named.conf

Autres langues

Langue: en

Version: Aug 13, 2004 (fedora - 06/07/09)

Section: 5 (Format de fichier)

NAME

named.conf - configuration file for named

SYNOPSIS

named.conf

DESCRIPTION

named.conf

is the configuration file for named. Statements are enclosed in braces and terminated with a semi-colon. Clauses in the statements are also semi-colon terminated. The usual comment styles are supported:

C style: /* */

C++ style: // to end of line

Unix style: # to end of line

ACL

 acl string { address_match_element; ... };
 

KEY

 key domain_name {
         algorithm string;
         secret string;
 };
 

MASTERS

 masters string [ port integer ] {
         ( masters | ipv4_address [port integer] |
         ipv6_address [port integer] ) [ key string ]; ...
 };
 

SERVER

 server ( ipv4_address[/prefixlen] | ipv6_address[/prefixlen] ) {
         bogus boolean;
         edns boolean;
         edns-udp-size integer;
         max-udp-size integer;
         provide-ixfr boolean;
         request-ixfr boolean;
         keys server_key;
         transfers integer;
         transfer-format ( many-answers | one-answer );
         transfer-source ( ipv4_address | * )
                 [ port ( integer | * ) ];
         transfer-source-v6 ( ipv6_address | * )
                 [ port ( integer | * ) ];
         support-ixfr boolean; // obsolete
 };
 

TRUSTED-KEYS

 trusted-keys {
         domain_name flags protocol algorithm key; ... 
 };
 

CONTROLS

 controls {
         inet ( ipv4_address | ipv6_address | * )
                 [ port ( integer | * ) ]
                 allow { address_match_element; ... }
                 [ keys { string; ... } ];
         unix unsupported; // not implemented
 };
 

LOGGING

 logging {
         channel string {
                 file log_file;
                 syslog optional_facility;
                 null;
                 stderr;
                 severity log_severity;
                 print-time boolean;
                 print-severity boolean;
                 print-category boolean;
         };
         category string { string; ... };
 };
 

LWRES

 lwres {
         listen-on [ port integer ] {
                 ( ipv4_address | ipv6_address ) [ port integer ]; ...
         };
         view string optional_class;
         search { string; ... };
         ndots integer;
 };
 

