Bv9ARM.ch06.html revision cebe3ec7c5ba5003acc05142d4368af2a3a261e9
5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox User>BIND 9 Configuration Reference</TITLE
827f8cccb5280f4da66c46186e792d1cb9d73503Mark AndrewsNAME="GENERATOR"
827f8cccb5280f4da66c46186e792d1cb9d73503Mark AndrewsCONTENT="Modular DocBook HTML Stylesheet Version 1.41"><LINK
287a6a8f9040dc43560cd69cddf83bfc0f53b76fTinderbox UserREL="PREVIOUS"
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsTITLE="The BIND 9 Lightweight Resolver"
950d203b64f512b85fcc093ee1e9e3e531a1aea3Tinderbox UserTITLE="BIND 9 Security Considerations"
3759f10fc543747668b1ca4b4671f35b0dea8445Francis DupontBGCOLOR="#FFFFFF"
e676a596869d8a80a644c99a848afb53d1c5975eMark AndrewsTEXT="#000000"
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsLINK="#0000FF"
3759f10fc543747668b1ca4b4671f35b0dea8445Francis DupontVLINK="#840084"
d5637bdbb931ff79fced3d4858d83212ea58ed15Tinderbox UserALINK="#0000FF"
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsCLASS="NAVHEADER"
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox UserCELLPADDING="0"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCELLSPACING="0"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsALIGN="center"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsVALIGN="bottom"
aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan HuntALIGN="center"
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox UserVALIGN="bottom"
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic UpdaterVALIGN="bottom"
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsCLASS="chapter"
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater>Chapter 6. <SPAN
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="acronym"
280a8a0544b4aeb52414d20e8c6e6c5b1108562eTinderbox User> 9 Configuration Reference</A
280a8a0544b4aeb52414d20e8c6e6c5b1108562eTinderbox User>Table of Contents</B
294e9d4c34462d29a3e766c88f452b46aeb3702fTinderbox UserHREF="Bv9ARM.ch06.html#configuration_file_elements"
e40c4e4c17d4df338e2a7db0f84d8dbb3858964cTinderbox User>Configuration File Elements</A
2ae159b376dac23870d8005563c585acf85a4b5aEvan HuntHREF="Bv9ARM.ch06.html#Configuration_File_Grammar"
2ae159b376dac23870d8005563c585acf85a4b5aEvan Hunt>Configuration File Grammar</A
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsCLASS="acronym"
827f8cccb5280f4da66c46186e792d1cb9d73503Mark Andrews> 9 configuration is broadly similar to <SPAN
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsCLASS="acronym"
e40c4e4c17d4df338e2a7db0f84d8dbb3858964cTinderbox Userthere are a few new areas of configuration, such as views. <SPAN
aef6cf0f147a5014d4891c9689b9f463399e16e7Tinderbox UserCLASS="acronym"
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson8.x configuration files should work with few alterations in <SPAN
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox UserCLASS="acronym"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews9, although more complex configurations should be reviewed to check
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox Userif they can be more efficiently implemented using the new features
efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrewsfound in <SPAN
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsCLASS="acronym"
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox UserCLASS="acronym"
280a8a0544b4aeb52414d20e8c6e6c5b1108562eTinderbox User> 4 configuration files can be converted to the new format
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsusing the shell script
91216cff91b34c9ff6e846dc23f248219cafe660Andreas GustafssonCLASS="filename"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="sect1"
e40c4e4c17d4df338e2a7db0f84d8dbb3858964cTinderbox UserNAME="configuration_file_elements"
a450977e98155f6e828fe6f8d52cf24674231831Mark Andrews>6.1. Configuration File Elements</A
e40c4e4c17d4df338e2a7db0f84d8dbb3858964cTinderbox User>Following is a list of elements used throughout the <SPAN
827f8cccb5280f4da66c46186e792d1cb9d73503Mark AndrewsCLASS="acronym"
2a31bd531072824ef252c18303859d6af7451b00Francis Dupont> configuration
e40c4e4c17d4df338e2a7db0f84d8dbb3858964cTinderbox Userfile documentation:</P
2a31bd531072824ef252c18303859d6af7451b00Francis DupontCLASS="informaltable"
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsCELLPADDING="3"
a03cb08d0c4f1ca5fbc121d2f02bdffa7eb52286Mark AndrewsCLASS="CALSTABLE"
5747235bf35e7398984fd6b4632743396895ea7aTinderbox UserVALIGN="MIDDLE"
e40c4e4c17d4df338e2a7db0f84d8dbb3858964cTinderbox UserCLASS="varname"
827f8cccb5280f4da66c46186e792d1cb9d73503Mark Andrews>acl_name</TT
e40c4e4c17d4df338e2a7db0f84d8dbb3858964cTinderbox UserVALIGN="MIDDLE"
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User>The name of an <TT
cdfc81e048bd34c1d628380247bda6b80a89e20eAutomatic UpdaterCLASS="varname"
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews>address_match_list</TT
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsdefined by the <B
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox UserCLASS="command"
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User> statement.</P
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsVALIGN="MIDDLE"
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox UserCLASS="varname"
fe80a4909bf62b602feaf246866e9d29f7654194Automatic Updater>address_match_list</TT
91216cff91b34c9ff6e846dc23f248219cafe660Andreas GustafssonVALIGN="MIDDLE"
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews>A list of one or more <TT
280a8a0544b4aeb52414d20e8c6e6c5b1108562eTinderbox UserCLASS="varname"
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic UpdaterCLASS="varname"
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User>ip_prefix</TT
280a8a0544b4aeb52414d20e8c6e6c5b1108562eTinderbox UserCLASS="varname"
133e6d43fa82e80d3798be4de00f4540f485ec6cAutomatic UpdaterCLASS="varname"
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews> elements, see
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsHREF="Bv9ARM.ch06.html#address_match_lists"
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User>Section 6.1.1</A
9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox UserVALIGN="MIDDLE"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="varname"
015055b6e23f5c08f6a5b34726f90b62597e9e45Tinderbox User>domain_name</TT
bac4435d473c9a0281507524f084480c34aa942aTinderbox UserVALIGN="MIDDLE"
f0c5e918974bf778af6cd1e25309ad13e30a79a6Tinderbox User>A quoted string which will be used as
a7c412f37cc73d0332887a746e81220cbf09dd00Mark Andrewsa DNS name, for example "<TT
7ca715ad1587a68a531ea1cdea07515d7232567eTinderbox UserCLASS="literal"
4151211e6649332f7b5a55870cbe37128bcc7b29Tinderbox UserVALIGN="MIDDLE"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="varname"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater>dotted_decimal</TT
3ec8f7777ea2b04fc1ebb63077f0916f63b1011aTinderbox UserVALIGN="MIDDLE"
b02be031b9ff37b042adc8e68e36b8bbc1f672b7Tinderbox User>One or more integers valued 0 through
933799f3641f4f78445d015008bad0038900a82aTinderbox User255 separated only by dots (`.'), such as <B
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="command"
9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic UpdaterCLASS="command"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="command"
bac4435d473c9a0281507524f084480c34aa942aTinderbox User>89.123.45.67</B
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic UpdaterVALIGN="MIDDLE"
4cda4fd158d6ded5586bacea8c388445d99611eaAutomatic UpdaterCLASS="varname"
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews>ip4_addr</TT
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsVALIGN="MIDDLE"
bac4435d473c9a0281507524f084480c34aa942aTinderbox User>An IPv4 address with exactly four elements
ba8b771c371967dd1254c7fa82ebe4158ee04b24Tinderbox UserCLASS="varname"
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews>dotted_decimal</TT
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserVALIGN="MIDDLE"
f520803b46dc189fdaf84adc87ef327d3587b435Mark AndrewsCLASS="varname"
a03cb08d0c4f1ca5fbc121d2f02bdffa7eb52286Mark Andrews>ip6_addr</TT
1bcc3273a80c256f11d9098a00ba2c041939e233Mark AndrewsVALIGN="MIDDLE"
5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox User>An IPv6 address, such as <B
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="command"
ba8b771c371967dd1254c7fa82ebe4158ee04b24Tinderbox User>fe80::200:f8ff:fe01:9742</B
e64202536ea72d8f371dd0df9fc763f8d70bf886Tinderbox UserVALIGN="MIDDLE"
91216cff91b34c9ff6e846dc23f248219cafe660Andreas GustafssonCLASS="varname"
8292deab031e7599cd7622aa7675fbe139ca6095Mark AndrewsVALIGN="MIDDLE"
c1e2310a3725eeed45e5e7c86750c64c5a02e993Francis DupontCLASS="varname"
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews>ip4_addr</TT
827f8cccb5280f4da66c46186e792d1cb9d73503Mark AndrewsCLASS="varname"
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews>ip6_addr</TT
78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark AndrewsVALIGN="MIDDLE"
827f8cccb5280f4da66c46186e792d1cb9d73503Mark AndrewsCLASS="varname"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsVALIGN="MIDDLE"
e8fc8c884b44371784805e1e0d3100da403dd3f1Automatic Updater>An IP port <TT
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsCLASS="varname"
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsCLASS="varname"
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews> is limited to 0 through 65535, with values
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrewsbelow 1024 typically restricted to root-owned processes. In some
280a8a0544b4aeb52414d20e8c6e6c5b1108562eTinderbox Usercases an asterisk (`*') character can be used as a placeholder to
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsselect a random high-numbered port.</P
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark AndrewsVALIGN="MIDDLE"
827f8cccb5280f4da66c46186e792d1cb9d73503Mark AndrewsCLASS="varname"
01a5c5503482fb3ba52088bf0178a7213273bf96Mark Andrews>ip_prefix</TT
015055b6e23f5c08f6a5b34726f90b62597e9e45Tinderbox UserVALIGN="MIDDLE"
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater>An IP network specified as an <TT
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsCLASS="varname"
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrewsfollowed by a slash (`/') and then the number of bits in the netmask.
827f8cccb5280f4da66c46186e792d1cb9d73503Mark AndrewsTrailing zeros in a <TT
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsCLASS="varname"
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews> may omitted.
3759f10fc543747668b1ca4b4671f35b0dea8445Francis DupontFor example, <B
7f79131f9a8e804b93c57f3c679065cce878b726Automatic UpdaterCLASS="command"
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson> is the network <B
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="command"
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews>127.0.0.0</B
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="command"
efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrews>255.0.0.0</B
280a8a0544b4aeb52414d20e8c6e6c5b1108562eTinderbox UserCLASS="command"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="command"
3759f10fc543747668b1ca4b4671f35b0dea8445Francis Dupont> with netmask <B
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsCLASS="command"
1bf507ca635310b340aea42d6c3e567819974a99Tinderbox User>255.255.255.240</B
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserVALIGN="MIDDLE"
a5636b773fa05a272b6876afd99309c0b3090e2fMark AndrewsCLASS="varname"
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsVALIGN="MIDDLE"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="varname"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington>domain_name</TT
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington> representing
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellingtonthe name of a shared key, to be used for transaction security.</P
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonVALIGN="MIDDLE"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="varname"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonVALIGN="MIDDLE"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington>A list of one or more <TT
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="varname"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellingtonseparated by semicolons and ending with a semicolon.</P
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonVALIGN="MIDDLE"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="varname"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonVALIGN="MIDDLE"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington>A non-negative integer with an entire
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellingtonrange limited by the range of a C language signed integer (2,147,483,647
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellingtonon a machine with 32 bit integers). Its acceptable value might further
f520803b46dc189fdaf84adc87ef327d3587b435Mark Andrewsbe limited by the context in which it is used.</P
646fed0d28be4387e3e32fb0f5732a1f58b572baTinderbox UserVALIGN="MIDDLE"
ae7e54b14c946e0984c191554db9abb4893f9349Automatic UpdaterCLASS="varname"
ae7e54b14c946e0984c191554db9abb4893f9349Automatic UpdaterVALIGN="MIDDLE"
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updater>A quoted string which will be used as
ae7e54b14c946e0984c191554db9abb4893f9349Automatic Updatera pathname, such as <TT
ae7e54b14c946e0984c191554db9abb4893f9349Automatic UpdaterCLASS="filename"
c11c7b47726c02eb05e29ff7be56a3343146e396Tinderbox UserVALIGN="MIDDLE"
c11c7b47726c02eb05e29ff7be56a3343146e396Tinderbox UserCLASS="varname"
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews>size_spec</TT
c11c7b47726c02eb05e29ff7be56a3343146e396Tinderbox UserVALIGN="MIDDLE"
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews>A number, the word <TT
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="userinput"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews>unlimited</B
280a8a0544b4aeb52414d20e8c6e6c5b1108562eTinderbox Useror the word <TT
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="userinput"
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsCLASS="varname"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews>size_spec</TT
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews> is that of unsigned long integers
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewson the machine. An <TT
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="varname"
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews>unlimited</TT
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="varname"
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User>size_spec</TT
3759f10fc543747668b1ca4b4671f35b0dea8445Francis Dupont> requests unlimited
3759f10fc543747668b1ca4b4671f35b0dea8445Francis Dupontuse, or the maximum available amount. A <TT
3759f10fc543747668b1ca4b4671f35b0dea8445Francis DupontCLASS="varname"
3759f10fc543747668b1ca4b4671f35b0dea8445Francis Dupont>default size_spec</TT
3759f10fc543747668b1ca4b4671f35b0dea8445Francis Dupontthe limit that was in force when the server was started.</P
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsCLASS="varname"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellingtonoptionally be followed by a scaling factor: <TT
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="userinput"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="userinput"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellingtonkilobytes, <TT
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="userinput"
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark AndrewsCLASS="userinput"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsmegabytes, and <TT
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="userinput"
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsCLASS="userinput"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews> for gigabytes,
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrewswhich scale by 1024, 1024*1024, and 1024*1024*1024 respectively.</P
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updaterstorage overflow is currently silently ignored during conversion
3759f10fc543747668b1ca4b4671f35b0dea8445Francis Dupontof scaled values, resulting in values less than intended, possibly
bac4435d473c9a0281507524f084480c34aa942aTinderbox Usereven negative. Using <TT
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsCLASS="varname"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington>unlimited</TT
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews> is the best way
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrewsto safely set a really large number.</P
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonVALIGN="MIDDLE"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="varname"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington>yes_or_no</TT
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark AndrewsVALIGN="MIDDLE"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="userinput"
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsCLASS="userinput"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="userinput"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="userinput"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updateralso accepted, as are the numbers <TT
3759f10fc543747668b1ca4b4671f35b0dea8445Francis DupontCLASS="userinput"
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsCLASS="userinput"
3759f10fc543747668b1ca4b4671f35b0dea8445Francis DupontVALIGN="MIDDLE"
3759f10fc543747668b1ca4b4671f35b0dea8445Francis DupontCLASS="varname"
3759f10fc543747668b1ca4b4671f35b0dea8445Francis Dupont>dialup_option</TT
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark AndrewsVALIGN="MIDDLE"
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark AndrewsCLASS="userinput"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="userinput"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="userinput"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="userinput"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews>notify-passive</B
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="userinput"
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsCLASS="userinput"
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsWhen used in a zone, <TT
280a8a0544b4aeb52414d20e8c6e6c5b1108562eTinderbox UserCLASS="userinput"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews>notify-passive</B
646fed0d28be4387e3e32fb0f5732a1f58b572baTinderbox UserCLASS="userinput"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="userinput"
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox Userare restricted to slave and stub zones.</P
532d27b39244fadfcf8d8b4593f4c65434c9c664Automatic UpdaterNAME="address_match_lists"
532d27b39244fadfcf8d8b4593f4c65434c9c664Automatic Updater>6.1.1. Address Match Lists</A
1a63fb1d1448ed3f8fd7227ae57be67c2e71279eMark AndrewsCLASS="sect3"
ae454ec746d1d4db8d04e107d4d25ff13158c37fMark AndrewsNAME="AEN1206"
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews>6.1.1.1. Syntax</A
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark AndrewsCLASS="programlisting"
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark AndrewsCLASS="varname"
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews>address_match_list</TT
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews> = address_match_list_element ;
7c8e44a2dc1121dbe3b615c9c934f37fb1741bb9Tinderbox UserCLASS="optional"
93089a352d6903b0d7845a039de4ec2df9a0e35aTinderbox User> address_match_list_element; ... </SPAN
e8c17c74535be290abaaa160a434ed80bf0ad2feMark AndrewsCLASS="varname"
93089a352d6903b0d7845a039de4ec2df9a0e35aTinderbox User>address_match_list_element</TT
9c446b72069d0ab9f710502f4d7048e50875fccbAutomatic UpdaterCLASS="optional"
665ba746c0585088d0c314dcfc4671aa2c7b2dc1Automatic Updater>] (ip_address [<SPAN
9e898948ed76bf5f175bf178866c90c449843c3eTinderbox UserCLASS="optional"
933799f3641f4f78445d015008bad0038900a82aTinderbox User>/length</SPAN
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater key key_id | acl_name | { address_match_list } )
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater>6.1.1.2. Definition and Usage</A
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater>Address match lists are primarily used to determine access
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updatercontrol for various server operations. They are also used to define
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updaterpriorities for querying other nameservers and to set the addresses
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic UpdaterCLASS="command"
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater> will listen for queries. The elements
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updaterwhich constitute an address match list can be any of the following:</P
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater>an IP address (IPv4 or IPv6)</P
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater>an IP prefix (in the `/'-notation)</P
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater>a key ID, as defined by the key statement</P
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic Updater>the name of an address match list previously defined with
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic UpdaterCLASS="command"
bbc0e1c4f47f101c4a64db3469352c49a49e734fTinderbox User> statement</P
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User>a nested address match list enclosed in braces</P
3040b455151b1e1173193933664b2891b6159f24Mark Andrews>Elements can be negated with a leading exclamation mark (`!')
