upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-08 22:32:07 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

1701. [doc] A minimal named.conf man page.

Browse source
This commit is contained in:
Mark Andrews 2004-08-20 21:33:14 +00:00
parent 3b71206de9
commit 689023771c
4 changed files with 3595 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
CHANGES
View file

@ -1,3 +1,5 @@
1701. [doc] A minimal named.conf man page.
1700. [func] nslookup is no longer to be treated as deprecated.
Remove "deprecated" warning message. Add man page.

474
bin/named/named.conf.5 Normal file
View file

@ -0,0 +1,474 @@
.\"
.\" Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.TH "NAMED.CONF" "5" "Aug 13, 2004" "BIND9" ""
.SH NAME
named.conf \- configuration file for named
.SH SYNOPSIS
.sp
\fBnamed.conf\fR
.SH "DESCRIPTION"
.PP
\fInamed.conf\fR is the configuration file for
\fBnamed\fR. Statements are enclosed
in braces and terminated with a semi-colon. Clauses in
the statements are also semi-colon terminated. The usual
comment styles are supported:
.PP
C style: /* */
.PP
C++ style: // to end of line
.PP
Unix style: # to end of line
.SH "ACL"
.sp
.nf
acl \fIstring\fR { \fIaddress_match_element\fR; ... };
.sp
.fi
.SH "KEY"
.sp
.nf
key \fIdomain_name\fR {
algorithm \fIstring\fR;
secret \fIstring\fR;
};
.sp
.fi
.SH "MASTERS"
.sp
.nf
masters \fIstring\fR [ port \fIinteger\fR ] {
( \fImasters\fR | \fIipv4_address\fR [port \fIinteger\fR] |
\fIipv6_address\fR [port \fIinteger\fR] ) [ key \fIstring\fR ]; ...
};
.sp
.fi
.SH "SERVER"
.sp
.nf
server ( \fIipv4_address\fR | \fIipv6_address\fR ) {
bogus \fIboolean\fR;
edns \fIboolean\fR;
provide-ixfr \fIboolean\fR;
request-ixfr \fIboolean\fR;
keys \fIserver_key\fR;
transfers \fIinteger\fR;
transfer-format ( many-answers | one-answer );
transfer-source ( \fIipv4_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
transfer-source-v6 ( \fIipv6_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
support-ixfr \fIboolean\fR; // obsolete
};
.sp
.fi
.SH "TRUSTED-KEYS"
.sp
.nf
trusted-keys {
\fIdomain_name\fR \fIflags\fR \fIprotocol\fR \fIalgorithm\fR \fIkey\fR; ...
};
.sp
.fi
.SH "CONTROLS"
.sp
.nf
controls {
inet ( \fIipv4_address\fR | \fIipv6_address\fR | * )
[ port ( \fIinteger\fR | * ) ]
allow { \fIaddress_match_element\fR; ... }
[ keys { \fIstring\fR; ... } ];
unix \fIunsupported\fR; // not implemented
};
.sp
.fi
.SH "LOGGING"
.sp
.nf
logging {
channel \fIstring\fR {
file \fIlog_file\fR;
syslog \fIoptional_facility\fR;
null;
stderr;
severity \fIlog_severity\fR;
print-time \fIboolean\fR;
print-severity \fIboolean\fR;
print-category \fIboolean\fR;
};
category \fIstring\fR { \fIstring\fR; ... };
};
.sp
.fi
.SH "LWRES"
.sp
.nf
lwres {
listen-on [ port \fIinteger\fR ] {
( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ...