OPTIONS

 options {
         avoid-v4-udp-ports { port; ... };
         avoid-v6-udp-ports { port; ... };
         blackhole { address_match_element; ... };
         coresize size;
         datasize size;
         directory quoted_string;
         dump-file quoted_string;
         files size;
         heartbeat-interval integer;
         host-statistics boolean; // not implemented
         host-statistics-max number; // not implemented
         hostname ( quoted_string | none );
         interface-interval integer;
         listen-on [ port integer ] { address_match_element; ... };
         listen-on-v6 [ port integer ] { address_match_element; ... };
         match-mapped-addresses boolean;
         memstatistics-file quoted_string;
         pid-file ( quoted_string | none );
         port integer;
         querylog boolean;
         recursing-file quoted_string;
         reserved-sockets integer;
         random-device quoted_string;
         recursive-clients integer;
         serial-query-rate integer;
         server-id ( quoted_string | none |;
         stacksize size;
         statistics-file quoted_string;
         statistics-interval integer; // not yet implemented
         tcp-clients integer;
         tcp-listen-queue integer;
         tkey-dhkey quoted_string integer;
         tkey-gssapi-credential quoted_string;
         tkey-domain quoted_string;
         transfers-per-ns integer;
         transfers-in integer;
         transfers-out integer;
         use-ixfr boolean;
         version ( quoted_string | none );
         allow-recursion { address_match_element; ... };
         allow-recursion-on { address_match_element; ... };
         sortlist { address_match_element; ... };
         topology { address_match_element; ... }; // not implemented
         auth-nxdomain boolean; // default changed
         minimal-responses boolean;
         recursion boolean;
         rrset-order {
                 [ class string ] [ type string ]
                 [ name quoted_string ] string string; ...
         };
         provide-ixfr boolean;
         request-ixfr boolean;
         rfc2308-type1 boolean; // not yet implemented
         additional-from-auth boolean;
         additional-from-cache boolean;
         query-source ( ( ipv4_address | * ) | [ address ( ipv4_address | * ) ] ) [ port ( integer | * ) ];
         query-source-v6 ( ( ipv6_address | * ) | [ address ( ipv6_address | * ) ] ) [ port ( integer | * ) ];
         use-queryport-pool boolean;
         queryport-pool-ports integer;
         queryport-pool-updateinterval integer;
         cleaning-interval integer;
         min-roots integer; // not implemented
         lame-ttl integer;
         max-ncache-ttl integer;
         max-cache-ttl integer;
         transfer-format ( many-answers | one-answer );
         max-cache-size size;
         max-acache-size size;
         clients-per-query number;
         max-clients-per-query number;
         check-names ( master | slave | response )
                 ( fail | warn | ignore );
         check-mx ( fail | warn | ignore );
         check-integrity boolean;
         check-mx-cname ( fail | warn | ignore );
         check-srv-cname ( fail | warn | ignore );
         cache-file quoted_string; // test option
         suppress-initial-notify boolean; // not yet implemented
         preferred-glue string;
         dual-stack-servers [ port integer ] {
                 ( quoted_string [port integer] |
                 ipv4_address [port integer] |
                 ipv6_address [port integer] ); ...
         };
         edns-udp-size integer;
         max-udp-size integer;
         root-delegation-only [ exclude { quoted_string; ... } ];
         disable-algorithms string { string; ... };
         dnssec-enable boolean;
         dnssec-validation boolean;
         dnssec-lookaside string trust-anchor string;
         dnssec-must-be-secure string boolean;
         dnssec-accept-expired boolean;
         empty-server string;
         empty-contact string;
         empty-zones-enable boolean;
         disable-empty-zone string;
         dialup dialuptype;
         ixfr-from-differences ixfrdiff;
         allow-query { address_match_element; ... };
         allow-query-on { address_match_element; ... };
         allow-query-cache { address_match_element; ... };
         allow-query-cache-on { address_match_element; ... };
         allow-transfer { address_match_element; ... };
         allow-update { address_match_element; ... };
         allow-update-forwarding { address_match_element; ... };
         update-check-ksk boolean;
         masterfile-format ( text | raw );
         notify notifytype;
         notify-source ( ipv4_address | * ) [ port ( integer | * ) ];
         notify-source-v6 ( ipv6_address | * ) [ port ( integer | * ) ];
         notify-delay seconds;
         notify-to-soa boolean;
         also-notify [ port integer ] { ( ipv4_address | ipv6_address )
                 [ port integer ]; ... };
         allow-notify { address_match_element; ... };
         forward ( first | only );
         forwarders [ port integer ] {
                 ( ipv4_address | ipv6_address ) [ port integer ]; ...
         };
         max-journal-size size_no_default;
         max-transfer-time-in integer;
         max-transfer-time-out integer;
         max-transfer-idle-in integer;
         max-transfer-idle-out integer;
         max-retry-time integer;
         min-retry-time integer;
         max-refresh-time integer;
         min-refresh-time integer;
         multi-master boolean;
         sig-validity-interval integer;
         sig-re-signing-interval integer;
         sig-signing-nodes integer;
         sig-signing-signatures integer;
         sig-signing-type integer;
         transfer-source ( ipv4_address | * )
                 [ port ( integer | * ) ];
         transfer-source-v6 ( ipv6_address | * )
                 [ port ( integer | * ) ];
         alt-transfer-source ( ipv4_address | * )
                 [ port ( integer | * ) ];
         alt-transfer-source-v6 ( ipv6_address | * )
                 [ port ( integer | * ) ];
         use-alt-transfer-source boolean;
         zone-statistics boolean;
         key-directory quoted_string;
         try-tcp-refresh boolean;
         zero-no-soa-ttl boolean;
         zero-no-soa-ttl-cache boolean;
         nsec3-test-zone boolean;  // testing only
         allow-v6-synthesis { address_match_element; ... }; // obsolete
         deallocate-on-exit boolean; // obsolete
         fake-iquery boolean; // obsolete
         fetch-glue boolean; // obsolete
         has-old-clients boolean; // obsolete
         maintain-ixfr-base boolean; // obsolete
         max-ixfr-log-size size; // obsolete
         multiple-cnames boolean; // obsolete
         named-xfer quoted_string; // obsolete
         serial-queries integer; // obsolete
         treat-cr-as-space boolean; // obsolete
         use-id-pool boolean; // obsolete
 };
 