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox Userand the match list names "any," "none," "localhost" and "localnets"
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updaterare predefined. More information on those names can be found in
bf8c3776f1bf1a1270e5e0443ae5a8df022632a8Mark Andrewsthe description of the acl statement.</P
bf8c3776f1bf1a1270e5e0443ae5a8df022632a8Mark Andrews>The addition of the key clause made the name of this syntactic
bf8c3776f1bf1a1270e5e0443ae5a8df022632a8Mark Andrewselement something of a misnomer, since security keys can be used
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updaterto validate access without regard to a host or network address. Nonetheless,
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updaterthe term "address match list" is still used throughout the documentation.</P
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater>When a given IP address or prefix is compared to an address
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updatermatch list, the list is traversed in order until an element matches.
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic UpdaterThe interpretation of a match depends on whether the list is being used
1404d301dd9e7e487a247b803f63909cd10cdf72Tinderbox Userfor access control, defining listen-on ports, or as a topology,
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox Userand whether the element was negated.</P
ec8755f605d7dcb2de1076040e77bc2d7ec33b4aTinderbox User>When used as an access control list, a non-negated match allows
4ea3649f028ea6a1e42377082a7ccf8f789fb950Automatic Updateraccess and a negated match denies access. If there is no match,
40072ce70bc4125329addb4aaa56d18a1230bc17Automatic Updateraccess is denied. The clauses <B
60d5d17479b47c03b9c7c86f54269718103750b8Automatic UpdaterCLASS="command"
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater>allow-notify</B
60d5d17479b47c03b9c7c86f54269718103750b8Automatic UpdaterCLASS="command"
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updater>allow-query</B
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic UpdaterCLASS="command"
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater>allow-transfer</B
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic UpdaterCLASS="command"
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updater>allow-update</B
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic UpdaterCLASS="command"
19dbf2e20df03f2b81ed1f347e27718084374059Automatic Updateruse address match lists this. Similarly, the listen-on option will cause
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updaterthe server to not accept queries on any of the machine's addresses
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updaterwhich do not match the list.</P
1404d301dd9e7e487a247b803f63909cd10cdf72Tinderbox User>When used with the topology clause, a non-negated match returns
a308b69ac66fadf66863484f301314d6e6a3f1d2Automatic Updatera distance based on its position on the list (the closer the match
a308b69ac66fadf66863484f301314d6e6a3f1d2Automatic Updateris to the start of the list, the shorter the distance is between
a308b69ac66fadf66863484f301314d6e6a3f1d2Automatic Updaterit and the server). A negated match will be assigned the maximum
a308b69ac66fadf66863484f301314d6e6a3f1d2Automatic Updaterdistance from the server. If there is no match, the address will
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updaterget a distance which is further than any non-negated list element,
31a540386a9abaf681d8952f1b2cdf5c75a0ba6cAutomatic Updaterand closer than any negated element.</P
3040b455151b1e1173193933664b2891b6159f24Mark Andrews>Because of the first-match aspect of the algorithm, an element
1404d301dd9e7e487a247b803f63909cd10cdf72Tinderbox Userthat defines a subset of another element in the list should come
3e1a17d65ec6227900f388ba2f7561365f7d4f5cTinderbox Userbefore the broader element, regardless of whether either is negated. For
3759f10fc543747668b1ca4b4671f35b0dea8445Francis DupontCLASS="command"
8aa098c6334de11c8fd117d30851cc457813c410Mark Andrews> the 1.2.3.13 element is
8aa098c6334de11c8fd117d30851cc457813c410Mark Andrewscompletely useless because the algorithm will match any lookup for
2beefc22e6debdb72d7b2a069787ff565fc79ec4Tinderbox UserCLASS="command"
cc17f4a672fc4ce67327902dd797c4465f12c4c9Mark Andrewsthat problem by having 1.2.3.13 blocked by the negation but all
4fe0411487e8e4401477684c0a2bac041ca7c2d5Tinderbox Userother 1.2.3.* hosts fall through.</P
a03cb08d0c4f1ca5fbc121d2f02bdffa7eb52286Mark AndrewsCLASS="sect2"
fa0326cc2cf428f67575b6ba3b97b528a31b0010Tinderbox UserNAME="AEN1243"
a03cb08d0c4f1ca5fbc121d2f02bdffa7eb52286Mark Andrews>6.1.2. Comment Syntax</A
a03cb08d0c4f1ca5fbc121d2f02bdffa7eb52286Mark AndrewsCLASS="acronym"
f45f40ec2814a5ff1ed443c968772a1b2e25c462Mark Andrews> 9 comment syntax allows for comments to appear
f45f40ec2814a5ff1ed443c968772a1b2e25c462Mark Andrews anywhere that white space may appear in a <SPAN
82a986aaa5d3384a541b5a7d6dae8cf0726d6513Tinderbox UserCLASS="acronym"
2bd56b2684882faf74a2b29cb0914e6671d8005bTinderbox User> configuration
d642d3857129678797a01adee14fbd70335b05a9Mark Andrews file. To appeal to programmers of all kinds, they can be written
e676a596869d8a80a644c99a848afb53d1c5975eMark AndrewsCLASS="sect3"
11b6b0d74bb8dd6bd1ce0b60ba7f9b66323f06d4Tinderbox UserNAME="AEN1248"
11b6b0d74bb8dd6bd1ce0b60ba7f9b66323f06d4Tinderbox User>6.1.2.1. Syntax</A
05d81eae94425a5124e07626af4bcc178960bd0eMark AndrewsCLASS="programlisting"
05d81eae94425a5124e07626af4bcc178960bd0eMark Andrews>/* This is a <SPAN
05d81eae94425a5124e07626af4bcc178960bd0eMark AndrewsCLASS="acronym"
05d81eae94425a5124e07626af4bcc178960bd0eMark Andrews> comment as in C */</PRE
05d81eae94425a5124e07626af4bcc178960bd0eMark AndrewsCLASS="programlisting"
05d81eae94425a5124e07626af4bcc178960bd0eMark Andrews>// This is a <SPAN
05d81eae94425a5124e07626af4bcc178960bd0eMark AndrewsCLASS="acronym"
82a986aaa5d3384a541b5a7d6dae8cf0726d6513Tinderbox User> comment as in C++</PRE
789875a1bd6d50c00d3bd883cad17ead1d3c21cdMark AndrewsCLASS="programlisting"
c0cc232ba92b92c1c5a48d49449ef56f7ca05b56Tinderbox User># This is a <SPAN
76fbdc591b3d46df28878a6ff844798622b85265Tinderbox UserCLASS="acronym"
08a1e53c738c425390557196a2ba5039e5afd364Mark Andrews> comment as in common UNIX shells and perl</PRE
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsCLASS="sect3"
e676a596869d8a80a644c99a848afb53d1c5975eMark AndrewsCLASS="sect3"
e676a596869d8a80a644c99a848afb53d1c5975eMark AndrewsNAME="AEN1257"
3040b455151b1e1173193933664b2891b6159f24Mark Andrews>6.1.2.2. Definition and Usage</A
1efe84be7849c5327001ad7dbad93d92c66c1389Mark Andrews>Comments may appear anywhere that whitespace may appear in
f6ba5791728d244650c1887d8dd8ed771fd50a1dMark AndrewsCLASS="acronym"
95c3a5e116c1da135f669c3f15398172fac6279dMark Andrews> configuration file.</P
b123be91958e0bc58a10c165be64d47661199e3bEvan Hunt>C-style comments start with the two characters /* (slash,
b123be91958e0bc58a10c165be64d47661199e3bEvan Huntstar) and end with */ (star, slash). Because they are completely
b123be91958e0bc58a10c165be64d47661199e3bEvan Huntdelimited with these characters, they can be used to comment only
b123be91958e0bc58a10c165be64d47661199e3bEvan Hunta portion of a line or to span multiple lines.</P
b123be91958e0bc58a10c165be64d47661199e3bEvan Hunt>C-style comments cannot be nested. For example, the following
b123be91958e0bc58a10c165be64d47661199e3bEvan Huntis not valid because the entire comment ends with the first */:</P
9e898948ed76bf5f175bf178866c90c449843c3eTinderbox UserCLASS="programlisting"
9e898948ed76bf5f175bf178866c90c449843c3eTinderbox User>/* This is the start of a comment.
b123be91958e0bc58a10c165be64d47661199e3bEvan Hunt This is still part of the comment.
b123be91958e0bc58a10c165be64d47661199e3bEvan Hunt/* This is an incorrect attempt at nesting a comment. */
b123be91958e0bc58a10c165be64d47661199e3bEvan Hunt This is no longer in any comment. */
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater>C++-style comments start with the two characters // (slash,
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updaterslash) and continue to the end of the physical line. They cannot
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updaterbe continued across multiple physical lines; to have one logical
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updatercomment span multiple lines, each line must use the // pair.</P
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater>For example:</P
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic UpdaterCLASS="programlisting"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater>// This is the start of a comment. The next line
9c2cf9e2017e6dd196e3b866808f32c6206eeedcMark Andrews// is a new comment, even though it is logically
9c2cf9e2017e6dd196e3b866808f32c6206eeedcMark Andrews// part of the previous comment.
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews>Shell-style (or perl-style, if you prefer) comments start
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrewswith the character <TT
9f8051ea406dc3d98bb205df82cfc4d668a25d6eTinderbox UserCLASS="literal"
8f3657636521817d2971ae29aa3fb66e33709753Mark Andrews> (number sign) and continue to the end of the
66458d12f373fb75e8543d36fd76864a7567057bTinderbox Userphysical line, as in C++ comments.</P
f525041ae26958385b697cf82a30f108577024b6Tinderbox User>For example:</P
be0d1ec971748020cb0382e02b4642b493ea1e7bTinderbox UserCLASS="programlisting"
f525041ae26958385b697cf82a30f108577024b6Tinderbox User># This is the start of a comment. The next line
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews# is a new comment, even though it is logically
5b56652059e2c22185a0b2bb1f5e58eb89a44426Tinderbox User# part of the previous comment.
c19bf21885cdf78b52eee017dc1189a300657995Tinderbox UserCLASS="warning"
ff62ab3c2e6274f19190ded15548c723d38bbbe3Automatic UpdaterCLASS="warning"
e20309353e6246485c521278131d3fced73d7957Tinderbox UserALIGN="CENTER"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater>WARNING: you cannot use the semicolon (`;') character
bac4435d473c9a0281507524f084480c34aa942aTinderbox User to start a comment such as you would in a zone file. The
ecbc7ebb243a1f8a5dc6f28185ffe9e61d3b2102Mark Andrews semicolon indicates the end of a configuration
21b353c36cb484d022a0df8cb39c602649a46ae6Tinderbox User statement.</P
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark AndrewsCLASS="sect1"
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark AndrewsNAME="Configuration_File_Grammar"
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark Andrews>6.2. Configuration File Grammar</A
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark AndrewsCLASS="acronym"
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark Andrews> 9 configuration consists of statements and comments.
