examples/hierarchical/named.conf

/*****************************************************************
**
**      #(@)    named.conf  (c) 6. May 2004 (hoz)
**
*****************************************************************/

/*****************************************************************
**      logging options
*****************************************************************/
logging {
        channel "named-log" {
                file "/var/log/named" versions 3 size 2m;
                print-time yes;
                print-category yes;
                print-severity yes;
                severity info;
        };
        channel "resolver-log" {
                file "/var/log/named";
                print-time yes;
                print-category yes;
                print-severity yes;
                severity debug 1;
        };
        channel "dnssec-log" {
#                file "/var/log/named-dnssec" ;
                file "/var/log/named" ;
                print-time yes;
                print-category yes;
                print-severity yes;
                severity debug 3;
        };
        category "dnssec" { "dnssec-log"; };
        category "default" { "named-log"; };
        category "resolver" { "resolver-log"; };
        category "client" { "resolver-log"; };
        category "queries" { "resolver-log"; };
};

/*****************************************************************
**      name server options
*****************************************************************/
options {
    directory ".";

    dump-file "/var/log/named_dump.db";
    statistics-file "/var/log/named.stats";

    listen-on-v6 { any; };

    query-source address * port 53;
    transfer-source * port 53;
    notify-source * port 53;

    recursion yes;
    dnssec-enable yes;
    edns-udp-size 4096;

#   dnssec-lookaside "." trust-anchor "trusted-keys.de.";

    querylog yes;

};

/*****************************************************************
**      include shared secrets...
*****************************************************************/
/**      for control sessions ...   **/
#   include "rndc.key";
controls {
    inet 127.0.0.1
        allow { localhost; }
        keys { "rndc-key"; };
    inet ::1
        allow { localhost; }
        keys { "rndc-key"; };
};

/*****************************************************************
**      ... and trusted_keys
*****************************************************************/
# include "trusted-keys.conf" ;

/*****************************************************************
**      root server hints and required 127 stuff
*****************************************************************/
zone "." in {
    type hint;
    file "root.hint";
};

zone "localhost" in {
    type master;
    file "localhost.zone";
};

zone "0.0.127.in-addr.arpa" in {
    type master;
    file "127.0.0.zone";
};

include "zone.conf";