};
view \fIstring\fR \fIoptional_class\fR;
search { \fIstring\fR; ... };
ndots \fIinteger\fR;
};
.sp
.fi
.SH "OPTIONS"
.sp
.nf
options {
avoid-v4-udp-ports { \fIport\fR; ... };
avoid-v6-udp-ports { \fIport\fR; ... };
blackhole { \fIaddress_match_element\fR; ... };
coresize \fIsize\fR;
datasize \fIsize\fR;
directory \fIquoted_string\fR;
dump-file \fIquoted_string\fR;
files \fIsize\fR;
heartbeat-interval \fIinteger\fR;
host-statistics \fIboolean\fR; // not implemented
hostname ( \fIquoted_string\fR | none );
interface-interval \fIinteger\fR;
listen-on [ port \fIinteger\fR ] { \fIaddress_match_element\fR; ... };
listen-on-v6 [ port \fIinteger\fR ] { \fIaddress_match_element\fR; ... };
match-mapped-addresses \fIboolean\fR;
memstatistics-file \fIquoted_string\fR;
pid-file ( \fIquoted_string\fR | none );
port \fIinteger\fR;
querylog \fIboolean\fR;
recursing-file \fIquoted_string\fR;
random-device \fIquoted_string\fR;
recursive-clients \fIinteger\fR;
serial-query-rate \fIinteger\fR;
server-id ( \fIquoted_string\fR | none |;
stacksize \fIsize\fR;
statistics-file \fIquoted_string\fR;
statistics-interval \fIinteger\fR; // not yet implemented
tcp-clients \fIinteger\fR;
tcp-listen-queue \fIinteger\fR;
tkey-dhkey \fIquoted_string\fR \fIinteger\fR;
tkey-gssapi-credential \fIquoted_string\fR;
tkey-domain \fIquoted_string\fR;
transfers-per-ns \fIinteger\fR;
transfers-in \fIinteger\fR;
transfers-out \fIinteger\fR;
use-ixfr \fIboolean\fR;
version ( \fIquoted_string\fR | none );
allow-recursion { \fIaddress_match_element\fR; ... };
sortlist { \fIaddress_match_element\fR; ... };
topology { \fIaddress_match_element\fR; ... }; // not implemented
auth-nxdomain \fIboolean\fR; // default changed
minimal-responses \fIboolean\fR;
recursion \fIboolean\fR;
rrset-order {
[ class \fIstring\fR ] [ type \fIstring\fR ]
[ name \fIquoted_string\fR ] \fIstring\fR \fIstring\fR; ...
};
provide-ixfr \fIboolean\fR;
request-ixfr \fIboolean\fR;
rfc2308-type1 \fIboolean\fR; // not yet implemented
additional-from-auth \fIboolean\fR;
additional-from-cache \fIboolean\fR;
query-source \fIquerysource4\fR;
query-source-v6 \fIquerysource6\fR;
cleaning-interval \fIinteger\fR;
min-roots \fIinteger\fR; // not implemented
lame-ttl \fIinteger\fR;
max-ncache-ttl \fIinteger\fR;
max-cache-ttl \fIinteger\fR;
transfer-format ( many-answers | one-answer );
max-cache-size \fIsize_no_default\fR;
check-names ( master | slave | response )
( fail | warn | ignore );
cache-file \fIquoted_string\fR;
suppress-initial-notify \fIboolean\fR; // not yet implemented
preferred-glue \fIstring\fR;
dual-stack-servers [ port \fIinteger\fR ] {
( \fIquoted_string\fR [port \fIinteger\fR] |
\fIipv4_address\fR [port \fIinteger\fR] |
\fIipv6_address\fR [port \fIinteger\fR] ); ...
}
edns-udp-size \fIinteger\fR;
root-delegation-only [ exclude { \fIquoted_string\fR; ... } ];
disable-algorithms \fIstring\fR { \fIstring\fR; ... };
dnssec-enable \fIboolean\fR;
dnssec-lookaside \fIstring\fR trust-anchor \fIstring\fR;
dnssec-must-be-secure \fIstring\fR \fIboolean\fR;
dialup \fIdialuptype\fR;
ixfr-from-differences \fIixfrdiff\fR;
allow-query { \fIaddress_match_element\fR; ... };
allow-transfer { \fIaddress_match_element\fR; ... };
allow-update-forwarding { \fIaddress_match_element\fR; ... };
notify \fInotifytype\fR;
notify-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
notify-source-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
also-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \fIipv6_address\fR )
[ port \fIinteger\fR ]; ... };
allow-notify { \fIaddress_match_element\fR; ... };
forward ( first | only );
forwarders [ port \fIinteger\fR ] {
( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ...