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark Andrews Statements end with a semicolon. Statements and comments are the
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark Andrews only elements that can appear without enclosing braces. Many
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark Andrews statements contain a block of substatements, which are also
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark Andrews terminated with a semicolon.</P
b30ec46fec40a1b246f7965fbcd341fc6cfd1cc1Mark Andrews>The following statements are supported:</P
95c3a5e116c1da135f669c3f15398172fac6279dMark AndrewsCLASS="informaltable"
95c3a5e116c1da135f669c3f15398172fac6279dMark AndrewsCELLPADDING="3"
d58e33bfabfee19a035031dac633d36659738d56Evan HuntCLASS="CALSTABLE"
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox UserVALIGN="MIDDLE"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="command"
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserVALIGN="MIDDLE"
fa0326cc2cf428f67575b6ba3b97b528a31b0010Tinderbox User>defines a named IP address
fca737c98d2be3ef944cc96320c040fdb5f160e3Tinderbox Usermatching list, for access control and other uses.</P
51374c645c0e6dd77c369c13834c751785f96f14Tinderbox UserVALIGN="MIDDLE"
7f814b8b164ae04916a8487cdc5e88ee3ff51a58Automatic UpdaterCLASS="command"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterVALIGN="MIDDLE"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater>declares control channels to be used
7f814b8b164ae04916a8487cdc5e88ee3ff51a58Automatic UpdaterCLASS="command"
9fa39c73fc1d8bc44fdbbb79a1d26b837e7dd555Mark AndrewsVALIGN="MIDDLE"
d58e33bfabfee19a035031dac633d36659738d56Evan HuntCLASS="command"
3040b455151b1e1173193933664b2891b6159f24Mark AndrewsVALIGN="MIDDLE"
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt>includes a file.</P
d2247b4740cc5f740bf7d89ef9ce67fef015c95cMark AndrewsVALIGN="MIDDLE"
8bc194b266a17f89e6c54469d4dfbb408070f39eMark AndrewsCLASS="command"
8711e5c73ca872d59810760af0332194cbdd619bAutomatic UpdaterVALIGN="MIDDLE"
8711e5c73ca872d59810760af0332194cbdd619bAutomatic Updater>specifies key information for use in
b6561016dc8a813bfd91cef5b876b3dfc3f08ffaTinderbox Userauthentication and authorization using TSIG.</P
e5bf83fe0bbca838a0749e9071bd76d9ee0fb59bFrancis DupontVALIGN="MIDDLE"
4dca64bb8991502db368028aeeba2f832d3b971dAutomatic UpdaterCLASS="command"
ead8aa3182c5805fccb6c7c1636cede6a24a5fc1Automatic UpdaterVALIGN="MIDDLE"
ead8aa3182c5805fccb6c7c1636cede6a24a5fc1Automatic Updater>specifies what the server logs, and where
7169f76a893666eb20fc7750782e7f411db742d6Tinderbox Userthe log messages are sent.</P
ead8aa3182c5805fccb6c7c1636cede6a24a5fc1Automatic UpdaterVALIGN="MIDDLE"
ead8aa3182c5805fccb6c7c1636cede6a24a5fc1Automatic UpdaterCLASS="command"
229ea4644b3a7d9c7fdaa43888e7f55ba01e2ee3Automatic UpdaterVALIGN="MIDDLE"
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User>controls global server configuration
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updateroptions and sets defaults for other statements.</P
a450977e98155f6e828fe6f8d52cf24674231831Mark AndrewsVALIGN="MIDDLE"
a450977e98155f6e828fe6f8d52cf24674231831Mark AndrewsCLASS="command"
50fa300826799727204b93cbe63bebc341c5eadeTinderbox UserVALIGN="MIDDLE"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater>sets certain configuration options on
2da2220fe7af2c45724b50b0187523b1fab0cf08Rob Austeina per-server basis.</P
e21f41f6504b3381be86cbe7f457f9ee1fff947bTinderbox UserVALIGN="MIDDLE"
19ad308d84cbf446a144e5a91f2032389a9d65c1Tinderbox UserCLASS="command"
22bed5c0fa8aa33ebca97235c0509db335440811Tinderbox User>trusted-keys</B
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterVALIGN="MIDDLE"
af9cf290cea6ada6ce27b51c724ab77ad5d73fa0Tinderbox User>defines trusted DNSSEC keys.</P
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic UpdaterVALIGN="MIDDLE"
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic UpdaterCLASS="command"
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic UpdaterVALIGN="MIDDLE"
28a5dd720187fddb16055a0f64b63a7b66f29f64Mark Andrews>defines a view.</P
c53a6f37deaa396660adb6a4ca600c4a58adfd3fAutomatic UpdaterVALIGN="MIDDLE"
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox UserCLASS="command"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterVALIGN="MIDDLE"
e20309353e6246485c521278131d3fced73d7957Tinderbox User>defines a zone.</P
76fbdc591b3d46df28878a6ff844798622b85265Tinderbox UserCLASS="command"
1921b850640ae984448e8b87870c8527fa9cddb6Evan HuntCLASS="command"
1921b850640ae984448e8b87870c8527fa9cddb6Evan Hunt> statements may only occur once per
1921b850640ae984448e8b87870c8527fa9cddb6Evan Hunt configuration.</P
1921b850640ae984448e8b87870c8527fa9cddb6Evan HuntCLASS="sect2"
91d187ce035f39073f0732ff2a401a45c3c955fbMark AndrewsNAME="AEN1350"
ae454ec746d1d4db8d04e107d4d25ff13158c37fMark AndrewsCLASS="command"
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews> Statement Grammar</A
ae454ec746d1d4db8d04e107d4d25ff13158c37fMark AndrewsCLASS="programlisting"
91d187ce035f39073f0732ff2a401a45c3c955fbMark AndrewsCLASS="command"
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews address_match_list
91d187ce035f39073f0732ff2a401a45c3c955fbMark AndrewsCLASS="sect2"
a80993946f29ff39df38818ee9b2e58a4e46cb7eTinderbox UserCLASS="command"
3040b455151b1e1173193933664b2891b6159f24Mark Andrews> Statement Definition and
a80993946f29ff39df38818ee9b2e58a4e46cb7eTinderbox UserCLASS="command"
ac2e2800b4ac9cbe4cb756d967f4583c611eb75eMark Andrews> statement assigns a symbolic
ac2e2800b4ac9cbe4cb756d967f4583c611eb75eMark Andrews name to an address match list. It gets its name from a primary
ac2e2800b4ac9cbe4cb756d967f4583c611eb75eMark Andrews use of address match lists: Access Control Lists (ACLs).</P
ac2e2800b4ac9cbe4cb756d967f4583c611eb75eMark Andrews>Note that an address match list's name must be defined
ac2e2800b4ac9cbe4cb756d967f4583c611eb75eMark AndrewsCLASS="command"
ac2e2800b4ac9cbe4cb756d967f4583c611eb75eMark Andrews> before it can be used elsewhere; no
ac2e2800b4ac9cbe4cb756d967f4583c611eb75eMark Andrews forward references are allowed.</P
ac2e2800b4ac9cbe4cb756d967f4583c611eb75eMark Andrews>The following ACLs are built-in:</P
ac2e2800b4ac9cbe4cb756d967f4583c611eb75eMark AndrewsCLASS="informaltable"
ac2e2800b4ac9cbe4cb756d967f4583c611eb75eMark AndrewsCELLPADDING="3"
ac2e2800b4ac9cbe4cb756d967f4583c611eb75eMark AndrewsCLASS="CALSTABLE"
3349f0044fda807e1fd6681c833d3593a22dad86Tinderbox UserVALIGN="MIDDLE"
3349f0044fda807e1fd6681c833d3593a22dad86Tinderbox UserCLASS="command"
09ee43766e232bd04066445db114c2703dd02bf8Tinderbox UserVALIGN="MIDDLE"
08190bd4d89153cee463b34f9233ad6dd88965fcMark Andrews>Matches all hosts.</P
51374c645c0e6dd77c369c13834c751785f96f14Tinderbox UserVALIGN="MIDDLE"
51374c645c0e6dd77c369c13834c751785f96f14Tinderbox UserCLASS="command"
51374c645c0e6dd77c369c13834c751785f96f14Tinderbox UserVALIGN="MIDDLE"
51374c645c0e6dd77c369c13834c751785f96f14Tinderbox User>Matches no hosts.</P
48dfee71508886d86fe8fb12f91961b5daf3141dMark AndrewsVALIGN="MIDDLE"
48dfee71508886d86fe8fb12f91961b5daf3141dMark AndrewsCLASS="command"
48dfee71508886d86fe8fb12f91961b5daf3141dMark Andrews>localhost</B
48dfee71508886d86fe8fb12f91961b5daf3141dMark AndrewsVALIGN="MIDDLE"
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User>Matches the IP addresses of all interfaces
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox Useron the system.</P
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox UserVALIGN="MIDDLE"
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox UserCLASS="command"
f09f1bf18e3ad40a0e8a6cc3dabf1c11f04992cbMark AndrewsVALIGN="MIDDLE"
3040b455151b1e1173193933664b2891b6159f24Mark Andrews>Matches any host on a network for which
3040b455151b1e1173193933664b2891b6159f24Mark Andrewsthe system has an interface.</P
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark AndrewsCLASS="sect2"
169f44b082b340b952e26c0fdb930c102a957752Mark AndrewsCLASS="command"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater> Statement Grammar</A
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="programlisting"
e007e3e5b0316c6c05698a71101885743aca22bdAutomatic UpdaterCLASS="command"
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews inet ( ip_addr | * ) [<SPAN
03ebc228ee3725738b067b6bd7082a9a731822a1Tinderbox UserCLASS="optional"
3e9c07abfd4ad76b1f8085f0f96f5646f2d9e219Tinderbox User> port ip_port </SPAN
1a63fb1d1448ed3f8fd7227ae57be67c2e71279eMark AndrewsCLASS="replaceable"
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews> address_match_list </I
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark AndrewsCLASS="replaceable"
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews> key_list </I
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark AndrewsCLASS="optional"
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews> inet ...; </SPAN
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark AndrewsCLASS="sect2"
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark AndrewsNAME="AEN1401"
180319f572fb6c1ca7000d22ea79a8dd77ae3f91Evan HuntCLASS="command"
1a63fb1d1448ed3f8fd7227ae57be67c2e71279eMark Andrews> Statement Definition and
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark AndrewsCLASS="command"
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews> statement declares control
2a3eef7f65270e3f9a954573d866b368b7857584Tinderbox User channels to be used by system administrators to affect the
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews operation of the local nameserver. These control channels are
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark Andrews used by the <B
8e5fce1f9ceba17dd7e3ff0eb287e1e999c14249Mark AndrewsCLASS="command"
95de440e8d2b07bb130505b4146059e5734e2eeaTinderbox User> utility to send commands to
9e898948ed76bf5f175bf178866c90c449843c3eTinderbox User and retrieve non-DNS results from a nameserver.</P
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="command"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater socket accessible to the Internet, created at the specified
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="command"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater> on the specified
fa0326cc2cf428f67575b6ba3b97b528a31b0010Tinderbox UserCLASS="command"
7adcb4de92bf4383a4c5624c4ed256736d02bc6dMark Andrews>. If no port is specified, port 953
3040b455151b1e1173193933664b2891b6159f24Mark Andrews is used by default. "*" cannot be used for
95cfad51a3f71246d263af79a7861a6821f7a0beAutomatic UpdaterCLASS="command"
3040b455151b1e1173193933664b2891b6159f24Mark Andrews>The ability to issue commands over the control channel is
e80c7005e3d59dfeb04dad186d36f3c15622954cTinderbox User restricted by the <B
e135e3c4b1f4f986f00997f5ad5866effb203139Tinderbox UserCLASS="command"
5ecad47f69b3fd945472ab2900a9ff826a7ce2f6Automatic UpdaterCLASS="command"
3040b455151b1e1173193933664b2891b6159f24Mark Andrews> clauses. Connections to the control
5ecad47f69b3fd945472ab2900a9ff826a7ce2f6Automatic Updater channel are permitted based on the address permissions in
08d53af7d51409036462fa80fb1bde7a8c2ac123Automatic UpdaterCLASS="command"
08d53af7d51409036462fa80fb1bde7a8c2ac123Automatic Updater>address_match_list</B
ec7751119a08c6a7250f3187beed69a8b836d349Tinderbox UserCLASS="command"
5ecad47f69b3fd945472ab2900a9ff826a7ce2f6Automatic Updater members of the <B
5ecad47f69b3fd945472ab2900a9ff826a7ce2f6Automatic UpdaterCLASS="command"
8aa098c6334de11c8fd117d30851cc457813c410Mark Andrews>address_match_list</B
a66012b52c20200f118781463db4e4ee44454298Automatic Updater ignored, and instead are interpreted independently based the
3040b455151b1e1173193933664b2891b6159f24Mark AndrewsCLASS="command"
2beefc22e6debdb72d7b2a069787ff565fc79ec4Tinderbox UserCLASS="command"
2fd1e3918971180155c10d09454a277f015daecaAutomatic UpdaterCLASS="command"
18920d790825d96ca3943aa2dcb6eb80dc611c5fTinderbox User> is allowed to be used to
2fd1e3918971180155c10d09454a277f015daecaAutomatic Updater authenticate commands and responses given over the control
2fd1e3918971180155c10d09454a277f015daecaAutomatic Updater channel by digitally signing each message between the server and
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox User a command client (See <A
18920d790825d96ca3943aa2dcb6eb80dc611c5fTinderbox User>Remote Name Daemon Control application</I
f0877b0237674d0519006ca7f8436e5f92250d30Mark AndrewsHREF="Bv9ARM.ch03.html#admin_tools"
c849f7acb025c73f56a8e28902a473f2aeaba39fTinderbox User>Section 3.4.1.2</A
f0877b0237674d0519006ca7f8436e5f92250d30Mark Andrews>). All commands to the control channel
c849f7acb025c73f56a8e28902a473f2aeaba39fTinderbox User must be signed by one of its specified keys to
c849f7acb025c73f56a8e28902a473f2aeaba39fTinderbox User be honored.</P
c849f7acb025c73f56a8e28902a473f2aeaba39fTinderbox User>The UNIX control channel type of <SPAN
c849f7acb025c73f56a8e28902a473f2aeaba39fTinderbox UserCLASS="acronym"
c849f7acb025c73f56a8e28902a473f2aeaba39fTinderbox User> 8 is not supported
c849f7acb025c73f56a8e28902a473f2aeaba39fTinderbox UserCLASS="acronym"
c849f7acb025c73f56a8e28902a473f2aeaba39fTinderbox User> 9.0.0, and is not expected to be added in future
c849f7acb025c73f56a8e28902a473f2aeaba39fTinderbox User releases. If it is present in the controls statement from a
c849f7acb025c73f56a8e28902a473f2aeaba39fTinderbox UserCLASS="acronym"
fdd0516065be2316409d0cc7dfb4e4f54eadc5afMark Andrews> 8 configuration file, a non-fatal warning will be
c849f7acb025c73f56a8e28902a473f2aeaba39fTinderbox UserNAME="AEN1427"
f0877b0237674d0519006ca7f8436e5f92250d30Mark AndrewsCLASS="command"
2beefc22e6debdb72d7b2a069787ff565fc79ec4Tinderbox User> Statement Grammar</A
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="programlisting"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonCLASS="replaceable"
c2abd6efeb9affa70aabb63da2acb23e135cf7f2Mark AndrewsCLASS="sect2"
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox UserNAME="AEN1432"
9e898948ed76bf5f175bf178866c90c449843c3eTinderbox UserCLASS="command"
03ebc228ee3725738b067b6bd7082a9a731822a1Tinderbox User> Statement Definition and
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="command"
d145b64cacc8d9cda51f9924ec70cd4661c3e2cfAutomatic Updater> statement inserts the
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater specified file at the point that the <B
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="command"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater statement is encountered. The <B
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserCLASS="command"
cc17f4a672fc4ce67327902dd797c4465f12c4c9Mark Andrews statement facilitates the administration of configuration files
cc17f4a672fc4ce67327902dd797c4465f12c4c9Mark Andrews by permitting the reading or writing of some things but not
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater others. For example, the statement could include private keys
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater that are readable only by a nameserver.</P
c855e7170a7ddb5d4ebab69a771f35dc93e95e43Mark AndrewsCLASS="sect2"
c855e7170a7ddb5d4ebab69a771f35dc93e95e43Mark AndrewsNAME="AEN1439"
2beefc22e6debdb72d7b2a069787ff565fc79ec4Tinderbox UserCLASS="command"
7fdbd6fc9df8728852ccaecb2d66241ab96a4084Tinderbox User> Statement Grammar</A
5f7586ddbd3edd11272cdd30ed613d936129328bTinderbox UserCLASS="programlisting"
4fda24d843edac463c98785ec0c850d912592dc1Tinderbox UserCLASS="replaceable"
3040b455151b1e1173193933664b2891b6159f24Mark AndrewsCLASS="replaceable"
4aec4843241dca64de7eb6363944df0b09cb83ecTinderbox UserCLASS="replaceable"
1404d301dd9e7e487a247b803f63909cd10cdf72Tinderbox UserNAME="AEN1446"
1404d301dd9e7e487a247b803f63909cd10cdf72Tinderbox UserCLASS="command"
e40c4e4c17d4df338e2a7db0f84d8dbb3858964cTinderbox User> Statement Definition and Usage</A
601c1908d06375f5dea00ab98671a6c934d8a840Automatic UpdaterCLASS="command"
601c1908d06375f5dea00ab98671a6c934d8a840Automatic Updater> statement defines a shared
11b6b0d74bb8dd6bd1ce0b60ba7f9b66323f06d4Tinderbox User secret key for use with TSIG, see <A
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater>Section 4.4</A
e40c4e4c17d4df338e2a7db0f84d8dbb3858964cTinderbox UserCLASS="replaceable"
ac2ad7b4e4e41e7e788dbe103c581f1605209d3bTinderbox User>, also known as the
ac2ad7b4e4e41e7e788dbe103c581f1605209d3bTinderbox User key name, is a domain name uniquely identifying the key. It can
ac2ad7b4e4e41e7e788dbe103c581f1605209d3bTinderbox User be used in a "server" statement to cause requests sent to that
7c8e44a2dc1121dbe3b615c9c934f37fb1741bb9Tinderbox User server to be signed with this key, or in address match lists to
12ee3c02ab36d7e7430bd705cc289db1a69a5733Mark Andrews verify that incoming requests have been signed with a key
601c1908d06375f5dea00ab98671a6c934d8a840Automatic Updater matching this name, algorithm, and secret.</P
601c1908d06375f5dea00ab98671a6c934d8a840Automatic UpdaterCLASS="replaceable"
e676a596869d8a80a644c99a848afb53d1c5975eMark Andrews>algorithm_id</I
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrews> is a string
8ccd7da886e93cd490fcb6f4c4e98a6514f35820Automatic Updater that specifies a security/authentication algorithm. The only
cd839f5cf5f84cf163f55ff05cb88ce37efd24d1Automatic Updater algorithm currently supported with TSIG authentication is
cd839f5cf5f84cf163f55ff05cb88ce37efd24d1Automatic UpdaterCLASS="literal"
3040b455151b1e1173193933664b2891b6159f24Mark Andrews>hmac-md5</TT
735e1ed9685077e25f744d692acf77c5bf5d4490Tinderbox UserCLASS="replaceable"
d642d3857129678797a01adee14fbd70335b05a9Mark Andrews>secret_string</I
fd8fb4df8499e292daeac765f599ac7c507d9ca3Mark Andrews> is the secret to be
