550a80917Tinderbox User<div class="titlepage"><div><div><h2 class="title" style="clear: both">
111d5ef471ecec90671f480afd8f93e550a80917Tinderbox User<a name="id2568388"></a>Name Server Operations</h2></div></div></div>
111d5ef471ecec90671f480afd8f93e550a80917Tinderbox User<div class="titlepage"><div><div><h3 class="title">
111d5ef471ecec90671f480afd8f93e550a80917Tinderbox User<a name="id2568393"></a>Tools for Use With the Name Server Daemon</h3></div></div></div>
111d5ef471ecec90671f480afd8f93e550a80917Tinderbox User This section describes several indispensable diagnostic,
111d5ef471ecec90671f480afd8f93e550a80917Tinderbox User administrative and monitoring tools available to the system
111d5ef471ecec90671f480afd8f93e550a80917Tinderbox User administrator for controlling and debugging the name server
a0fb6a0980359165a4459723f52d5d7b5725f9c6Tinderbox User<div class="titlepage"><div><div><h4 class="title">
a0fb6a0980359165a4459723f52d5d7b5725f9c6Tinderbox User<a name="diagnostic_tools"></a>Diagnostic Tools</h4></div></div></div>
a0fb6a0980359165a4459723f52d5d7b5725f9c6Tinderbox User The <span><strong class="command">dig</strong></span>, <span><strong class="command">host</strong></span>, and
a0fb6a0980359165a4459723f52d5d7b5725f9c6Tinderbox User <span><strong class="command">nslookup</strong></span> programs are all command
8c7245514646663b25d8b186186ebede41903fa3Tinderbox User for manually querying name servers. They differ in style and
8c7245514646663b25d8b186186ebede41903fa3Tinderbox User output format.
8c7245514646663b25d8b186186ebede41903fa3Tinderbox User<dt><span class="term"><a name="dig"></a><span><strong class="command">dig</strong></span></span></dt>
8c7245514646663b25d8b186186ebede41903fa3Tinderbox User The domain information groper (<span><strong class="command">dig</strong></span>)
8c7245514646663b25d8b186186ebede41903fa3Tinderbox User is the most versatile and complete of these lookup tools.
421ba11f3f07cbcb12c288ef7f4e7bad13fcc28fTinderbox User It has two modes: simple interactive
421ba11f3f07cbcb12c288ef7f4e7bad13fcc28fTinderbox User mode for a single query, and batch mode which executes a
421ba11f3f07cbcb12c288ef7f4e7bad13fcc28fTinderbox User each in a list of several query lines. All query options are
421ba11f3f07cbcb12c288ef7f4e7bad13fcc28fTinderbox User from the command line.
ffe29868b4bbc64953fc5d0de51f988c20158967Tinderbox User<div class="cmdsynopsis"><p><code class="command">dig</code> [@<em class="replaceable"><code>server</code></em>] <em class="replaceable"><code>domain</code></em> [<em class="replaceable"><code>query-type</code></em>] [<em class="replaceable"><code>query-class</code></em>] [+<em class="replaceable"><code>query-option</code></em>] [-<em class="replaceable"><code>dig-option</code></em>] [%<em class="replaceable"><code>comment</code></em>]</p></div>
3b15473cedf41d48904f5b07bdc5e87afff6b58cTinderbox User The usual simple use of <span><strong class="command">dig</strong></span> will take the form
3b15473cedf41d48904f5b07bdc5e87afff6b58cTinderbox User <span><strong class="command">dig @server domain query-type query-class</strong></span>
99b30e26a6beb9092557cc9e5370b517309bff6eTinderbox User For more information and a list of available commands and
99b30e26a6beb9092557cc9e5370b517309bff6eTinderbox User options, see the <span><strong class="command">dig</strong></span> man
99b30e26a6beb9092557cc9e5370b517309bff6eTinderbox User<dt><span class="term"><span><strong class="command">host</strong></span></span></dt>
c48fdfda7a8ae8973aadfeb88cbeaab013024a6cTinderbox User The <span><strong class="command">host</strong></span> utility emphasizes
c48fdfda7a8ae8973aadfeb88cbeaab013024a6cTinderbox User and ease of use. By default, it converts
c48fdfda7a8ae8973aadfeb88cbeaab013024a6cTinderbox User between host names and Internet addresses, but its
c48fdfda7a8ae8973aadfeb88cbeaab013024a6cTinderbox User functionality
c48fdfda7a8ae8973aadfeb88cbeaab013024a6cTinderbox User can be extended with the use of options.