};
max-journal-size \fIsize_no_default\fR;
max-transfer-time-in \fIinteger\fR;
max-transfer-time-out \fIinteger\fR;
max-transfer-idle-in \fIinteger\fR;
max-transfer-idle-out \fIinteger\fR;
max-retry-time \fIinteger\fR;
min-retry-time \fIinteger\fR;
max-refresh-time \fIinteger\fR;
min-refresh-time \fIinteger\fR;
multi-master \fIboolean\fR;
sig-validity-interval \fIinteger\fR;
transfer-source ( \fIipv4_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
transfer-source-v6 ( \fIipv6_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
alt-transfer-source ( \fIipv4_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
alt-transfer-source-v6 ( \fIipv6_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
use-alt-transfer-source \fIboolean\fR;
zone-statistics \fIboolean\fR;
key-directory \fIquoted_string\fR;
allow-v6-synthesis { \fIaddress_match_element\fR; ... }; // obsolete
deallocate-on-exit \fIboolean\fR; // obsolete
fake-iquery \fIboolean\fR; // obsolete
fetch-glue \fIboolean\fR; // obsolete
has-old-clients \fIboolean\fR; // obsolete
maintain-ixfr-base \fIboolean\fR; // obsolete
max-ixfr-log-size \fIsize\fR; // obsolete
multiple-cnames \fIboolean\fR; // obsolete
named-xfer \fIquoted_string\fR; // obsolete
serial-queries \fIinteger\fR; // obsolete
treat-cr-as-space \fIboolean\fR; // obsolete
use-id-pool \fIboolean\fR; // obsolete
};
.sp
.fi
.SH "VIEW"
.sp
.nf
view \fIstring\fR \fIoptional_class\fR {
match-clients { \fIaddress_match_element\fR; ... };
match-destinations { \fIaddress_match_element\fR; ... };
match-recursive-only \fIboolean\fR;
key \fIstring\fR {
algorithm \fIstring\fR;
secret \fIstring\fR;
};
zone \fIstring\fR \fIoptional_class\fR {
...
};
server ( \fIipv4_address\fR | \fIipv6_address\fR ) {
...
};
trusted-keys {
\fIstring\fR \fIinteger\fR \fIinteger\fR \fIinteger\fR \fIquoted_string\fR; ...
};
allow-recursion { \fIaddress_match_element\fR; ... };
sortlist { \fIaddress_match_element\fR; ... };
topology { \fIaddress_match_element\fR; ... }; // not implemented
auth-nxdomain \fIboolean\fR; // default changed
minimal-responses \fIboolean\fR;
recursion \fIboolean\fR;
rrset-order {
[ class \fIstring\fR ] [ type \fIstring\fR ]
[ name \fIquoted_string\fR ] \fIstring\fR \fIstring\fR; ...
};
provide-ixfr \fIboolean\fR;
request-ixfr \fIboolean\fR;
rfc2308-type1 \fIboolean\fR; // not yet implemented
additional-from-auth \fIboolean\fR;
additional-from-cache \fIboolean\fR;
query-source \fIquerysource4\fR;
query-source-v6 \fIquerysource6\fR;
cleaning-interval \fIinteger\fR;
min-roots \fIinteger\fR; // not implemented
lame-ttl \fIinteger\fR;
max-ncache-ttl \fIinteger\fR;
max-cache-ttl \fIinteger\fR;
transfer-format ( many-answers | one-answer );
max-cache-size \fIsize_no_default\fR;
check-names ( master | slave | response )
( fail | warn | ignore );
cache-file \fIquoted_string\fR;
suppress-initial-notify \fIboolean\fR; // not yet implemented
preferred-glue \fIstring\fR;
dual-stack-servers [ port \fIinteger\fR ] {
( \fIquoted_string\fR [port \fIinteger\fR] |
\fIipv4_address\fR [port \fIinteger\fR] |
\fIipv6_address\fR [port \fIinteger\fR] ); ...