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User used by the algorithm, and is treated as a base-64 encoded
3040b455151b1e1173193933664b2891b6159f24Mark AndrewsCLASS="sect2"
c95f536d78842fbc8ebcef653d88e1f2270054f8Automatic UpdaterCLASS="command"
c95f536d78842fbc8ebcef653d88e1f2270054f8Automatic Updater> Statement Grammar</A
3040b455151b1e1173193933664b2891b6159f24Mark AndrewsCLASS="programlisting"
7c8e44a2dc1121dbe3b615c9c934f37fb1741bb9Tinderbox UserCLASS="command"
bac4435d473c9a0281507524f084480c34aa942aTinderbox UserCLASS="command"
bac4435d473c9a0281507524f084480c34aa942aTinderbox UserCLASS="replaceable"
bac4435d473c9a0281507524f084480c34aa942aTinderbox User>channel_name</I
3759f10fc543747668b1ca4b4671f35b0dea8445Francis DupontCLASS="command"
bac4435d473c9a0281507524f084480c34aa942aTinderbox UserCLASS="replaceable"
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsCLASS="command"
bf8c3776f1bf1a1270e5e0443ae5a8df022632a8Mark AndrewsCLASS="replaceable"
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsCLASS="literal"
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews>unlimited</TT
7c112f7d8f632412901d9f3c4445eb0db6db95feTinderbox UserCLASS="command"
9692d283bb43c9eab49a7fadfc1b74a6e20e6151Tinderbox UserCLASS="replaceable"
7c112f7d8f632412901d9f3c4445eb0db6db95feTinderbox UserCLASS="command"
7c112f7d8f632412901d9f3c4445eb0db6db95feTinderbox UserCLASS="replaceable"
7c112f7d8f632412901d9f3c4445eb0db6db95feTinderbox User>syslog_facility</I
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic UpdaterCLASS="command"
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic UpdaterCLASS="command"
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic UpdaterCLASS="command"
560d6da48f066000541dd43f5d407644dee12bebTinderbox UserCLASS="option"
c218e22e3e6cbd409b61a14f1480b5ce5c70bfc1Tinderbox UserCLASS="option"
c218e22e3e6cbd409b61a14f1480b5ce5c70bfc1Tinderbox UserCLASS="option"
c218e22e3e6cbd409b61a14f1480b5ce5c70bfc1Tinderbox UserCLASS="option"
c218e22e3e6cbd409b61a14f1480b5ce5c70bfc1Tinderbox UserCLASS="option"
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserCLASS="option"
3759f10fc543747668b1ca4b4671f35b0dea8445Francis DupontCLASS="replaceable"
d7d105151a78d35afb4233d2a6dbd47b7ec0d9a5Tinderbox UserCLASS="command"
d7d105151a78d35afb4233d2a6dbd47b7ec0d9a5Tinderbox User>print-category</B
e0bf4fc289705375be65c05a8fb085d514a98c97Tinderbox UserCLASS="option"
f42fc714eda962112e45b904d1f846c61a080114Automatic UpdaterCLASS="command"
3a28155fe228cd6d59b15f1ca0b568be6620a9d2Tinderbox User>print-severity</B
2c1632c71e2f4d8afa35efce3080b31602a6608cTinderbox UserCLASS="option"
2c1632c71e2f4d8afa35efce3080b31602a6608cTinderbox UserCLASS="option"
44e3b272904bfd85556771d30cf1bc6fa539dd03Automatic UpdaterCLASS="command"
3040b455151b1e1173193933664b2891b6159f24Mark AndrewsCLASS="option"
850cfa4e86da9f63c1b97ec8c743c091ffd3546bFrancis DupontCLASS="option"
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox UserCLASS="command"
862cad747c24bc3e608f31cde1d7eddb2409a316Tinderbox UserCLASS="replaceable"
f0c5e918974bf778af6cd1e25309ad13e30a79a6Tinderbox User>category_name</I
609b8d08176469485edce25f3c2f50365bbd3819Mark AndrewsCLASS="replaceable"
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews>channel_name</I
e8e87ede5c36b95806c77bcd34894ad9c4b39a78Tinderbox UserCLASS="replaceable"
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews>channel_nam</I
609b8d08176469485edce25f3c2f50365bbd3819Mark AndrewsCLASS="sect2"
609b8d08176469485edce25f3c2f50365bbd3819Mark AndrewsCLASS="sect2"
eac5382be368b43df62e4ac32075131fb4997f03Tinderbox UserNAME="AEN1498"
536da846f6cc03ad8abbb8bb9d5d8a6f607b8c33Mark AndrewsCLASS="command"
ac5ed748602c890d596bed07b0b23b8b5f42b2f6Mark Andrews> Statement Definition and
3040b455151b1e1173193933664b2891b6159f24Mark AndrewsCLASS="command"
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrews> statement configures a wide
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrewsvariety of logging options for the nameserver. Its <B
609b8d08176469485edce25f3c2f50365bbd3819Mark AndrewsCLASS="command"
d98b4b724343547314bde32a54966c8f124a5f03Mark Andrewsassociates output methods, format options and severity levels with
2706fce75f04398595d9648122c6b67164e94fccTinderbox Usera name that can then be used with the <B
d56349eff4a1ebb8f4370df5a8a507f1a8ecd0dfMark AndrewsCLASS="command"
d56349eff4a1ebb8f4370df5a8a507f1a8ecd0dfMark Andrewsto select how various classes of messages are logged.</P
d56349eff4a1ebb8f4370df5a8a507f1a8ecd0dfMark AndrewsCLASS="command"
5a6d22a5b3b014f6dd0b36999864bd2c3e0d8465Mark Andrews> statement is used to define
5a6d22a5b3b014f6dd0b36999864bd2c3e0d8465Mark Andrewsas many channels and categories as are wanted. If there is no <B
d56349eff4a1ebb8f4370df5a8a507f1a8ecd0dfMark AndrewsCLASS="command"
ecbc7ebb243a1f8a5dc6f28185ffe9e61d3b2102Mark Andrewsthe logging configuration will be:</P
ecbc7ebb243a1f8a5dc6f28185ffe9e61d3b2102Mark AndrewsCLASS="programlisting"
5a6d22a5b3b014f6dd0b36999864bd2c3e0d8465Mark AndrewsCLASS="command"
0d13a9584b9f97693ab22d54322f1c484d578701Mark Andrews category "default" { "default_syslog"; "default_debug"; };
5a6d22a5b3b014f6dd0b36999864bd2c3e0d8465Mark AndrewsCLASS="acronym"
d56349eff4a1ebb8f4370df5a8a507f1a8ecd0dfMark Andrews> 9, the logging configuration is only established when
d56349eff4a1ebb8f4370df5a8a507f1a8ecd0dfMark Andrewsthe entire configuration file has been parsed. In <SPAN
d56349eff4a1ebb8f4370df5a8a507f1a8ecd0dfMark AndrewsCLASS="acronym"
015f044f7f916eb18d053f2e5dcbee481425bc66Mark Andrewsestablished as soon as the <B
ae454ec746d1d4db8d04e107d4d25ff13158c37fMark AndrewsCLASS="command"
e5a6871cd0635ecdb2bf792316a2d8c53206f4b2Tinderbox Userwas parsed. When the server is starting up, all logging messages
bec9d04b657e1582d2531bdc02503bebde2aa978Tinderbox Userregarding syntax errors in the configuration file go to the default
b7f4a6fd8ac70ebf889179ee84c1dd35647bfc73Evan Huntchannels, or to standard error if the "<TT
b7f4a6fd8ac70ebf889179ee84c1dd35647bfc73Evan HuntCLASS="option"
609b8d08176469485edce25f3c2f50365bbd3819Mark Andrewswas specified.</P
609b8d08176469485edce25f3c2f50365bbd3819Mark AndrewsCLASS="sect3"
b7f4a6fd8ac70ebf889179ee84c1dd35647bfc73Evan HuntCLASS="sect3"
b7f4a6fd8ac70ebf889179ee84c1dd35647bfc73Evan HuntNAME="AEN1515"
b7f4a6fd8ac70ebf889179ee84c1dd35647bfc73Evan Hunt>6.2.10.1. The <B
b7f4a6fd8ac70ebf889179ee84c1dd35647bfc73Evan HuntCLASS="command"
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews>All log output goes to one or more <I
7e1a8f402e3881388db37152f71c698cb1f1c426Mark AndrewsCLASS="emphasis"
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrewsyou can make as many of them as you want.</P
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews>Every channel definition must include a destination clause that
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrewssays whether messages selected for the channel go to a file, to a
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrewsparticular syslog facility, to the standard error stream, or are
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrewsdiscarded. It can optionally also limit the message severity level
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrewsthat will be accepted by the channel (the default is
7e1a8f402e3881388db37152f71c698cb1f1c426Mark AndrewsCLASS="command"
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews>), and whether to include a
7e1a8f402e3881388db37152f71c698cb1f1c426Mark AndrewsCLASS="command"
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrews>-generated time stamp, the category name
7e1a8f402e3881388db37152f71c698cb1f1c426Mark Andrewsand/or severity level (the default is not to include any).</P
7e1a8f402e3881388db37152f71c698cb1f1c426Mark AndrewsCLASS="command"
bbd726b86a5b0f97a192b6027958dc7b763dc48bTinderbox User> destination clause
7a2a1b8b14fc804ac80612d7b98064095e445be5Automatic Updatercauses all messages sent to the channel to be discarded;
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updaterin that case, other options for the channel are meaningless.</P
213dd665a9f45c3acb5f6c5f853bbbd5fd1598a2Tinderbox UserCLASS="command"
a450977e98155f6e828fe6f8d52cf24674231831Mark Andrews> destination clause directs the channel
3759f10fc543747668b1ca4b4671f35b0dea8445Francis Dupontto a disk file. It can include limitations
3040b455151b1e1173193933664b2891b6159f24Mark Andrewsboth on how large the file is allowed to become, and how many versions
351eca011cf38fd3272b325029afce144a9a1ebaMark Andrewsof the file will be saved each time the file is opened.</P
351eca011cf38fd3272b325029afce144a9a1ebaMark AndrewsCLASS="command"
351eca011cf38fd3272b325029afce144a9a1ebaMark Andrews> option for files is simply a hard
351eca011cf38fd3272b325029afce144a9a1ebaMark Andrewsceiling on log growth. If the file ever exceeds the size, then <B
351eca011cf38fd3272b325029afce144a9a1ebaMark AndrewsCLASS="command"
351eca011cf38fd3272b325029afce144a9a1ebaMark Andrewsnot write anything more to it until the file is reopened; exceeding
351eca011cf38fd3272b325029afce144a9a1ebaMark Andrewsthe size does not automatically trigger a reopen. The default behavior
351eca011cf38fd3272b325029afce144a9a1ebaMark Andrewsis not to limit the size of the file.</P
351eca011cf38fd3272b325029afce144a9a1ebaMark Andrews>If you use the <B
351eca011cf38fd3272b325029afce144a9a1ebaMark AndrewsCLASS="command"
3040b455151b1e1173193933664b2891b6159f24Mark Andrews> log file option,
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsCLASS="command"
351eca011cf38fd3272b325029afce144a9a1ebaMark Andrews> will retain that many backup versions
31de528a5f7fae26452f6f68625702c4e4d10af9Tinderbox Userof the file by renaming them when opening. For example, if you choose
2beefc22e6debdb72d7b2a069787ff565fc79ec4Tinderbox Userto keep 3 old versions of the file <TT
ae454ec746d1d4db8d04e107d4d25ff13158c37fMark AndrewsCLASS="filename"
4ba21f60009e18c5950d18546a127e70be537effMark Andrewsjust before it is opened <TT
f520803b46dc189fdaf84adc87ef327d3587b435Mark AndrewsCLASS="filename"
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserCLASS="filename"
2beefc22e6debdb72d7b2a069787ff565fc79ec4Tinderbox UserCLASS="filename"
8aa098c6334de11c8fd117d30851cc457813c410Mark Andrewsrenamed to <TT
8aa098c6334de11c8fd117d30851cc457813c410Mark AndrewsCLASS="filename"
8aa098c6334de11c8fd117d30851cc457813c410Mark AndrewsCLASS="filename"
8aa098c6334de11c8fd117d30851cc457813c410Mark Andrewsrenamed to <TT
8aa098c6334de11c8fd117d30851cc457813c410Mark AndrewsCLASS="filename"
3040b455151b1e1173193933664b2891b6159f24Mark Andrews>. No rolled versions
ff8ec39ce4afc2d774ce99f2386474d2c8539cd4Automatic Updaterare kept by default; any existing log file is simply appended. The <B
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsCLASS="command"
3040b455151b1e1173193933664b2891b6159f24Mark Andrews>unlimited</B
2beefc22e6debdb72d7b2a069787ff565fc79ec4Tinderbox Useris synonymous with <B
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="command"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater> in current <SPAN
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserCLASS="acronym"
9a5217f827ac0e006016745e5305b31dc0c7767fTinderbox User> releases.</P
9c2cf9e2017e6dd196e3b866808f32c6206eeedcMark Andrews>Example usage of the size and versions options:</P
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserCLASS="programlisting"
a03cb08d0c4f1ca5fbc121d2f02bdffa7eb52286Mark Andrews>channel "an_example_channel" {
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater file "example.log" versions 3 size 20m;
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater print-time yes;
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater print-category yes;
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic UpdaterCLASS="command"
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater> destination clause directs the
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updaterchannel to the system log. Its argument is a
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updatersyslog facility as described in the <B
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic UpdaterCLASS="command"
a5636b773fa05a272b6876afd99309c0b3090e2fMark AndrewsCLASS="command"
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updater> will handle messages sent to
a03cb08d0c4f1ca5fbc121d2f02bdffa7eb52286Mark Andrewsthis facility is described in the <B
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic UpdaterCLASS="command"
a03cb08d0c4f1ca5fbc121d2f02bdffa7eb52286Mark Andrewspage. If you have a system which uses a very old version of <B
a03cb08d0c4f1ca5fbc121d2f02bdffa7eb52286Mark AndrewsCLASS="command"
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic Updateronly uses two arguments to the <B
8aa53dcb1d26277e8e805464bfff7bb7136f60cbAutomatic UpdaterCLASS="command"
3040b455151b1e1173193933664b2891b6159f24Mark Andrews>openlog()</B
d58e33bfabfee19a035031dac633d36659738d56Evan Huntthen this clause is silently ignored.</P
59602f2a7c4e4809941583bed3e94cd26e628f1aTinderbox UserCLASS="command"
1368e4b34cef64604c874fcc40201c78e548714cTinderbox User> clause works like <B
4c6bae917bec70e1fc4d1b761a9765075af78441Tinderbox UserCLASS="command"
4c6bae917bec70e1fc4d1b761a9765075af78441Tinderbox User"priorities," except that they can also be used if you are writing
1368e4b34cef64604c874fcc40201c78e548714cTinderbox Userstraight to a file rather than using <B
1368e4b34cef64604c874fcc40201c78e548714cTinderbox UserCLASS="command"
3d015b2a0aeaa8d763fc783c23f895125ca1e0b8Tinderbox UserMessages which are not at least of the severity level given will
1368e4b34cef64604c874fcc40201c78e548714cTinderbox Usernot be selected for the channel; messages of higher severity levels
3040b455151b1e1173193933664b2891b6159f24Mark Andrewswill be accepted.</P
5a6d22a5b3b014f6dd0b36999864bd2c3e0d8465Mark Andrews>If you are using <B
70d987def5a58ebeb8243017c0ec2e9b2c326cf4Evan HuntCLASS="command"
70d987def5a58ebeb8243017c0ec2e9b2c326cf4Evan Hunt>, then the <B
70d987def5a58ebeb8243017c0ec2e9b2c326cf4Evan HuntCLASS="command"
3d015b2a0aeaa8d763fc783c23f895125ca1e0b8Tinderbox Userwill also determine what eventually passes through. For example,
1bf507ca635310b340aea42d6c3e567819974a99Tinderbox Userdefining a channel facility and severity as <B
3d015b2a0aeaa8d763fc783c23f895125ca1e0b8Tinderbox UserCLASS="command"
70d987def5a58ebeb8243017c0ec2e9b2c326cf4Evan HuntCLASS="command"
2706fce75f04398595d9648122c6b67164e94fccTinderbox Useronly logging <B
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserCLASS="command"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="command"
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updatercause messages of severity <B
3a28155fe228cd6d59b15f1ca0b568be6620a9d2Tinderbox UserCLASS="command"
3a28155fe228cd6d59b15f1ca0b568be6620a9d2Tinderbox UserCLASS="command"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellingtonbe dropped. If the situation were reversed, with <B
a5636b773fa05a272b6876afd99309c0b3090e2fMark AndrewsCLASS="command"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updatermessages of only <B
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="command"
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater> or higher, then <B
a5636b773fa05a272b6876afd99309c0b3090e2fMark AndrewsCLASS="command"
5c5c6d289db78e41f714007426a387498e15963cFrancis Dupontprint all messages it received from the channel.</P
5c5c6d289db78e41f714007426a387498e15963cFrancis DupontCLASS="command"
5c5c6d289db78e41f714007426a387498e15963cFrancis Dupont> destination clause directs the
3040b455151b1e1173193933664b2891b6159f24Mark Andrewschannel to the server's standard error stream. This is intended for
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrewsuse when the server is running as a foreground process, for example
95de440e8d2b07bb130505b4146059e5734e2eeaTinderbox Userwhen debugging a configuration.</P
2beefc22e6debdb72d7b2a069787ff565fc79ec4Tinderbox User>The server can supply extensive debugging information when
3759f10fc543747668b1ca4b4671f35b0dea8445Francis Dupontit is in debugging mode. If the server's global debug level is greater
3759f10fc543747668b1ca4b4671f35b0dea8445Francis Dupontthan zero, then debugging mode will be active. The global debug
5b4ef313da4283079786e516b4b07a1691e1dc50Mark Andrewslevel is set either by starting the <B
3040b455151b1e1173193933664b2891b6159f24Mark AndrewsCLASS="command"
3040b455151b1e1173193933664b2891b6159f24Mark AndrewsCLASS="option"
ec7751119a08c6a7250f3187beed69a8b836d349Tinderbox User> flag followed by a positive integer,
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updateror by running <B
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserCLASS="command"
03ebc228ee3725738b067b6bd7082a9a731822a1Tinderbox User>rndc trace</B
d58e33bfabfee19a035031dac633d36659738d56Evan Huntmethod is not yet implemented</P
3040b455151b1e1173193933664b2891b6159f24Mark Andrews></BLOCKQUOTE
2beefc22e6debdb72d7b2a069787ff565fc79ec4Tinderbox User> The global debug level
dcd42a39d311b44877161ffd1e27fa62700c0171Mark Andrewscan be set to zero, and debugging mode turned off, by running <B
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="command"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater>. All debugging messages in the server have a debug
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updaterlevel, and higher debug levels give more detailed output. Channels
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updaterthat specify a specific debug severity, for example:</P
3f68e9c0e5a6ce475d15eef04bfed9b08a22afa9Tinderbox UserCLASS="programlisting"
3f68e9c0e5a6ce475d15eef04bfed9b08a22afa9Tinderbox User>channel "specific_debug_level" {