VIEW

 view string optional_class {
         match-clients { address_match_element; ... };
         match-destinations { address_match_element; ... };
         match-recursive-only boolean;
         key string {
                 algorithm string;
                 secret string;
         };
         zone string optional_class {
                 ...
         };
         server ( ipv4_address[/prefixlen] | ipv6_address[/prefixlen] ) {
                 ...
         };
         trusted-keys {
                 string integer integer integer quoted_string; ...
         };
         allow-recursion { address_match_element; ... };
         allow-recursion-on { address_match_element; ... };
         sortlist { address_match_element; ... };
         topology { address_match_element; ... }; // not implemented
         auth-nxdomain boolean; // default changed
         minimal-responses boolean;
         recursion boolean;
         rrset-order {
                 [ class string ] [ type string ]
                 [ name quoted_string ] string string; ...
         };
         provide-ixfr boolean;
         request-ixfr boolean;
         rfc2308-type1 boolean; // not yet implemented
         additional-from-auth boolean;
         additional-from-cache boolean;
         query-source ( ( ipv4_address | * ) | [ address ( ipv4_address | * ) ] ) [ port ( integer | * ) ];
         query-source-v6 ( ( ipv6_address | * ) | [ address ( ipv6_address | * ) ] ) [ port ( integer | * ) ];
         use-queryport-pool boolean;
         queryport-pool-ports integer;
         queryport-pool-updateinterval integer;
         cleaning-interval integer;
         min-roots integer; // not implemented
         lame-ttl integer;
         max-ncache-ttl integer;
         max-cache-ttl integer;
         transfer-format ( many-answers | one-answer );
         max-cache-size size;
         max-acache-size size;
         clients-per-query number;
         max-clients-per-query number;
         check-names ( master | slave | response )
                 ( fail | warn | ignore );
         check-mx ( fail | warn | ignore );
         check-integrity boolean;
         check-mx-cname ( fail | warn | ignore );
         check-srv-cname ( fail | warn | ignore );
         cache-file quoted_string; // test option
         suppress-initial-notify boolean; // not yet implemented
         preferred-glue string;
         dual-stack-servers [ port integer ] {
                 ( quoted_string [port integer] |
                 ipv4_address [port integer] |
                 ipv6_address [port integer] ); ...
         };
         edns-udp-size integer;
         max-udp-size integer;
         root-delegation-only [ exclude { quoted_string; ... } ];
         disable-algorithms string { string; ... };
         dnssec-enable boolean;
         dnssec-validation boolean;
         dnssec-lookaside string trust-anchor string;
         dnssec-must-be-secure string boolean;
         dnssec-accept-expired boolean;
         empty-server string;
         empty-contact string;
         empty-zones-enable boolean;
         disable-empty-zone string;
         dialup dialuptype;
         ixfr-from-differences ixfrdiff;
         allow-query { address_match_element; ... };
         allow-query-on { address_match_element; ... };
         allow-query-cache { address_match_element; ... };
         allow-query-cache-on { address_match_element; ... };
         allow-transfer { address_match_element; ... };
         allow-update { address_match_element; ... };
         allow-update-forwarding { address_match_element; ... };
         update-check-ksk boolean;
         masterfile-format ( text | raw );
         notify notifytype;
         notify-source ( ipv4_address | * ) [ port ( integer | * ) ];
         notify-source-v6 ( ipv6_address | * ) [ port ( integer | * ) ];
         notify-delay seconds;
         notify-to-soa boolean;
         also-notify [ port integer ] { ( ipv4_address | ipv6_address )
                 [ port integer ]; ... };
         allow-notify { address_match_element; ... };
         forward ( first | only );
         forwarders [ port integer ] {
                 ( ipv4_address | ipv6_address ) [ port integer ]; ...
         };
         max-journal-size size_no_default;
         max-transfer-time-in integer;
         max-transfer-time-out integer;
         max-transfer-idle-in integer;
         max-transfer-idle-out integer;
         max-retry-time integer;
         min-retry-time integer;
         max-refresh-time integer;
         min-refresh-time integer;
         multi-master boolean;
         sig-validity-interval integer;
         transfer-source ( ipv4_address | * )
                 [ port ( integer | * ) ];
         transfer-source-v6 ( ipv6_address | * )
                 [ port ( integer | * ) ];
         alt-transfer-source ( ipv4_address | * )
                 [ port ( integer | * ) ];
         alt-transfer-source-v6 ( ipv6_address | * )
                 [ port ( integer | * ) ];
         use-alt-transfer-source boolean;
         zone-statistics boolean;
         try-tcp-refresh boolean;
         key-directory quoted_string;
         zero-no-soa-ttl boolean;
         zero-no-soa-ttl-cache boolean;
         allow-v6-synthesis { address_match_element; ... }; // obsolete
         fetch-glue boolean; // obsolete
         maintain-ixfr-base boolean; // obsolete
         max-ixfr-log-size size; // obsolete
 };
 