};
edns-udp-size \fIinteger\fR;
root-delegation-only [ exclude { \fIquoted_string\fR; ... } ];
disable-algorithms \fIstring\fR { \fIstring\fR; ... };
dnssec-enable \fIboolean\fR;
dnssec-lookaside \fIstring\fR trust-anchor \fIstring\fR;
dnssec-must-be-secure \fIstring\fR \fIboolean\fR;
dialup \fIdialuptype\fR;
ixfr-from-differences \fIixfrdiff\fR;
allow-query { \fIaddress_match_element\fR; ... };
allow-transfer { \fIaddress_match_element\fR; ... };
allow-update-forwarding { \fIaddress_match_element\fR; ... };
notify \fInotifytype\fR;
notify-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
notify-source-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
also-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \fIipv6_address\fR )
[ port \fIinteger\fR ]; ... };
allow-notify { \fIaddress_match_element\fR; ... };
forward ( first | only );
forwarders [ port \fIinteger\fR ] {
( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ...
};
max-journal-size \fIsize_no_default\fR;
max-transfer-time-in \fIinteger\fR;
max-transfer-time-out \fIinteger\fR;
max-transfer-idle-in \fIinteger\fR;
max-transfer-idle-out \fIinteger\fR;
max-retry-time \fIinteger\fR;
min-retry-time \fIinteger\fR;
max-refresh-time \fIinteger\fR;
min-refresh-time \fIinteger\fR;
multi-master \fIboolean\fR;
sig-validity-interval \fIinteger\fR;
transfer-source ( \fIipv4_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
transfer-source-v6 ( \fIipv6_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
alt-transfer-source ( \fIipv4_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
alt-transfer-source-v6 ( \fIipv6_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
use-alt-transfer-source \fIboolean\fR;
zone-statistics \fIboolean\fR;
key-directory \fIquoted_string\fR;
allow-v6-synthesis { \fIaddress_match_element\fR; ... }; // obsolete
fetch-glue \fIboolean\fR; // obsolete
maintain-ixfr-base \fIboolean\fR; // obsolete
max-ixfr-log-size \fIsize\fR; // obsolete
};
.sp
.fi
.SH "ZONE"
.sp
.nf
zone \fIstring\fR \fIoptional_class\fR {
type ( master | slave | stub | hint |
forward | delegation-only );
file \fIquoted_string\fR;
masters [ port \fIinteger\fR ] {
( \fImasters\fR |
\fIipv4_address\fR [port \fIinteger\fR] |
\fIipv6_address\fR [ port \fIinteger\fR ] ) [ key \fIstring\fR ]; ...
};
database \fIstring\fR;
delegation-only \fIboolean\fR;
check-names ( fail | warn | ignore );
dialup \fIdialuptype\fR;
ixfr-from-differences \fIboolean\fR;
allow-query { \fIaddress_match_element\fR; ... };
allow-transfer { \fIaddress_match_element\fR; ... };
allow-update { \fIaddress_match_element\fR; ... };
allow-update-forwarding { \fIaddress_match_element\fR; ... };
update-policy {
( grant | deny ) \fIstring\fR
( name | subdomain | wildcard | self ) \fIstring\fR
\fIrrtypelist\fR; ...
};
notify \fInotifytype\fR;
notify-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
notify-source-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
also-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \fIipv6_address\fR )
[ port \fIinteger\fR ]; ... };
allow-notify { \fIaddress_match_element\fR; ... };
forward ( first | only );
forwarders [ port \fIinteger\fR ] {
( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ...
};
max-journal-size \fIsize_no_default\fR;
max-transfer-time-in \fIinteger\fR;
max-transfer-time-out \fIinteger\fR;
max-transfer-idle-in \fIinteger\fR;
max-transfer-idle-out \fIinteger\fR;
max-retry-time \fIinteger\fR;
min-retry-time \fIinteger\fR;
max-refresh-time \fIinteger\fR;
min-refresh-time \fIinteger\fR;
multi-master \fIboolean\fR;
sig-validity-interval \fIinteger\fR;
transfer-source ( \fIipv4_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
transfer-source-v6 ( \fIipv6_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
alt-transfer-source ( \fIipv4_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
alt-transfer-source-v6 ( \fIipv6_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
use-alt-transfer-source \fIboolean\fR;
zone-statistics \fIboolean\fR;
key-directory \fIquoted_string\fR;
ixfr-base \fIquoted_string\fR; // obsolete
ixfr-tmp-file \fIquoted_string\fR; // obsolete
maintain-ixfr-base \fIboolean\fR; // obsolete
max-ixfr-log-size \fIsize\fR; // obsolete
pubkey \fIinteger\fR \fIinteger\fR \fIinteger\fR \fIquoted_string\fR; // obsolete
};
.sp
.fi
.SH "FILES"
.PP
\fI/etc/named.conf\fR
.SH "SEE ALSO"
.PP
\fBnamed\fR(8),
\fBrndc\fR(8),
\fBBIND 9 Adminstrators Reference Manual\fR.