3f68e9c0e5a6ce475d15eef04bfed9b08a22afa9Tinderbox User severity debug 3;
3040b455151b1e1173193933664b2891b6159f24Mark Andrews>will get debugging output of level 3 or less any time the
c5f7f6aa6c51d35353a9485b32abbabfe8358b4eMark Andrewsserver is in debugging mode, regardless of the global debugging
c5f7f6aa6c51d35353a9485b32abbabfe8358b4eMark Andrewslevel. Channels with <B
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserCLASS="command"
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington> severity use the
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellingtonserver's global level to determine what messages to print.</P
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="command"
22bed5c0fa8aa33ebca97235c0509db335440811Tinderbox User>print-time</B
22bed5c0fa8aa33ebca97235c0509db335440811Tinderbox User> has been turned on, then
22bed5c0fa8aa33ebca97235c0509db335440811Tinderbox Userthe date and time will be logged. <B
63654fea53d6a58a65112234bc8d0c322e0c81b5Automatic UpdaterCLASS="command"
3040b455151b1e1173193933664b2891b6159f24Mark Andrews>print-time</B
22bed5c0fa8aa33ebca97235c0509db335440811Tinderbox Userbe specified for a <B
ae454ec746d1d4db8d04e107d4d25ff13158c37fMark AndrewsCLASS="command"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater> channel, but is usually
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updaterpointless since <B
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="command"
fd7c65dce9c2b1a3d12ca4df9074cd38019fdb5fAutomatic Updater> also prints the date and
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserCLASS="command"
b871c7156eb037d41f53828c6fcb9cc876128962Mark Andrews>print-category</B
3040b455151b1e1173193933664b2891b6159f24Mark Andrews> is requested, then the
d58e33bfabfee19a035031dac633d36659738d56Evan Huntcategory of the message will be logged as well. Finally, if <B
3040b455151b1e1173193933664b2891b6159f24Mark AndrewsCLASS="command"
551271d8198ae06e37edf5da519d8ee153eeac0fTinderbox User>print-severity</B
b871c7156eb037d41f53828c6fcb9cc876128962Mark Andrewson, then the severity level of the message will be logged. The <B
2beefc22e6debdb72d7b2a069787ff565fc79ec4Tinderbox UserCLASS="command"
b6561016dc8a813bfd91cef5b876b3dfc3f08ffaTinderbox Userbe used in any combination, and will always be printed in the following
63d024b4a80b39753d7b2976d46b1478913cc6a1Tinderbox Userorder: time, category, severity. Here is an example where all three <B
fedd407a76adfdd745eb7d2461673693c6f9fea9Mark AndrewsCLASS="command"
fedd407a76adfdd745eb7d2461673693c6f9fea9Mark AndrewsCLASS="computeroutput"
63d024b4a80b39753d7b2976d46b1478913cc6a1Tinderbox User>28-Feb-2000 15:05:32.863 general: notice: running</TT
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater>There are four predefined channels that are used for
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox UserCLASS="command"
80f05de86cd3cd8e4a4215c4501643891b942dafTinderbox User>'s default logging as follows. How they are
ab496cc3df1648e9ad992a87c35c2c0870fdc69dTinderbox Userused is described in <A
ab496cc3df1648e9ad992a87c35c2c0870fdc69dTinderbox UserHREF="Bv9ARM.ch06.html#the_category_phrase"
3040b455151b1e1173193933664b2891b6159f24Mark Andrews>Section 6.2.10.2</A
82a986aaa5d3384a541b5a7d6dae8cf0726d6513Tinderbox UserCLASS="programlisting"
82a986aaa5d3384a541b5a7d6dae8cf0726d6513Tinderbox User>channel "default_syslog" {
82a986aaa5d3384a541b5a7d6dae8cf0726d6513Tinderbox User syslog daemon; // end to syslog's daemon
3040b455151b1e1173193933664b2891b6159f24Mark Andrews severity info; // only send priority info
cc17f4a672fc4ce67327902dd797c4465f12c4c9Mark Andrews // and higher
cc17f4a672fc4ce67327902dd797c4465f12c4c9Mark Andrewschannel "default_debug" {
cc17f4a672fc4ce67327902dd797c4465f12c4c9Mark Andrews // the working directory
5b4ef313da4283079786e516b4b07a1691e1dc50Mark Andrews // Note: stderr is used instead
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt // if the server is started
3040b455151b1e1173193933664b2891b6159f24Mark Andrews // with the '-f' option.
5b4ef313da4283079786e516b4b07a1691e1dc50Mark Andrews severity dynamic // log at the server's
82447d835d3ff5c658749b4e9b4f66166407b3eaAutomatic Updater // current debug level
82447d835d3ff5c658749b4e9b4f66166407b3eaAutomatic Updaterchannel "default_stderr" { // writes to stderr
82447d835d3ff5c658749b4e9b4f66166407b3eaAutomatic Updater severity info; // only send priority info
e5a6871cd0635ecdb2bf792316a2d8c53206f4b2Tinderbox Userchannel "null" {
e5a6871cd0635ecdb2bf792316a2d8c53206f4b2Tinderbox User null; // toss anything sent to
9563f388c8ca1bb9ebb04db54e122815b0008c8aTinderbox User // this channel
e9e4257668ff6c4e583b0c0db2508650b0b677b8Tinderbox UserCLASS="command"
183b6c7fca54001820078f324d102fc33e64bbc6Automatic Updater>default_debug</B
9563f388c8ca1bb9ebb04db54e122815b0008c8aTinderbox User> channel normally writes
50cfe402e61ba8d816d845a9f297e3de18f4fc15Tinderbox UserCLASS="filename"
50cfe402e61ba8d816d845a9f297e3de18f4fc15Tinderbox User> in the server's working
08190bd4d89153cee463b34f9233ad6dd88965fcMark Andrewsdirectory. For security reasons, when the "<TT
50cfe402e61ba8d816d845a9f297e3de18f4fc15Tinderbox UserCLASS="option"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updatercommand line option is used, the <TT
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="filename"
601c1908d06375f5dea00ab98671a6c934d8a840Automatic Updateris created only after <B
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="command"
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User> has changed to the
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox Usernew UID, and any debug output generated while <B
2beefc22e6debdb72d7b2a069787ff565fc79ec4Tinderbox UserCLASS="command"
f46621af221784fd08339c6fe9509d9e48334561Tinderbox Userstarting up and still running as root is discarded. If you need
f46621af221784fd08339c6fe9509d9e48334561Tinderbox Userto capture this output, you must run the server with the "<TT
f46621af221784fd08339c6fe9509d9e48334561Tinderbox UserCLASS="option"
f46621af221784fd08339c6fe9509d9e48334561Tinderbox Useroption and redirect standard error to a file.</P
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater>Once a channel is defined, it cannot be redefined. Thus you
dd53726b246db5cc63c1c87ca86dae39568eeaa3Tinderbox Usercannot alter the built-in channels directly, but you can modify
2beefc22e6debdb72d7b2a069787ff565fc79ec4Tinderbox Userthe default logging by pointing categories at channels you have defined.</P
d58e33bfabfee19a035031dac633d36659738d56Evan HuntNAME="the_category_phrase"
dd53726b246db5cc63c1c87ca86dae39568eeaa3Tinderbox User>6.2.10.2. The <B
dd53726b246db5cc63c1c87ca86dae39568eeaa3Tinderbox UserCLASS="command"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews>There are many categories, so you can send the logs you want
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsto see wherever you want, without seeing logs you don't want. If
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsyou don't specify a list of channels for a category, then log messages
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrewsin that category will be sent to the <B
280a8a0544b4aeb52414d20e8c6e6c5b1108562eTinderbox UserCLASS="command"
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrewsinstead. If you don't specify a default category, the following
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews"default default" is used:</P
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="programlisting"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews>category "default" { "default_syslog"; "default_debug"; };
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews>As an example, let's say you want to log security events to
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox Usera file, but you also want keep the default logging behavior. You'd
17198e77b87667f796e910d31a4f47a80e256d09Mark Andrewsspecify the following:</P
c07cdac6cf5bf3e9affc1aed25f8350087691f1eAutomatic UpdaterCLASS="programlisting"
c07cdac6cf5bf3e9affc1aed25f8350087691f1eAutomatic Updater>channel "my_security_channel" {
c07cdac6cf5bf3e9affc1aed25f8350087691f1eAutomatic Updater file "my_security_file";
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User severity info;
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox Usercategory "security" {
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User "my_security_channel";
7c8e44a2dc1121dbe3b615c9c934f37fb1741bb9Tinderbox User "default_syslog";
c07cdac6cf5bf3e9affc1aed25f8350087691f1eAutomatic Updater "default_debug";
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User>To discard all messages in a category, specify the <B
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserCLASS="command"
de73ef7ecdb9e009155993a6fa8dee5cd1bde319Mark AndrewsCLASS="programlisting"
7c899ff8af55a6855100e7fb4f5dd9a0a04b48a0Automatic Updater>category "xfer-out" { "null"; };
7c899ff8af55a6855100e7fb4f5dd9a0a04b48a0Automatic Updatercategory "notify" { "null"; };
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User>Following are the available categories and brief descriptions
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox Userof the types of log information they contain. More
7c8e44a2dc1121dbe3b615c9c934f37fb1741bb9Tinderbox Usercategories may be added in future <SPAN
7c899ff8af55a6855100e7fb4f5dd9a0a04b48a0Automatic UpdaterCLASS="acronym"
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserCLASS="informaltable"
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserCELLPADDING="3"
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserCLASS="CALSTABLE"
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsVALIGN="MIDDLE"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="command"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsVALIGN="MIDDLE"
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews>The default category defines the logging
280a8a0544b4aeb52414d20e8c6e6c5b1108562eTinderbox Useroptions for those categories where no specific configuration has been
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsVALIGN="MIDDLE"
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsCLASS="command"
280a8a0544b4aeb52414d20e8c6e6c5b1108562eTinderbox UserVALIGN="MIDDLE"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews>The catch-all. Many things still aren't
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsclassified into categories, and they all end up here.</P
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian WellingtonVALIGN="MIDDLE"
3759f10fc543747668b1ca4b4671f35b0dea8445Francis DupontCLASS="command"
1921b850640ae984448e8b87870c8527fa9cddb6Evan HuntVALIGN="MIDDLE"
1921b850640ae984448e8b87870c8527fa9cddb6Evan Hunt>Messages relating to the databases used
1921b850640ae984448e8b87870c8527fa9cddb6Evan Huntinternally by the name server to store zone and cache data.</P
827f8cccb5280f4da66c46186e792d1cb9d73503Mark AndrewsVALIGN="MIDDLE"
ee11dfc481f2ef6a032a715454f6290961a722d2Tinderbox UserCLASS="command"
827f8cccb5280f4da66c46186e792d1cb9d73503Mark AndrewsVALIGN="MIDDLE"
827f8cccb5280f4da66c46186e792d1cb9d73503Mark Andrews>Approval and denial of requests.</P
979e02d122cddf1624cca8a4dab8d084c900fa48Automatic UpdaterVALIGN="MIDDLE"
280a8a0544b4aeb52414d20e8c6e6c5b1108562eTinderbox UserCLASS="command"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsVALIGN="MIDDLE"
56334ccb2d4b5a04fc12b70b5852049db5d24088Evan Hunt>Configuration file parsing and processing.</P
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsVALIGN="MIDDLE"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="command"
c7f686829f05e44169d46746cfb25cadcf078585Tinderbox UserVALIGN="MIDDLE"
c7f686829f05e44169d46746cfb25cadcf078585Tinderbox User>DNS resolution, such as the recursive
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrewslookups performed on behalf of clients by a caching name server.</P
280a8a0544b4aeb52414d20e8c6e6c5b1108562eTinderbox UserVALIGN="MIDDLE"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="command"
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsVALIGN="MIDDLE"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews>Zone transfers the server is receiving.</P
a05244bb01d5a5f71b2ac9abe1601589cde79570Tinderbox UserVALIGN="MIDDLE"
91216cff91b34c9ff6e846dc23f248219cafe660Andreas GustafssonCLASS="command"
8bc3d252395842452a6d2c775cf8445f6349e331Tinderbox UserVALIGN="MIDDLE"
a9d14bf051644716b5db9209c453d2c5eb83f174Tinderbox User>Zone transfers the server is sending.</P
ab103cf2caf211985be8c4296d379e43d26268c4Tinderbox UserVALIGN="MIDDLE"
015055b6e23f5c08f6a5b34726f90b62597e9e45Tinderbox UserCLASS="command"
e6fc17ec5ad5ba1c4bf5730b2b97c82d1f2b8f3cMark AndrewsVALIGN="MIDDLE"
8711e5c73ca872d59810760af0332194cbdd619bAutomatic Updater>The NOTIFY protocol.</P
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark AndrewsVALIGN="MIDDLE"
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark AndrewsCLASS="command"
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark AndrewsVALIGN="MIDDLE"
409ba95e573b40cf36acf97dd62ee7e9c7775851Tinderbox User>Processing of client requests.</P
8711e5c73ca872d59810760af0332194cbdd619bAutomatic UpdaterVALIGN="MIDDLE"
22870a9f8df95488abe2b17ab92b7cb6a9fe6f14Tinderbox UserCLASS="command"
02d20c5d79600704d617d248642c477e9b5e6a2aTinderbox UserVALIGN="MIDDLE"
0a2ff769ecd0b5a6bda54b62bc1ec5fa6fd198a0Tinderbox User>Network operations.</P
02d20c5d79600704d617d248642c477e9b5e6a2aTinderbox UserVALIGN="MIDDLE"
02d20c5d79600704d617d248642c477e9b5e6a2aTinderbox UserCLASS="command"
87d422bb38fa1c8f0fb29c2a1b8c044870a7df46Tinderbox UserVALIGN="MIDDLE"
955ee8b865d70d02ad1fdc959382e6f8a07c1d14Tinderbox User>Dynamic updates.</P
959e5da49a2cff7dfd8fdb885cd11c5d7d94a292Tinderbox UserVALIGN="MIDDLE"
0a2ff769ecd0b5a6bda54b62bc1ec5fa6fd198a0Tinderbox UserCLASS="command"
7a6494cfb6cc7d3f67af07359561e05e6bb8c0edTinderbox UserVALIGN="MIDDLE"
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="sect2"
aa1d397c4736cd86540555193d71e55fa3b37b2aMark AndrewsCLASS="sect2"
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsNAME="AEN1700"
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="command"
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews> Statement Grammar</A
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews> This is the grammar of the <B
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="command"
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews statement in the <TT
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="filename"
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="programlisting"
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="command"
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="optional"
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews> listen-on { <TT
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="replaceable"
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="optional"
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="replaceable"
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="optional"
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="replaceable"
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="optional"
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="replaceable"
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews>] ; ... </SPAN
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="optional"
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="replaceable"
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews>view_name</I
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="optional"
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews> search { <TT
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="replaceable"
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews>domain_name</I
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="optional"
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="replaceable"
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews>domain_name</I
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews> ; ... </SPAN
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="optional"
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="replaceable"
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="sect2"
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="sect2"
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsNAME="AEN1724"
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="command"
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews> Statement Definition and Usage</A
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="command"
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews> statement configures the name
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews server to also act as a lightweight resolver server, see
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews>Section 5.2</A
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews>. There may be be multiple
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="command"
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews> statements configuring
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews lightweight resolver servers with different properties.</P
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="command"
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews>listen-on</B
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews> statement specifies a list of
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews addresses (and ports) that this instance of a lightweight resolver daemon
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews should accept requests on. If no port is specified, port 921 is used.