9efd8fc7e811d3c0c160adeb5552c2df7e49df67Tinderbox User<div class="cmdsynopsis"><p><code class="command">host</code> [-aCdlnrsTwv] [-c <em class="replaceable"><code>class</code></em>] [-N <em class="replaceable"><code>ndots</code></em>] [-t <em class="replaceable"><code>type</code></em>] [-W <em class="replaceable"><code>timeout</code></em>] [-R <em class="replaceable"><code>retries</code></em>] [-m <em class="replaceable"><code>flag</code></em>] [-4] [-6] <em class="replaceable"><code>hostname</code></em> [<em class="replaceable"><code>server</code></em>]</p></div>
9efd8fc7e811d3c0c160adeb5552c2df7e49df67Tinderbox User For more information and a list of available commands and
9efd8fc7e811d3c0c160adeb5552c2df7e49df67Tinderbox User options, see the <span><strong class="command">host</strong></span> man
9efd8fc7e811d3c0c160adeb5552c2df7e49df67Tinderbox User<dt><span class="term"><span><strong class="command">nslookup</strong></span></span></dt>
666b453b37f9ccfe3c7984fb0b31b70a3ceb918fTinderbox User<p><span><strong class="command">nslookup</strong></span>
666b453b37f9ccfe3c7984fb0b31b70a3ceb918fTinderbox User has two modes: interactive and
666b453b37f9ccfe3c7984fb0b31b70a3ceb918fTinderbox User non-interactive. Interactive mode allows the user to
666b453b37f9ccfe3c7984fb0b31b70a3ceb918fTinderbox User query name servers for information about various
666b453b37f9ccfe3c7984fb0b31b70a3ceb918fTinderbox User hosts and domains or to print a list of hosts in a
666b453b37f9ccfe3c7984fb0b31b70a3ceb918fTinderbox User domain. Non-interactive mode is used to print just
666b453b37f9ccfe3c7984fb0b31b70a3ceb918fTinderbox User the name and requested information for a host or
bea02a4cc08d57b9f36979906f291ac78a99060aTinderbox User<div class="cmdsynopsis"><p><code class="command">nslookup</code> [-option...] [[<em class="replaceable"><code>host-to-find</code></em>] | [- [server]]]</p></div>
bea02a4cc08d57b9f36979906f291ac78a99060aTinderbox User Interactive mode is entered when no arguments are given (the
bea02a4cc08d57b9f36979906f291ac78a99060aTinderbox User default name server will be used) or when the first argument
266afc085a8a74f4b13cb150234a4db21f65278bTinderbox User hyphen (`-') and the second argument is the host name or
bea02a4cc08d57b9f36979906f291ac78a99060aTinderbox User Internet address
bea02a4cc08d57b9f36979906f291ac78a99060aTinderbox User of a name server.
ffe29868b4bbc64953fc5d0de51f988c20158967Tinderbox User Non-interactive mode is used when the name or Internet
ffe29868b4bbc64953fc5d0de51f988c20158967Tinderbox User of the host to be looked up is given as the first argument.
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User optional second argument specifies the host name or address
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt of a name server.
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt Due to its arcane user interface and frequently inconsistent
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User behavior, we do not recommend the use of <span><strong class="command">nslookup</strong></span>.
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User Use <span><strong class="command">dig</strong></span> instead.
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<div class="titlepage"><div><div><h4 class="title">
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<a name="admin_tools"></a>Administrative Tools</h4></div></div></div>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt Administrative tools play an integral part in the management
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="named-checkconf"></a><span class="term"><span><strong class="command">named-checkconf</strong></span></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein The <span><strong class="command">named-checkconf</strong></span> program
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein checks the syntax of a <code class="filename">named.conf</code> file.
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<div class="cmdsynopsis"><p><code class="command">named-checkconf</code> [-jvz] [-t <em class="replaceable"><code>directory</code></em>] [<em class="replaceable"><code>filename</code></em>]</p></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="named-checkzone"></a><span class="term"><span><strong class="command">named-checkzone</strong></span></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein The <span><strong class="command">named-checkzone</strong></span> program
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein checks a master file for
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein syntax and consistency.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="cmdsynopsis"><p><code class="command">named-checkzone</code> [-djqvD] [-c <em class="replaceable"><code>class</code></em>] [-o <em class="replaceable"><code>output</code></em>] [-t <em class="replaceable"><code>directory</code></em>] [-w <em class="replaceable"><code>directory</code></em>] [-k <em class="replaceable"><code>(ignore|warn|fail)</code></em>] [-n <em class="replaceable"><code>(ignore|warn|fail)</code></em>] [-W <em class="replaceable"><code>(ignore|warn)</code></em>] <em class="replaceable"><code>zone</code></em> [<em class="replaceable"><code>filename</code></em>]</p></div>
<a name="named-compilezone"></a><span class="term"><span><strong class="command">named-compilezone</strong></span></span>
Since <acronym class="acronym">BIND</acronym> 9.2, <span><strong class="command">rndc</strong></span>
<div class="cmdsynopsis"><p><code class="command">rndc</code> [-c <em class="replaceable"><code>config</code></em>] [-s <em class="replaceable"><code>server</code></em>] [-p <em class="replaceable"><code>port</code></em>] [-y <em class="replaceable"><code>key</code></em>] <em class="replaceable"><code>command</code></em> [<em class="replaceable"><code>command</code></em>...]</p></div>
<p>See <a href="man.rndc.html" title="rndc"><span class="refentrytitle"><span class="application">rndc</span></span>(8)</a> for details of
<a href="Bv9ARM.ch06.html#controls_statement_definition_and_usage" title="controls Statement Definition and
Usage">the section called “<span><strong class="command">controls</strong></span> Statement Definition and
<span><strong class="command">key</strong></span>, <span><strong class="command">server</strong></span> and
<span><strong class="command">default-server</strong></span>, <span><strong class="command">default-key</strong></span>,
the name of a key as its argument, as defined by a <span><strong class="command">key</strong></span> statement.
<span><strong class="command">key</strong></span> statement in <code class="filename">named.conf</code>.
<span><strong class="command">algorithm</strong></span> and <span><strong class="command">secret</strong></span>.
has two clauses: <span><strong class="command">key</strong></span> and <span><strong class="command">port</strong></span>.