532
bin/named/named.conf.docbook Normal file
View file

@ -0,0 +1,532 @@
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN">
<!--
- Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: named.conf.docbook,v 1.1 2004/08/20 21:33:14 marka Exp $ -->
<refentry>
<refentryinfo>
<date>Aug 13, 2004</date>
</refentryinfo>
<refmeta>
<refentrytitle><filename>named.conf</filename></refentrytitle>
<manvolnum>5</manvolnum>
<refmiscinfo>BIND9</refmiscinfo>
</refmeta>
<refnamediv>
<refname><filename>named.conf</filename></refname>
<refpurpose>configuration file for named</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>named.conf</command>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1>
<title>DESCRIPTION</title>
<para>
<filename>named.conf</filename> is the configuration file for
<command>named</command>. Statements are enclosed
in braces and terminated with a semi-colon. Clauses in
the statements are also semi-colon terminated. The usual
comment styles are supported:
</para>
<para>
C style: /* */
</para>
<para>
C++ style: // to end of line
</para>
<para>
Unix style: # to end of line
</para>
</refsect1>
<refsect1>
<title>ACL</title>
<LITERALLAYOUT>
acl <replaceable>string</replaceable> { <replaceable>address_match_element</replaceable>; ... };
</LITERALLAYOUT>
</refsect1>
<refsect1>
<title>KEY</title>
<LITERALLAYOUT>
key <replaceable>domain_name</replaceable> {
algorithm <replaceable>string</replaceable>;
secret <replaceable>string</replaceable>;
};
</LITERALLAYOUT>
</refsect1>
<refsect1>
<title>MASTERS</title>
<LITERALLAYOUT>
masters <replaceable>string</replaceable> <optional> port <replaceable>integer</replaceable> </optional> {
( <replaceable>masters</replaceable> | <replaceable>ipv4_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> |
<replaceable>ipv6_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> ) <optional> key <replaceable>string</replaceable> </optional>; ...
};
</LITERALLAYOUT>
</refsect1>
<refsect1>
<title>SERVER</title>
<LITERALLAYOUT>
server ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> ) {
bogus <replaceable>boolean</replaceable>;
edns <replaceable>boolean</replaceable>;
provide-ixfr <replaceable>boolean</replaceable>;
request-ixfr <replaceable>boolean</replaceable>;
keys <replaceable>server_key</replaceable>;
transfers <replaceable>integer</replaceable>;
transfer-format ( many-answers | one-answer );
transfer-source ( <replaceable>ipv4_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
support-ixfr <replaceable>boolean</replaceable>; // obsolete
};
</LITERALLAYOUT>
</refsect1>
<refsect1>
<title>TRUSTED-KEYS</title>
<LITERALLAYOUT>
trusted-keys {
<replaceable>domain_name</replaceable> <replaceable>flags</replaceable> <replaceable>protocol</replaceable> <replaceable>algorithm</replaceable> <replaceable>key</replaceable>; ...