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews If this statement is omitted, requests will be accepted on 127.0.0.1,
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews port 921.</P
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="command"
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews> statement binds this instance of a
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews lightweight resolver daemon to a view in the DNS namespace, so that the
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews response will be constructed in the same manner as a normal DNS query
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews matching this view. If this statement is omitted, the default view is
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews used, and if there is no default view, an error is triggered.</P
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic UpdaterCLASS="command"
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews> statement is equivalent to the
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="command"
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews> statement in
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="filename"
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews>. It provides a list of domains
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews which are appended to relative names in queries.</P
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="command"
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews> statement is equivalent to the
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="command"
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews> statement in
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="filename"
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews>. It indicates the minimum
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews number of dots in a relative domain name that should result in an
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews exact match lookup before search path elements are appended.</P
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="sect2"
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="sect2"
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsNAME="AEN1743"
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="command"
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews> Statement Grammar</A
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews>This is the grammar of the <B
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="command"
4f087942583014b241adca1bc78c6db89ed96e94Mark Andrews statement in the <TT
4f087942583014b241adca1bc78c6db89ed96e94Mark AndrewsCLASS="filename"
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan HuntCLASS="programlisting"
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan HuntCLASS="command"
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan HuntCLASS="optional"
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt> version <TT
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan HuntCLASS="replaceable"
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt>version_string</I
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan HuntCLASS="optional"
e2d635d630f6f61fefd3d4475c45b097b16b8a2aEvan Hunt> directory <TT
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox UserCLASS="replaceable"
ab272d2204a075b5ed0798d04733a9028782b8daEvan Hunt>path_name</I
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic UpdaterCLASS="optional"
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic Updater> named-xfer <TT
97669cab1f7e6f953dbf39ef1b2c4206ecb50d9eAutomatic UpdaterCLASS="replaceable"
9e295ad801d5c986eb6c7745637b5dc0efb28711Tinderbox UserCLASS="optional"
9e295ad801d5c986eb6c7745637b5dc0efb28711Tinderbox User> tkey-domain <TT
77932ac533c711eca5cd86de4e7eca8d91102b43Tinderbox UserCLASS="replaceable"
309b912841e8b97bf0b0df0d96c3eaf16990c080Automatic UpdaterCLASS="optional"
66d24a46538c7c2d29fdb5611ab1173e83685b1dTinderbox User> tkey-dhkey <TT
66d24a46538c7c2d29fdb5611ab1173e83685b1dTinderbox UserCLASS="replaceable"
754ebd37e782356aedbb2987e3c1a8ab4f29574eMark AndrewsCLASS="replaceable"
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox UserCLASS="optional"
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox User> dump-file <TT
776a8e3ff8889711a1f61a9362607c42716563f4Tinderbox UserCLASS="replaceable"
aa1d397c4736cd86540555193d71e55fa3b37b2aMark AndrewsCLASS="optional"
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews> memstatistics-file <TT
9e295ad801d5c986eb6c7745637b5dc0efb28711Tinderbox UserCLASS="replaceable"
da93950363b307b718d156514b95b9df93a63776Mark Andrews>path_name</I
9a9ca3c4f120971b7091b28a5530e5eaf362f7e6Tinderbox UserCLASS="optional"
9a9ca3c4f120971b7091b28a5530e5eaf362f7e6Tinderbox UserCLASS="replaceable"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="optional"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox User> statistics-file <TT
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="replaceable"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="optional"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox User> zone-statistics <TT
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="replaceable"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="optional"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox User> auth-nxdomain <TT
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="replaceable"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="optional"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox User> deallocate-on-exit <TT
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="replaceable"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="optional"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="replaceable"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox User>dialup_option</I
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="optional"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox User> fake-iquery <TT
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="replaceable"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="optional"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox User> fetch-glue <TT
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="replaceable"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="optional"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox User> has-old-clients <TT
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="replaceable"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="optional"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox User> host-statistics <TT
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="replaceable"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="optional"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox User> multiple-cnames <TT
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="replaceable"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="optional"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="replaceable"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="replaceable"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="optional"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox User> recursion <TT
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="replaceable"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="optional"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox User> rfc2308-type1 <TT
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="replaceable"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="optional"
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox User> use-id-pool <TT
05c0db3923b93c36afa488bffc7862e0ae554698Tinderbox UserCLASS="replaceable"
827f8cccb5280f4da66c46186e792d1cb9d73503Mark AndrewsCLASS="optional"
827f8cccb5280f4da66c46186e792d1cb9d73503Mark Andrews> maintain-ixfr-base <TT
933799f3641f4f78445d015008bad0038900a82aTinderbox UserCLASS="replaceable"
a9d14bf051644716b5db9209c453d2c5eb83f174Tinderbox UserCLASS="optional"
a9d14bf051644716b5db9209c453d2c5eb83f174Tinderbox User> forward ( <TT
19558a04decde0e7261d489d92d04ad88104217bTinderbox UserCLASS="replaceable"
827f8cccb5280f4da66c46186e792d1cb9d73503Mark AndrewsCLASS="replaceable"
ac2e2800b4ac9cbe4cb756d967f4583c611eb75eMark AndrewsCLASS="optional"
644973f327e9db74779e7c0426db90909173b284Automatic Updater> forwarders { [<SPAN
644973f327e9db74779e7c0426db90909173b284Automatic UpdaterCLASS="optional"
ac2e2800b4ac9cbe4cb756d967f4583c611eb75eMark AndrewsCLASS="replaceable"
a9d14bf051644716b5db9209c453d2c5eb83f174Tinderbox UserCLASS="optional"
a9d14bf051644716b5db9209c453d2c5eb83f174Tinderbox UserCLASS="replaceable"
a9d14bf051644716b5db9209c453d2c5eb83f174Tinderbox User> ; ... </SPAN
a9d14bf051644716b5db9209c453d2c5eb83f174Tinderbox UserCLASS="optional"
a9d14bf051644716b5db9209c453d2c5eb83f174Tinderbox User> check-names ( <TT
a9d14bf051644716b5db9209c453d2c5eb83f174Tinderbox UserCLASS="replaceable"
a9d14bf051644716b5db9209c453d2c5eb83f174Tinderbox UserCLASS="replaceable"
a9d14bf051644716b5db9209c453d2c5eb83f174Tinderbox UserCLASS="replaceable"
827f8cccb5280f4da66c46186e792d1cb9d73503Mark AndrewsCLASS="replaceable"
af60449fe472b8bea5ad04bf538c777c6b151112Tinderbox UserCLASS="replaceable"
068a66979695c77359e7a9181bb3f831c965b21cMark AndrewsCLASS="replaceable"
068a66979695c77359e7a9181bb3f831c965b21cMark AndrewsCLASS="optional"
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews> allow-notify { <TT
068a66979695c77359e7a9181bb3f831c965b21cMark AndrewsCLASS="replaceable"
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews>address_match_list</I
068a66979695c77359e7a9181bb3f831c965b21cMark AndrewsCLASS="optional"
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews> allow-query { <TT
068a66979695c77359e7a9181bb3f831c965b21cMark AndrewsCLASS="replaceable"
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews>address_match_list</I
8de3f14f1c300c3e1ed99084cc03485b42c92bf1Tinderbox UserCLASS="optional"
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews> allow-transfer { <TT
068a66979695c77359e7a9181bb3f831c965b21cMark AndrewsCLASS="replaceable"
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User>address_match_list</I
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="optional"
45eca3a5d46ed15aee14d81f6cb6c9fb6f365344Mark Andrews> allow-recursion { <TT
6306dd073e0eba562491222821c4d3b39f440718Evan HuntCLASS="replaceable"
6634faa55bb26d8e995dd5ad4755060f1bedc2f0Tinderbox User>address_match_list</I
068a66979695c77359e7a9181bb3f831c965b21cMark AndrewsCLASS="optional"
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User> allow-v6-synthesis { <TT
068a66979695c77359e7a9181bb3f831c965b21cMark AndrewsCLASS="replaceable"
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews>address_match_list</I
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserCLASS="optional"
827f8cccb5280f4da66c46186e792d1cb9d73503Mark Andrews> blackhole { <TT
827f8cccb5280f4da66c46186e792d1cb9d73503Mark AndrewsCLASS="replaceable"
827f8cccb5280f4da66c46186e792d1cb9d73503Mark Andrews>address_match_list</I
827f8cccb5280f4da66c46186e792d1cb9d73503Mark AndrewsCLASS="optional"
827f8cccb5280f4da66c46186e792d1cb9d73503Mark Andrews> listen-on [<SPAN
827f8cccb5280f4da66c46186e792d1cb9d73503Mark AndrewsCLASS="optional"
827f8cccb5280f4da66c46186e792d1cb9d73503Mark AndrewsCLASS="replaceable"
827f8cccb5280f4da66c46186e792d1cb9d73503Mark AndrewsCLASS="replaceable"
827f8cccb5280f4da66c46186e792d1cb9d73503Mark Andrews>address_match_list</I
aa1d397c4736cd86540555193d71e55fa3b37b2aMark AndrewsCLASS="optional"
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrews> listen-on-v6 [<SPAN
5f7e0eb1cb917b788906d3e2aa01bfc4885dcae4Mark AndrewsCLASS="optional"
15ae68f3db8261770fc33b8e0f83f5d8c7021e84Mark AndrewsCLASS="replaceable"
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox UserCLASS="replaceable"
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews>address_match_list</I
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserCLASS="optional"
03ebc228ee3725738b067b6bd7082a9a731822a1Tinderbox User> query-source [<SPAN
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="optional"
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater> address ( <TT
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="replaceable"
10640b2e3efc7bc8034108136d7487f7407fbf37Andreas GustafssonCLASS="replaceable"
436aad11e01e916f75e68a2e9cb89ac217a990d3Tinderbox UserCLASS="optional"
ac2e2800b4ac9cbe4cb756d967f4583c611eb75eMark AndrewsCLASS="replaceable"
af682c183e3448c34da1145018a085ac45b1b660Tinderbox UserCLASS="replaceable"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="optional"
fe600c3ad88c0bb078283a953d048087d227c0e5Tinderbox User> max-transfer-time-in <TT
e40c4e4c17d4df338e2a7db0f84d8dbb3858964cTinderbox UserCLASS="replaceable"
6715db6593ce9a271ac3131cd7a886feaa386a2eEvan HuntCLASS="optional"
1921b850640ae984448e8b87870c8527fa9cddb6Evan Hunt> max-transfer-time-out <TT
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsCLASS="replaceable"
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsCLASS="optional"
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews> max-transfer-idle-in <TT
f0c5e918974bf778af6cd1e25309ad13e30a79a6Tinderbox UserCLASS="replaceable"
2846972c703e9c588e88726c10caf62c7cdbefd0Tinderbox UserCLASS="optional"
3759f10fc543747668b1ca4b4671f35b0dea8445Francis Dupont> max-transfer-idle-out <TT
a03cb08d0c4f1ca5fbc121d2f02bdffa7eb52286Mark AndrewsCLASS="replaceable"
8aa098c6334de11c8fd117d30851cc457813c410Mark AndrewsCLASS="optional"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater> tcp-clients <TT
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="replaceable"
a03cb08d0c4f1ca5fbc121d2f02bdffa7eb52286Mark AndrewsCLASS="optional"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater> recursive-clients <TT
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="replaceable"
1921b850640ae984448e8b87870c8527fa9cddb6Evan HuntCLASS="optional"
6715db6593ce9a271ac3131cd7a886feaa386a2eEvan Hunt> serial-queries <TT
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsCLASS="replaceable"
b7f4a6fd8ac70ebf889179ee84c1dd35647bfc73Evan HuntCLASS="optional"
1a63fb1d1448ed3f8fd7227ae57be67c2e71279eMark Andrews> transfer-format <TT
1a63fb1d1448ed3f8fd7227ae57be67c2e71279eMark AndrewsCLASS="replaceable"
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater>( one-answer | many-answers )</I
51374c645c0e6dd77c369c13834c751785f96f14Tinderbox UserCLASS="optional"
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updater> transfers-in <TT
e676a596869d8a80a644c99a848afb53d1c5975eMark AndrewsCLASS="replaceable"
d2f313886122eeb989e5c58cd9a70373222210c4Tinderbox UserCLASS="optional"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater> transfers-out <TT
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="replaceable"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="optional"
a03cb08d0c4f1ca5fbc121d2f02bdffa7eb52286Mark Andrews> transfers-per-ns <TT
a03cb08d0c4f1ca5fbc121d2f02bdffa7eb52286Mark AndrewsCLASS="replaceable"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="optional"
cb40461f8744c5aeb369b84d5f48395a13a221a0Mark Andrews> transfer-source (<TT
f8b9948a4116226ac41b5509cca152849006c66cAutomatic UpdaterCLASS="replaceable"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="constant"
ecbc7ebb243a1f8a5dc6f28185ffe9e61d3b2102Mark AndrewsCLASS="optional"
66cf4a406525db9c42977d8034a60e0a8e2a9290Automatic UpdaterCLASS="replaceable"
950d203b64f512b85fcc093ee1e9e3e531a1aea3Tinderbox UserCLASS="optional"
27c3c21f41520e8d6336d80a8094389e321cb6d2Mark Andrews> transfer-source-v6 (<TT
d2f313886122eeb989e5c58cd9a70373222210c4Tinderbox UserCLASS="replaceable"
03ebc228ee3725738b067b6bd7082a9a731822a1Tinderbox UserCLASS="constant"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="optional"
1a63fb1d1448ed3f8fd7227ae57be67c2e71279eMark AndrewsCLASS="replaceable"
27c3c21f41520e8d6336d80a8094389e321cb6d2Mark AndrewsCLASS="optional"
2706fce75f04398595d9648122c6b67164e94fccTinderbox User> notify-source (<TT
e40c4e4c17d4df338e2a7db0f84d8dbb3858964cTinderbox UserCLASS="replaceable"
e40c4e4c17d4df338e2a7db0f84d8dbb3858964cTinderbox UserCLASS="constant"
a450977e98155f6e828fe6f8d52cf24674231831Mark AndrewsCLASS="optional"
d6487e3c0a981bd8ac1e155d3a2d590c078d6c85Tinderbox UserCLASS="replaceable"
5a6d22a5b3b014f6dd0b36999864bd2c3e0d8465Mark AndrewsCLASS="optional"
5a6d22a5b3b014f6dd0b36999864bd2c3e0d8465Mark Andrews> notify-source-v6 (<TT
bcb68be0a8f3c3eca58d6a6a869267e5c1841de2Francis DupontCLASS="replaceable"
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox UserCLASS="constant"
ecbc7ebb243a1f8a5dc6f28185ffe9e61d3b2102Mark AndrewsCLASS="optional"
c0cc232ba92b92c1c5a48d49449ef56f7ca05b56Tinderbox UserCLASS="replaceable"
00ce5d1add91ba5664de4da3cda8c3a5017ba6a7Tinderbox UserCLASS="optional"
e5a6871cd0635ecdb2bf792316a2d8c53206f4b2Tinderbox User> also-notify { <TT
00ce5d1add91ba5664de4da3cda8c3a5017ba6a7Tinderbox UserCLASS="replaceable"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="optional"
8f1a00cf8b3d9dc8d419a797b7ff4fb6ddba428eTinderbox UserCLASS="replaceable"
e5a6871cd0635ecdb2bf792316a2d8c53206f4b2Tinderbox UserCLASS="optional"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="replaceable"
a05244bb01d5a5f71b2ac9abe1601589cde79570Tinderbox UserCLASS="optional"
a05244bb01d5a5f71b2ac9abe1601589cde79570Tinderbox UserCLASS="replaceable"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater>] ; ... </SPAN
e5a6871cd0635ecdb2bf792316a2d8c53206f4b2Tinderbox UserCLASS="optional"