ZONE

 zone string optional_class {
         type ( master | slave | stub | hint |
                 forward | delegation-only );
         file quoted_string;
         masters [ port integer ] {
                 ( masters |
                 ipv4_address [port integer] |
                 ipv6_address [ port integer ] ) [ key string ]; ...
         };
         database string;
         delegation-only boolean;
         check-names ( fail | warn | ignore );
         check-mx ( fail | warn | ignore );
         check-integrity boolean;
         check-mx-cname ( fail | warn | ignore );
         check-srv-cname ( fail | warn | ignore );
         dialup dialuptype;
         ixfr-from-differences boolean;
         journal quoted_string;
         zero-no-soa-ttl boolean;
         allow-query { address_match_element; ... };
         allow-query-on { address_match_element; ... };
         allow-transfer { address_match_element; ... };
         allow-update { address_match_element; ... };
         allow-update-forwarding { address_match_element; ... };
         update-policy {
                 ( grant | deny ) string
                 ( name | subdomain | wildcard | self | selfsub | selfwild |
                   krb5-self | ms-self | krb5-subdomain | ms-subdomain |
                   tcp-self | 6to4-self ) string
                 rrtypelist; ...
         };
         update-check-ksk boolean;
         masterfile-format ( text | raw );
         notify notifytype;
         notify-source ( ipv4_address | * ) [ port ( integer | * ) ];
         notify-source-v6 ( ipv6_address | * ) [ port ( integer | * ) ];
         notify-delay seconds;
         notify-to-soa boolean;
         also-notify [ port integer ] { ( ipv4_address | ipv6_address )
                 [ port integer ]; ... };
         allow-notify { address_match_element; ... };
         forward ( first | only );
         forwarders [ port integer ] {
                 ( ipv4_address | ipv6_address ) [ port integer ]; ...
         };
         max-journal-size size_no_default;
         max-transfer-time-in integer;
         max-transfer-time-out integer;
         max-transfer-idle-in integer;
         max-transfer-idle-out integer;
         max-retry-time integer;
         min-retry-time integer;
         max-refresh-time integer;
         min-refresh-time integer;
         multi-master boolean;
         sig-validity-interval integer;
         transfer-source ( ipv4_address | * )
                 [ port ( integer | * ) ];
         transfer-source-v6 ( ipv6_address | * )
                 [ port ( integer | * ) ];
         alt-transfer-source ( ipv4_address | * )
                 [ port ( integer | * ) ];
         alt-transfer-source-v6 ( ipv6_address | * )
                 [ port ( integer | * ) ];
         use-alt-transfer-source boolean;
         zone-statistics boolean;
         try-tcp-refresh boolean;
         key-directory quoted_string;
         nsec3-test-zone boolean;  // testing only
         ixfr-base quoted_string; // obsolete
         ixfr-tmp-file quoted_string; // obsolete
         maintain-ixfr-base boolean; // obsolete
         max-ixfr-log-size size; // obsolete
         pubkey integer integer integer quoted_string; // obsolete
 };
 

FILES

/etc/named.conf

SEE ALSO

named(8), named-checkconf(8), rndc(8), BIND 9 Administrator Reference Manual.

Copyright © 2004-2008 Internet Systems Consortium, Inc. ("ISC")