};
</LITERALLAYOUT>
</refsect1>
<refsect1>
<title>CONTROLS</title>
<LITERALLAYOUT>
controls {
inet ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>
allow { <replaceable>address_match_element</replaceable>; ... }
<optional> keys { <replaceable>string</replaceable>; ... } </optional>;
unix <replaceable>unsupported</replaceable>; // not implemented
};
</LITERALLAYOUT>
</refsect1>
<refsect1>
<title>LOGGING</title>
<LITERALLAYOUT>
logging {
channel <replaceable>string</replaceable> {
file <replaceable>log_file</replaceable>;
syslog <replaceable>optional_facility</replaceable>;
null;
stderr;
severity <replaceable>log_severity</replaceable>;
print-time <replaceable>boolean</replaceable>;
print-severity <replaceable>boolean</replaceable>;
print-category <replaceable>boolean</replaceable>;
};
category <replaceable>string</replaceable> { <replaceable>string</replaceable>; ... };
};
</LITERALLAYOUT>
</refsect1>
<refsect1>
<title>LWRES</title>
<LITERALLAYOUT>
lwres {
listen-on <optional> port <replaceable>integer</replaceable> </optional> {
( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> ) <optional> port <replaceable>integer</replaceable> </optional>; ...
};
view <replaceable>string</replaceable> <replaceable>optional_class</replaceable>;
search { <replaceable>string</replaceable>; ... };
ndots <replaceable>integer</replaceable>;
};
</LITERALLAYOUT>
</refsect1>
<refsect1>
<title>OPTIONS</title>
<LITERALLAYOUT>
options {
avoid-v4-udp-ports { <replaceable>port</replaceable>; ... };
avoid-v6-udp-ports { <replaceable>port</replaceable>; ... };
blackhole { <replaceable>address_match_element</replaceable>; ... };
coresize <replaceable>size</replaceable>;
datasize <replaceable>size</replaceable>;
directory <replaceable>quoted_string</replaceable>;
dump-file <replaceable>quoted_string</replaceable>;
files <replaceable>size</replaceable>;
heartbeat-interval <replaceable>integer</replaceable>;
host-statistics <replaceable>boolean</replaceable>; // not implemented
hostname ( <replaceable>quoted_string</replaceable> | none );
interface-interval <replaceable>integer</replaceable>;
listen-on <optional> port <replaceable>integer</replaceable> </optional> { <replaceable>address_match_element</replaceable>; ... };
listen-on-v6 <optional> port <replaceable>integer</replaceable> </optional> { <replaceable>address_match_element</replaceable>; ... };
match-mapped-addresses <replaceable>boolean</replaceable>;
memstatistics-file <replaceable>quoted_string</replaceable>;
pid-file ( <replaceable>quoted_string</replaceable> | none );
port <replaceable>integer</replaceable>;
querylog <replaceable>boolean</replaceable>;
recursing-file <replaceable>quoted_string</replaceable>;
random-device <replaceable>quoted_string</replaceable>;
recursive-clients <replaceable>integer</replaceable>;
serial-query-rate <replaceable>integer</replaceable>;
server-id ( <replaceable>quoted_string</replaceable> | none |;
stacksize <replaceable>size</replaceable>;
statistics-file <replaceable>quoted_string</replaceable>;
statistics-interval <replaceable>integer</replaceable>; // not yet implemented
tcp-clients <replaceable>integer</replaceable>;
tcp-listen-queue <replaceable>integer</replaceable>;
tkey-dhkey <replaceable>quoted_string</replaceable> <replaceable>integer</replaceable>;
tkey-gssapi-credential <replaceable>quoted_string</replaceable>;
tkey-domain <replaceable>quoted_string</replaceable>;
transfers-per-ns <replaceable>integer</replaceable>;
transfers-in <replaceable>integer</replaceable>;
transfers-out <replaceable>integer</replaceable>;
use-ixfr <replaceable>boolean</replaceable>;
version ( <replaceable>quoted_string</replaceable> | none );
allow-recursion { <replaceable>address_match_element</replaceable>; ... };
sortlist { <replaceable>address_match_element</replaceable>; ... };
topology { <replaceable>address_match_element</replaceable>; ... }; // not implemented
auth-nxdomain <replaceable>boolean</replaceable>; // default changed
minimal-responses <replaceable>boolean</replaceable>;
recursion <replaceable>boolean</replaceable>;
rrset-order {
<optional> class <replaceable>string</replaceable> </optional> <optional> type <replaceable>string</replaceable> </optional>
<optional> name <replaceable>quoted_string</replaceable> </optional> <replaceable>string</replaceable> <replaceable>string</replaceable>; ...