4aec4843241dca64de7eb6363944df0b09cb83ecTinderbox User> max-ixfr-log-size <TT
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic UpdaterCLASS="replaceable"
a05244bb01d5a5f71b2ac9abe1601589cde79570Tinderbox UserCLASS="optional"
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews> coresize <TT
a05244bb01d5a5f71b2ac9abe1601589cde79570Tinderbox UserCLASS="replaceable"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="optional"
a05244bb01d5a5f71b2ac9abe1601589cde79570Tinderbox User> datasize <TT
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="replaceable"
a05244bb01d5a5f71b2ac9abe1601589cde79570Tinderbox UserCLASS="optional"
e5a6871cd0635ecdb2bf792316a2d8c53206f4b2Tinderbox UserCLASS="replaceable"
7af91d15b2ce1ce32f7320f6d5cc3b83621c241aAutomatic UpdaterCLASS="optional"
a05244bb01d5a5f71b2ac9abe1601589cde79570Tinderbox User> stacksize <TT
1b670d35282f1b9352692ad212be3c0aa97b0689Automatic UpdaterCLASS="replaceable"
ecbc7ebb243a1f8a5dc6f28185ffe9e61d3b2102Mark AndrewsCLASS="optional"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater> cleaning-interval <TT
a05244bb01d5a5f71b2ac9abe1601589cde79570Tinderbox UserCLASS="replaceable"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="optional"
e40c4e4c17d4df338e2a7db0f84d8dbb3858964cTinderbox User> heartbeat-interval <TT
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="replaceable"
36c0c1405d4dd31afaf614668f4512e69637e159Tinderbox UserCLASS="optional"
36c0c1405d4dd31afaf614668f4512e69637e159Tinderbox User> interface-interval <TT
a03cb08d0c4f1ca5fbc121d2f02bdffa7eb52286Mark AndrewsCLASS="replaceable"
e5a6871cd0635ecdb2bf792316a2d8c53206f4b2Tinderbox UserCLASS="optional"
0a2ff769ecd0b5a6bda54b62bc1ec5fa6fd198a0Tinderbox User> statistics-interval <TT
0a2ff769ecd0b5a6bda54b62bc1ec5fa6fd198a0Tinderbox UserCLASS="replaceable"
a05244bb01d5a5f71b2ac9abe1601589cde79570Tinderbox UserCLASS="optional"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater> topology [<SPAN
a05244bb01d5a5f71b2ac9abe1601589cde79570Tinderbox UserCLASS="optional"
a05244bb01d5a5f71b2ac9abe1601589cde79570Tinderbox UserCLASS="replaceable"
a05244bb01d5a5f71b2ac9abe1601589cde79570Tinderbox User>address_match_list</I
a05244bb01d5a5f71b2ac9abe1601589cde79570Tinderbox UserCLASS="optional"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater> sortlist [<SPAN
a05244bb01d5a5f71b2ac9abe1601589cde79570Tinderbox UserCLASS="optional"
a05244bb01d5a5f71b2ac9abe1601589cde79570Tinderbox UserCLASS="replaceable"
a05244bb01d5a5f71b2ac9abe1601589cde79570Tinderbox User>address_match_list</I
a05244bb01d5a5f71b2ac9abe1601589cde79570Tinderbox UserCLASS="optional"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater> rrset-order [<SPAN
a05244bb01d5a5f71b2ac9abe1601589cde79570Tinderbox UserCLASS="optional"
a05244bb01d5a5f71b2ac9abe1601589cde79570Tinderbox UserCLASS="replaceable"
a03cb08d0c4f1ca5fbc121d2f02bdffa7eb52286Mark AndrewsCLASS="optional"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="replaceable"
af60449fe472b8bea5ad04bf538c777c6b151112Tinderbox User>order_spec</I
f0c5e918974bf778af6cd1e25309ad13e30a79a6Tinderbox User> ; ... </SPAN
a03cb08d0c4f1ca5fbc121d2f02bdffa7eb52286Mark AndrewsCLASS="optional"
a03cb08d0c4f1ca5fbc121d2f02bdffa7eb52286Mark Andrews> lame-ttl <TT
dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic UpdaterCLASS="replaceable"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="optional"
114f7780384371121918624ae2c80ecfce545683Tinderbox User> max-ncache-ttl <TT
33d1cff1dd63494ffa00fac695a793f00c4ebf0bTinderbox UserCLASS="replaceable"
e40c4e4c17d4df338e2a7db0f84d8dbb3858964cTinderbox UserCLASS="optional"
169f44b082b340b952e26c0fdb930c102a957752Mark Andrews> max-cache-ttl <TT
757ff043760e4743dda1a10e7d58349275934902Tinderbox UserCLASS="replaceable"
e40c4e4c17d4df338e2a7db0f84d8dbb3858964cTinderbox UserCLASS="optional"
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User> sig-validity-interval <TT
1404d301dd9e7e487a247b803f63909cd10cdf72Tinderbox UserCLASS="replaceable"
19ad308d84cbf446a144e5a91f2032389a9d65c1Tinderbox UserCLASS="optional"
3759f10fc543747668b1ca4b4671f35b0dea8445Francis Dupont> min-roots <TT
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox UserCLASS="replaceable"
1921b850640ae984448e8b87870c8527fa9cddb6Evan HuntCLASS="optional"
1921b850640ae984448e8b87870c8527fa9cddb6Evan Hunt> use-ixfr <TT
1921b850640ae984448e8b87870c8527fa9cddb6Evan HuntCLASS="replaceable"
71fc4775d04aea66809e3eb5b5159c55413bdc5cMark AndrewsCLASS="optional"
71fc4775d04aea66809e3eb5b5159c55413bdc5cMark Andrews> treat-cr-as-space <TT
7d704e522860496310bb29c28e76064868401a9cMark AndrewsCLASS="replaceable"
cc17f4a672fc4ce67327902dd797c4465f12c4c9Mark Andrews>yes_or_no</I
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic UpdaterCLASS="optional"
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater> min-refresh-time <TT
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic UpdaterCLASS="replaceable"
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox UserCLASS="optional"
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User> max-refresh-time <TT
b7fcdb0bee7680fe9536bec3b204aea094bc514eTinderbox UserCLASS="replaceable"
f520803b46dc189fdaf84adc87ef327d3587b435Mark AndrewsCLASS="optional"
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User> min-retry-time <TT
28e0061dbcc2ae45d34541267a00d8b4de5b4a41Tinderbox UserCLASS="replaceable"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsCLASS="optional"
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews> max-retry-time <TT
280a8a0544b4aeb52414d20e8c6e6c5b1108562eTinderbox UserCLASS="replaceable"
5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox UserCLASS="optional"
8bc3d252395842452a6d2c775cf8445f6349e331Tinderbox UserCLASS="replaceable"
757ff043760e4743dda1a10e7d58349275934902Tinderbox UserCLASS="optional"
da59e63e7af147a8bcef985b98b04443e04c3a0eTinderbox User> additional-from-auth <TT
0e573cdd111e060e5f6c18249b5ccacbe8abe278Tinderbox UserCLASS="replaceable"
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic UpdaterCLASS="optional"
9cd5eb6fe0f26d65724b99216cb31dcdd12e4afdAutomatic Updater> additional-from-cache <TT
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsCLASS="replaceable"
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan HuntCLASS="optional"
015055b6e23f5c08f6a5b34726f90b62597e9e45Tinderbox User> random-device <TT
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan HuntCLASS="replaceable"
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan HuntCLASS="sect2"
1fdd58445074579ee3b65c871137a7a1740eb542Mark AndrewsCLASS="sect2"
e676a596869d8a80a644c99a848afb53d1c5975eMark AndrewsNAME="AEN1950"
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserCLASS="command"
603cf17f33da24d460616389ec40d6f2a6e110a0Automatic Updater> Statement Definition and
a03cb08d0c4f1ca5fbc121d2f02bdffa7eb52286Mark AndrewsCLASS="command"
6d114a4c5cddb176ae5199eee154c0273d652ba4Tinderbox User> statement sets up global options
71fa3534bfaf174f6a938dc1ba3522f66606c4e1Mark Andrewsto be used by <SPAN
4aec4843241dca64de7eb6363944df0b09cb83ecTinderbox UserCLASS="acronym"
7711228a135a2fe85765ba13a67b8e397ed73489Mark Andrews>. This statement may appear only once in a configuration
3759f10fc543747668b1ca4b4671f35b0dea8445Francis Dupontfile. If more than one occurrence is found, the first occurrence
9692d283bb43c9eab49a7fadfc1b74a6e20e6151Tinderbox Userdetermines the actual options used, and a warning will be generated.
b5423cbff7175727ed9046c8c670d8a7bb4d01eaTinderbox UserIf there is no <B
c505effec1da6664c37f0e4dbfc1c4f6b0e73367Tinderbox UserCLASS="command"
be0d1ec971748020cb0382e02b4642b493ea1e7bTinderbox User> statement, an options
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updaterblock with each option set to its default will be used.<DIV
22870a9f8df95488abe2b17ab92b7cb6a9fe6f14Tinderbox UserCLASS="informaltable"
5a6d22a5b3b014f6dd0b36999864bd2c3e0d8465Mark AndrewsCELLPADDING="3"
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserCLASS="CALSTABLE"
03ebc228ee3725738b067b6bd7082a9a731822a1Tinderbox UserVALIGN="MIDDLE"
7f79131f9a8e804b93c57f3c679065cce878b726Automatic UpdaterCLASS="command"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterVALIGN="MIDDLE"
9692d283bb43c9eab49a7fadfc1b74a6e20e6151Tinderbox User>The version the server should report
b5423cbff7175727ed9046c8c670d8a7bb4d01eaTinderbox Uservia a query of name <TT
59528addd704f8d5757b54e540520f74e588a7c7Automatic UpdaterCLASS="filename"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="command"
59528addd704f8d5757b54e540520f74e588a7c7Automatic UpdaterThe default is the real version number of this server.</P
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterVALIGN="MIDDLE"
8b8e37f252b0411e00a0a2775d570562aedce439Tinderbox UserCLASS="command"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterVALIGN="MIDDLE"
ba8b771c371967dd1254c7fa82ebe4158ee04b24Tinderbox User>The working directory of the server.
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsAny non-absolute pathnames in the configuration file will be taken
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updateras relative to this directory. The default location for most server
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="filename"
78bc8fdc2488c92d7228e8de19827e2c114c56caAutomatic Updater>) is this directory.
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterIf a directory is not specified, the working directory defaults
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="filename"
fe600c3ad88c0bb078283a953d048087d227c0e5Tinderbox User>', the directory from which the server
59528addd704f8d5757b54e540520f74e588a7c7Automatic Updaterwas started. The directory specified should be an absolute path.</P
7f79131f9a8e804b93c57f3c679065cce878b726Automatic UpdaterVALIGN="MIDDLE"
e705db6d5d886dc14f4a75a2046a075c0750e7eeAutomatic UpdaterCLASS="command"
f0c5e918974bf778af6cd1e25309ad13e30a79a6Tinderbox User>named-xfer</B
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsVALIGN="MIDDLE"
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox UserCLASS="emphasis"
04bc14c887243e624469fdbd336c1d3cb8ed7cc7Tinderbox User>This option is obsolete.</I
a7c412f37cc73d0332887a746e81220cbf09dd00Mark AndrewsIt was used in <SPAN
fedd407a76adfdd745eb7d2461673693c6f9fea9Mark AndrewsCLASS="acronym"
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User> 8 to specify the pathname to the <B
955ee8b865d70d02ad1fdc959382e6f8a07c1d14Tinderbox UserCLASS="command"
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark Andrews>named-xfer</B
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="acronym"
03ebc228ee3725738b067b6bd7082a9a731822a1Tinderbox User> 9, no separate <B
dbb012765c735ee0d82dedb116cdc7cf18957814Evan HuntCLASS="command"
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt>named-xfer</B
a8677ecad546c955406b341eb8344ed06768b11eTinderbox Userneeded; its functionality is built into the name server.</P
2bb3422dc683c013db7042f5736240de6b86f182Automatic UpdaterVALIGN="MIDDLE"
3759f10fc543747668b1ca4b4671f35b0dea8445Francis DupontCLASS="command"
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User>tkey-domain</B
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterVALIGN="MIDDLE"
2964b1f272bab3e7ed3fbb4a0811da5e93646d34Tinderbox User>The domain appended to the names of all
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updatershared keys generated with <B
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserCLASS="command"
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User>. When a client
03ebc228ee3725738b067b6bd7082a9a731822a1Tinderbox UserCLASS="command"
137fdbc214e99c4cbe57551e9e14f2015c2e42aeTinderbox User> exchange, it may or may not specify
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updaterthe desired name for the key. If present, the name of the shared
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox Userkey will be "<TT
03ebc228ee3725738b067b6bd7082a9a731822a1Tinderbox UserCLASS="varname"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater>client specified part</TT
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="varname"
4cde88fbf4c5e78a785d40f364cdcf60f3575f0cTinderbox User>tkey-domain</TT
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterOtherwise, the name of the shared key will be "<TT
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="varname"
a03cb08d0c4f1ca5fbc121d2f02bdffa7eb52286Mark AndrewsCLASS="varname"
681beefc668253b3e469a1de282fbc33a3752422Automatic Updater>tkey-domain</TT
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User>". In most cases,
03ebc228ee3725738b067b6bd7082a9a731822a1Tinderbox UserCLASS="command"
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User>domainname</B
0d13a9584b9f97693ab22d54322f1c484d578701Mark Andrews> should be the server's domain
4cde88fbf4c5e78a785d40f364cdcf60f3575f0cTinderbox UserVALIGN="MIDDLE"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="command"
76fbdc591b3d46df28878a6ff844798622b85265Tinderbox User>tkey-dhkey</B
e40c4e4c17d4df338e2a7db0f84d8dbb3858964cTinderbox UserVALIGN="MIDDLE"
5a6d22a5b3b014f6dd0b36999864bd2c3e0d8465Mark Andrews>The Diffie-Hellman key used by the server
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updaterto generate shared keys with clients using the Diffie-Hellman mode
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox UserCLASS="command"
a03cb08d0c4f1ca5fbc121d2f02bdffa7eb52286Mark Andrews>. The server must be able to load the
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox Userpublic and private keys from files in the working directory. In
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox Usermost cases, the keyname should be the server's host name.</P
a03cb08d0c4f1ca5fbc121d2f02bdffa7eb52286Mark AndrewsVALIGN="MIDDLE"
1fdd58445074579ee3b65c871137a7a1740eb542Mark AndrewsCLASS="command"
757ff043760e4743dda1a10e7d58349275934902Tinderbox UserVALIGN="MIDDLE"
b6e12209e3e7df826f5f8f949ad400ec6d1f6371Tinderbox User>The pathname of the file the server dumps
e08cdffb3ae4ad409f37e3e5a218fe4b7e0e3904Tinderbox Userthe database to when instructed to do so with
fe600c3ad88c0bb078283a953d048087d227c0e5Tinderbox UserCLASS="command"
0d13a9584b9f97693ab22d54322f1c484d578701Mark Andrews>rndc dumpdb</B
316cd2460aa66e157f72890974ca5c21d65e70e6Tinderbox UserIf not specified, the default is <TT
646fed0d28be4387e3e32fb0f5732a1f58b572baTinderbox UserCLASS="filename"
4aec4843241dca64de7eb6363944df0b09cb83ecTinderbox UserVALIGN="MIDDLE"
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsCLASS="command"
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews>memstatistics-file</B
4f538e852f20912e629338e911e46ce26de3e965Tinderbox UserVALIGN="MIDDLE"
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User>The pathname of the file the server writes memory
3759f10fc543747668b1ca4b4671f35b0dea8445Francis Dupontusage statistics to on exit. If not specified, the default is <TT
3759f10fc543747668b1ca4b4671f35b0dea8445Francis DupontCLASS="filename"
90ff38a0d8deaf5f9c2aa5916d99b2e572d28738Automatic Updater>Not yet implemented in <SPAN
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="acronym"
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt></BLOCKQUOTE
ce0fd07045292942bfa3e755d9ce596941528a63Automatic UpdaterVALIGN="MIDDLE"
6ee455a915d0e5cab50865da23152efe59ea1decTinderbox UserCLASS="command"
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsVALIGN="MIDDLE"
c6517a807173827b8f638d31303805ee4c1d8054Automatic Updater>The pathname of the file the server writes
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrewsits process ID in. If not specified, the default is operating system
91d187ce035f39073f0732ff2a401a45c3c955fbMark Andrewsdependent, but is usually
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="filename"
27739dd25026283c24645c8a1044b95ef9eb5ac6Tinderbox UserCLASS="filename"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterThe pid-file is used by programs that want to send signals to the running
91d187ce035f39073f0732ff2a401a45c3c955fbMark AndrewsVALIGN="MIDDLE"
f520803b46dc189fdaf84adc87ef327d3587b435Mark AndrewsCLASS="command"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater>statistics-file</B
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterVALIGN="MIDDLE"
b7f4a6fd8ac70ebf889179ee84c1dd35647bfc73Evan Hunt>The pathname of the file the server appends statistics
bac4435d473c9a0281507524f084480c34aa942aTinderbox Userto when instructed to do so using <B
dbb012765c735ee0d82dedb116cdc7cf18957814Evan HuntCLASS="command"
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt>rndc stats</B
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterIf not specified, the default is <TT
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="filename"
5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox Userserver's current directory. The format of the file is described
5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox User>Section 6.2.14.14</A
f520803b46dc189fdaf84adc87ef327d3587b435Mark AndrewsVALIGN="MIDDLE"
dbb012765c735ee0d82dedb116cdc7cf18957814Evan HuntCLASS="command"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterVALIGN="MIDDLE"
b7f4a6fd8ac70ebf889179ee84c1dd35647bfc73Evan Hunt> The UDP/TCP port number the server uses for receiving and sending DNS protocol traffic.
f2770f6b39a9b2a98afb7a11ed105f73f1570c1eAutomatic UpdaterThe default is 53. This option is mainly intended for server testing;
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updatera server using a port other than 53 will not be able to communicate with
bac4435d473c9a0281507524f084480c34aa942aTinderbox Userthe global DNS.