};
provide-ixfr <replaceable>boolean</replaceable>;
request-ixfr <replaceable>boolean</replaceable>;
rfc2308-type1 <replaceable>boolean</replaceable>; // not yet implemented
additional-from-auth <replaceable>boolean</replaceable>;
additional-from-cache <replaceable>boolean</replaceable>;
query-source <replaceable>querysource4</replaceable>;
query-source-v6 <replaceable>querysource6</replaceable>;
cleaning-interval <replaceable>integer</replaceable>;
min-roots <replaceable>integer</replaceable>; // not implemented
lame-ttl <replaceable>integer</replaceable>;
max-ncache-ttl <replaceable>integer</replaceable>;
max-cache-ttl <replaceable>integer</replaceable>;
transfer-format ( many-answers | one-answer );
max-cache-size <replaceable>size_no_default</replaceable>;
check-names ( master | slave | response )
( fail | warn | ignore );
cache-file <replaceable>quoted_string</replaceable>;
suppress-initial-notify <replaceable>boolean</replaceable>; // not yet implemented
preferred-glue <replaceable>string</replaceable>;
dual-stack-servers <optional> port <replaceable>integer</replaceable> </optional> {
( <replaceable>quoted_string</replaceable> <optional>port <replaceable>integer</replaceable></optional> |
<replaceable>ipv4_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> |
<replaceable>ipv6_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> ); ...
}
edns-udp-size <replaceable>integer</replaceable>;
root-delegation-only <optional> exclude { <replaceable>quoted_string</replaceable>; ... } </optional>;
disable-algorithms <replaceable>string</replaceable> { <replaceable>string</replaceable>; ... };
dnssec-enable <replaceable>boolean</replaceable>;
dnssec-lookaside <replaceable>string</replaceable> trust-anchor <replaceable>string</replaceable>;
dnssec-must-be-secure <replaceable>string</replaceable> <replaceable>boolean</replaceable>;
dialup <replaceable>dialuptype</replaceable>;
ixfr-from-differences <replaceable>ixfrdiff</replaceable>;
allow-query { <replaceable>address_match_element</replaceable>; ... };
allow-transfer { <replaceable>address_match_element</replaceable>; ... };
allow-update-forwarding { <replaceable>address_match_element</replaceable>; ... };
notify <replaceable>notifytype</replaceable>;
notify-source ( <replaceable>ipv4_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
notify-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
also-notify <optional> port <replaceable>integer</replaceable> </optional> { ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> )
<optional> port <replaceable>integer</replaceable> </optional>; ... };
allow-notify { <replaceable>address_match_element</replaceable>; ... };
forward ( first | only );
forwarders <optional> port <replaceable>integer</replaceable> </optional> {
( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> ) <optional> port <replaceable>integer</replaceable> </optional>; ...
};
max-journal-size <replaceable>size_no_default</replaceable>;
max-transfer-time-in <replaceable>integer</replaceable>;
max-transfer-time-out <replaceable>integer</replaceable>;
max-transfer-idle-in <replaceable>integer</replaceable>;
max-transfer-idle-out <replaceable>integer</replaceable>;
max-retry-time <replaceable>integer</replaceable>;
min-retry-time <replaceable>integer</replaceable>;
max-refresh-time <replaceable>integer</replaceable>;
min-refresh-time <replaceable>integer</replaceable>;
multi-master <replaceable>boolean</replaceable>;
sig-validity-interval <replaceable>integer</replaceable>;
transfer-source ( <replaceable>ipv4_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
alt-transfer-source ( <replaceable>ipv4_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
alt-transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
use-alt-transfer-source <replaceable>boolean</replaceable>;
zone-statistics <replaceable>boolean</replaceable>;
key-directory <replaceable>quoted_string</replaceable>;
allow-v6-synthesis { <replaceable>address_match_element</replaceable>; ... }; // obsolete
deallocate-on-exit <replaceable>boolean</replaceable>; // obsolete
fake-iquery <replaceable>boolean</replaceable>; // obsolete
fetch-glue <replaceable>boolean</replaceable>; // obsolete
has-old-clients <replaceable>boolean</replaceable>; // obsolete
maintain-ixfr-base <replaceable>boolean</replaceable>; // obsolete
max-ixfr-log-size <replaceable>size</replaceable>; // obsolete
multiple-cnames <replaceable>boolean</replaceable>; // obsolete
named-xfer <replaceable>quoted_string</replaceable>; // obsolete
serial-queries <replaceable>integer</replaceable>; // obsolete
treat-cr-as-space <replaceable>boolean</replaceable>; // obsolete
use-id-pool <replaceable>boolean</replaceable>; // obsolete
};
</LITERALLAYOUT>
</refsect1>
<refsect1>
<title>VIEW</title>
<LITERALLAYOUT>
view <replaceable>string</replaceable> <replaceable>optional_class</replaceable> {
match-clients { <replaceable>address_match_element</replaceable>; ... };
match-destinations { <replaceable>address_match_element</replaceable>; ... };
match-recursive-only <replaceable>boolean</replaceable>;
key <replaceable>string</replaceable> {
algorithm <replaceable>string</replaceable>;
secret <replaceable>string</replaceable>;
};
zone <replaceable>string</replaceable> <replaceable>optional_class</replaceable> {
...