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserCLASS="command"
1bf507ca635310b340aea42d6c3e567819974a99Tinderbox User> option should be placed at
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox Userthe beginning of the options block, before
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox Userany other options that take port numbers or IP addresses,
03ebc228ee3725738b067b6bd7082a9a731822a1Tinderbox Userto ensure that the port value takes effect for all addresses
1bf507ca635310b340aea42d6c3e567819974a99Tinderbox Userused by the server.</P
03ebc228ee3725738b067b6bd7082a9a731822a1Tinderbox UserVALIGN="MIDDLE"
b779e1efb14f9616a35befd2b1cfc2578f1a4d70Tinderbox UserCLASS="command"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater>random-device</B
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterVALIGN="MIDDLE"
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox User> The source of entropy to be used by the server. Entropy is primarily needed
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updaterfor DNSSEC operations, such as TKEY transactions and dynamic update of signed
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updaterzones. This options specifies the device (or file) from which to read
f0c5e918974bf778af6cd1e25309ad13e30a79a6Tinderbox Userentropy. If this is a file, operations requiring entropy will fail when the
3759f10fc543747668b1ca4b4671f35b0dea8445Francis Dupontfile has been exhausted. If not specified, the default value is
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="filename"
5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox User(or equivalent) when present, and none otherwise. The
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsCLASS="command"
5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox User>random-device</B
5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox User> option takes effect during
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsthe initial configuration load at server startup time and
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updateris ignored on subsequent reloads.</P
1a63fb1d1448ed3f8fd7227ae57be67c2e71279eMark AndrewsCLASS="sect3"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterNAME="boolean_options"
933799f3641f4f78445d015008bad0038900a82aTinderbox User>6.2.14.1. Boolean Options</A
2f60dbd3787caa91e8ab1d7ae39ea312ad5ba31fAutomatic UpdaterCLASS="informaltable"
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0Mark AndrewsCELLPADDING="3"
5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox UserCLASS="CALSTABLE"
76fbdc591b3d46df28878a6ff844798622b85265Tinderbox UserVALIGN="MIDDLE"
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox UserCLASS="command"
a900e4f99ff134b567b6df5ac2c841c7d0c551d3Automatic Updater>auth-nxdomain</B
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox UserVALIGN="MIDDLE"
c288e47fb7d4baa1ed887156b1c5e5db394d4f52Tinderbox UserCLASS="userinput"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="command"
4fda24d843edac463c98785ec0c850d912592dc1Tinderbox Useris always set on NXDOMAIN responses, even if the server is not actually
015055b6e23f5c08f6a5b34726f90b62597e9e45Tinderbox Userauthoritative. The default is <TT
a04588e781b513ae3b30e061ac98035802b5e8e8Mark AndrewsCLASS="userinput"
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox Usera change from <SPAN
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox UserCLASS="acronym"
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updater> 8. If you are using very old DNS software, you
dc238a06bffa79de141ee7655765e2df91498a8aTinderbox Usermay need to set it to <TT
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic UpdaterCLASS="userinput"
827f8cccb5280f4da66c46186e792d1cb9d73503Mark AndrewsVALIGN="MIDDLE"
827f8cccb5280f4da66c46186e792d1cb9d73503Mark AndrewsCLASS="command"
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews>deallocate-on-exit</B
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsVALIGN="MIDDLE"
827f8cccb5280f4da66c46186e792d1cb9d73503Mark Andrews>This option was used in <SPAN
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsCLASS="acronym"
827f8cccb5280f4da66c46186e792d1cb9d73503Mark Andrews> 8 to enable checking
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrewsfor memory leaks on exit. <SPAN
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsCLASS="acronym"
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews> 9 ignores the option and always performs
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrewsthe checks.</P
827f8cccb5280f4da66c46186e792d1cb9d73503Mark AndrewsVALIGN="MIDDLE"
827f8cccb5280f4da66c46186e792d1cb9d73503Mark AndrewsCLASS="command"
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsVALIGN="MIDDLE"
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark AndrewsCLASS="userinput"
827f8cccb5280f4da66c46186e792d1cb9d73503Mark Andrewsserver treats all zones as if they are doing zone transfers across
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrewsa dial on demand dialup link, which can be brought up by traffic
ce9cad6bb04869c5e94d9dc721032b25117f9210Automatic Updateroriginating from this server. This has different effects according
fca737c98d2be3ef944cc96320c040fdb5f160e3Tinderbox Userto zone type and concentrates the zone maintenance so that it all
e23256e740b238bddb4ba41ffac5f81a01c92245Automatic Updaterhappens in a short interval, once every <B
a04588e781b513ae3b30e061ac98035802b5e8e8Mark AndrewsCLASS="command"
03ebc228ee3725738b067b6bd7082a9a731822a1Tinderbox User>heartbeat-interval</B
a04588e781b513ae3b30e061ac98035802b5e8e8Mark Andrewshopefully during the one call. It also suppresses some of the normal
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox Userzone maintenance traffic. The default is <TT
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserCLASS="userinput"
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox UserCLASS="command"
cd6e9010079a4e58f7e30063df3dec0ff154ad59Tinderbox Usermay also be specified in the <B
f33f2b8afe60de897c53cdcb17911f10b552699fTinderbox UserCLASS="command"
b7f4a6fd8ac70ebf889179ee84c1dd35647bfc73Evan HuntCLASS="command"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrewsin which case it overrides the global <B
91d187ce035f39073f0732ff2a401a45c3c955fbMark AndrewsCLASS="command"
e40c4e4c17d4df338e2a7db0f84d8dbb3858964cTinderbox Userthe zone is a master zone then the server will send out a NOTIFY request
3759f10fc543747668b1ca4b4671f35b0dea8445Francis Dupontto all the slaves. This will trigger the zone serial number check
22d32791e5daa0bc80335a0f10ab2de95f41ccdbTinderbox Userin the slave (providing it supports NOTIFY) allowing the slave to
3759f10fc543747668b1ca4b4671f35b0dea8445Francis Dupontverify the zone while the connection is active.</P
a03cb08d0c4f1ca5fbc121d2f02bdffa7eb52286Mark Andrewszone is a slave or stub zone, then the server will suppress the regular
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt"zone up to date" (refresh) queries and only perform them when the
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan HuntCLASS="command"
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews>heartbeat-interval</B
f190095cae5e5a8734e0ff16055488d471569499Tinderbox User> expires in addition to sending
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan HuntNOTIFY requests.</P
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt>Finer control can be achieved by using
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsCLASS="userinput"
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt> which only sends NOTIFY messages,
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsCLASS="userinput"
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt>notify-passive</B
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt> which sends NOTIFY messages and
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Huntsuppresses the normal refresh queries, <TT
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsCLASS="userinput"
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Huntwhich suppresses normal refresh processing and send refresh queries
f190095cae5e5a8734e0ff16055488d471569499Tinderbox UserCLASS="command"
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt>heartbeat-interval</B
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan Hunt> expires and
98922b2b2b024dcca25be7c220cf3b16b1e6c4b5Evan HuntCLASS="userinput"
710bce1a85c96e85ca1a90471382055acd29d51fTinderbox User> which just disables normal refresh
713c3d5b18463f2479973e4d14f73248e60a5df7Mark Andrewsprocessing.</P
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsVALIGN="MIDDLE"
280a8a0544b4aeb52414d20e8c6e6c5b1108562eTinderbox UserCLASS="command"
0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews>fake-iquery</B
e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark AndrewsVALIGN="MIDDLE"
bed0874e1a09e810575328c4bfc346a47514b69fMark AndrewsCLASS="acronym"
bed0874e1a09e810575328c4bfc346a47514b69fMark Andrews> 8, this option was used to enable simulating
bed0874e1a09e810575328c4bfc346a47514b69fMark Andrewsthe obsolete DNS query type IQUERY. <SPAN
bed0874e1a09e810575328c4bfc346a47514b69fMark AndrewsCLASS="acronym"
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User> 9 never does IQUERY simulation.</P
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox UserVALIGN="MIDDLE"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="command"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User>fetch-glue</B
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark AndrewsVALIGN="MIDDLE"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User>This option is obsolete.
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserIn BIND 8, <TT
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="userinput"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User>fetch-glue yes</B
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox Usercaused the server to attempt to fetch glue resource records it
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox Userdidn't have when constructing the additional
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrewsdata section of a response. This is now considered a bad idea
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrewsand BIND 9 never does it.</P
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserVALIGN="MIDDLE"
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark AndrewsCLASS="command"
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews>has-old-clients</B
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserVALIGN="MIDDLE"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User>This option was incorrectly implemented
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="acronym"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User> 8, and is ignored by <SPAN
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="acronym"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserTo achieve the intended effect
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="command"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User>has-old-clients</B
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="userinput"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox Userthe two separate options <B
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="command"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User>auth-nxdomain</B
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="userinput"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="command"
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updater>rfc2308-type1</B
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="userinput"
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews> instead.</P
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserVALIGN="MIDDLE"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="command"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User>host-statistics</B
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserVALIGN="MIDDLE"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User>In BIND 8, this enables keeping of
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox Userstatistics for every host that the nameserver interacts with.
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark AndrewsNot implemented in BIND 9.</P
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserVALIGN="MIDDLE"
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark AndrewsCLASS="command"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User>maintain-ixfr-base</B
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserVALIGN="MIDDLE"
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark AndrewsCLASS="emphasis"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User>This option is obsolete</I
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User It was used in <SPAN
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="acronym"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User> 8 to determine whether a transaction log was
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox Userkept for Incremental Zone Transfer. <SPAN
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="acronym"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User> 9 maintains a transaction
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox Userlog whenever possible. If you need to disable outgoing incremental zone
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox Usertransfers, use <B
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="command"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User>provide-ixfr</B
d3be47a4a841ca6fc07e8f18004cf72174e2d117Tinderbox UserCLASS="userinput"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserVALIGN="MIDDLE"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="command"
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews>multiple-cnames</B
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserVALIGN="MIDDLE"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User>This option was used in <SPAN
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="acronym"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox Usera domain name to allow multiple CNAME records in violation of the
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserDNS standards. <SPAN
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="acronym"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User> 9.1 always strictly
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox Userenforces the CNAME rules both in master files and dynamic updates.</P
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserVALIGN="MIDDLE"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="command"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserVALIGN="MIDDLE"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="userinput"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User> (the default),
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserDNS NOTIFY messages are sent when a zone the server is authoritative for
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox Userchanges, see <A
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User>Section 3.3</A
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews>. The messages are sent to the
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox Userservers listed in the zone's NS records (except the master server identified
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrewsin the SOA MNAME field), and to any servers listed in the
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="command"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User>also-notify</B
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="userinput"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User>, notifies are sent only to
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic Updaterservers explicitly listed using <B
6fe48fb46e53ffc37542853a1edb74cb481b7d94Automatic UpdaterCLASS="command"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User>also-notify</B
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="userinput"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User>, no notifies are sent.
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="command"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User> option may also be specified in the <B
3e1a17d65ec6227900f388ba2f7561365f7d4f5cTinderbox UserCLASS="command"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox Userin which case it overrides the <B
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="command"
10702d681eb650391bcaa0e2704aa3cf2dbf0e98Mark Andrews>options notify</B
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserIt would only be necessary to turn off this option if it caused slaves
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="varname"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserVALIGN="MIDDLE"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="command"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserVALIGN="MIDDLE"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="userinput"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserDNS query requests recursion, then the server will attempt to do
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox Userall the work required to answer the query. If recursion is off
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox Userand the server does not already know the answer, it will return a
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox Userreferral response. The default is <TT
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="userinput"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserNote that setting <B
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="command"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User>recursion no;</B
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User> does not prevent
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox Userclients from getting data from the server's cache; it only
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox Userprevents new data from being cached as an effect of client queries.
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCaching may still occur as an effect the server's internal
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox Useroperation, such as NOTIFY address lookups.
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="command"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User>fetch-glue</B
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserVALIGN="MIDDLE"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="command"
e9ab17d95e4288ab5ddedb7c89a9588c13c74bddMark Andrews>rfc2308-type1</B
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserVALIGN="MIDDLE"
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox User>Setting this to <TT
9f6827a4afb75224214ea96452e787e7f710b8b6Tinderbox UserCLASS="userinput"
2f60dbd3787caa91e8ab1d7ae39ea312ad5ba31fAutomatic Updatercause the server to send NS records along with the SOA record for negative
aa1d397c4736cd86540555193d71e55fa3b37b2aMark Andrewsanswers. The default is <TT
2f60dbd3787caa91e8ab1d7ae39ea312ad5ba31fAutomatic UpdaterCLASS="userinput"
200a9e7da827b67d99193bf793aea9f3e3fa1b43Tinderbox User>Not yet implemented in <SPAN
5f76877508748558eeb2e07254b0edbcbf2f2e43Tinderbox UserCLASS="acronym"
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox UserVALIGN="MIDDLE"
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox UserCLASS="command"
b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User>use-id-pool</B
0eb371ca0dab50ae3462e98794a6126198c52f4bMark AndrewsVALIGN="MIDDLE"
f190095cae5e5a8734e0ff16055488d471569499Tinderbox UserCLASS="emphasis"
ee11dfc481f2ef6a032a715454f6290961a722d2Tinderbox User>This option is obsolete</I
5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox UserCLASS="acronym"
27739dd25026283c24645c8a1044b95ef9eb5ac6Tinderbox User> 9 always allocates query IDs from a pool.</P
HREF="Bv9ARM.ch06.html#statsfile"
HREF="Bv9ARM.ch06.html#server_statement_definition_and_usage"
HREF="Bv9ARM.ch04.html#incremental_zone_transfers"
HREF="Bv9ARM.ch06.html#zone_statement_grammar"
HREF="Bv9ARM.ch06.html#address_match_lists"
HREF="Bv9ARM.ch06.html#synthesis"
HREF="Bv9ARM.ch06.html#configuration_file_elements"
HREF="Bv9ARM.ch06.html#types_of_resource_records_and_when_to_use_them"
HREF="Bv9ARM.ch06.html#topology"
> 4.9.x. Responses sent
class IN type A name "host.example.com" order random;
HREF="Bv9ARM.ch04.html#dynamic_update"
HREF="Bv9ARM.ch04.html#DNSSEC"
// Provide a complete view of the example.com zone
zone "example.com" {
file "example-internal.db";
// Provide a restricted view of the example.com zone
zone "example.com" {
file "example-external.db";
HREF="Bv9ARM.ch06.html#access_control"
HREF="Bv9ARM.ch06.html#access_control"
HREF="Bv9ARM.ch06.html#access_control"
HREF="Bv9ARM.ch06.html#dynamic_update_policies"
HREF="Bv9ARM.ch07.html#dynamic_update_security"
HREF="Bv9ARM.ch06.html#boolean_options"
HREF="Bv9ARM.ch06.html#zone_transfers"
HREF="Bv9ARM.ch06.html#zone_transfers"
HREF="Bv9ARM.ch06.html#zone_transfers"
HREF="Bv9ARM.ch06.html#zone_transfers"
HREF="Bv9ARM.ch06.html#boolean_options"
HREF="Bv9ARM.ch06.html#tuning"
HREF="Bv9ARM.ch06.html#zone_transfers"
HREF="Bv9ARM.ch06.html#zone_transfers"
HREF="Bv9ARM.ch06.html#zone_transfers"
HREF="Bv9ARM.ch06.html#zone_transfers"
HREF="Bv9ARM.ch06.html#the_sortlist_statement"
HREF="Bv9ARM.ch06.html#rrset_ordering"
HREF="Bv9ARM.ch09.html#classes_of_resource_records"
and PTR records. Entries in the in-addr.arpa domain are made in
in-addr.arpa name of
3.2.1.10.in-addr.arpa. This name should have a PTR resource record
>$ORIGIN example.com
sub /24 reverse delegations described in RFC 2317: Classless IN-ADDR.ARPA
>$ORIGIN 0.0.192.IN-ADDR.ARPA.
HREF="Bv9ARM.ch05.html"
HREF="Bv9ARM.html"
HREF="Bv9ARM.ch07.html"