};
server ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> ) {
...
};
trusted-keys {
<replaceable>string</replaceable> <replaceable>integer</replaceable> <replaceable>integer</replaceable> <replaceable>integer</replaceable> <replaceable>quoted_string</replaceable>; ...
};
allow-recursion { <replaceable>address_match_element</replaceable>; ... };
sortlist { <replaceable>address_match_element</replaceable>; ... };
topology { <replaceable>address_match_element</replaceable>; ... }; // not implemented
auth-nxdomain <replaceable>boolean</replaceable>; // default changed
minimal-responses <replaceable>boolean</replaceable>;
recursion <replaceable>boolean</replaceable>;
rrset-order {
<optional> class <replaceable>string</replaceable> </optional> <optional> type <replaceable>string</replaceable> </optional>
<optional> name <replaceable>quoted_string</replaceable> </optional> <replaceable>string</replaceable> <replaceable>string</replaceable>; ...
};
provide-ixfr <replaceable>boolean</replaceable>;
request-ixfr <replaceable>boolean</replaceable>;
rfc2308-type1 <replaceable>boolean</replaceable>; // not yet implemented
additional-from-auth <replaceable>boolean</replaceable>;
additional-from-cache <replaceable>boolean</replaceable>;
query-source <replaceable>querysource4</replaceable>;
query-source-v6 <replaceable>querysource6</replaceable>;
cleaning-interval <replaceable>integer</replaceable>;
min-roots <replaceable>integer</replaceable>; // not implemented
lame-ttl <replaceable>integer</replaceable>;
max-ncache-ttl <replaceable>integer</replaceable>;
max-cache-ttl <replaceable>integer</replaceable>;
transfer-format ( many-answers | one-answer );
max-cache-size <replaceable>size_no_default</replaceable>;
check-names ( master | slave | response )
( fail | warn | ignore );
cache-file <replaceable>quoted_string</replaceable>;
suppress-initial-notify <replaceable>boolean</replaceable>; // not yet implemented
preferred-glue <replaceable>string</replaceable>;
dual-stack-servers <optional> port <replaceable>integer</replaceable> </optional> {
( <replaceable>quoted_string</replaceable> <optional>port <replaceable>integer</replaceable></optional> |
<replaceable>ipv4_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> |
<replaceable>ipv6_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> ); ...
};
edns-udp-size <replaceable>integer</replaceable>;
root-delegation-only <optional> exclude { <replaceable>quoted_string</replaceable>; ... } </optional>;
disable-algorithms <replaceable>string</replaceable> { <replaceable>string</replaceable>; ... };
dnssec-enable <replaceable>boolean</replaceable>;
dnssec-lookaside <replaceable>string</replaceable> trust-anchor <replaceable>string</replaceable>;
dnssec-must-be-secure <replaceable>string</replaceable> <replaceable>boolean</replaceable>;
dialup <replaceable>dialuptype</replaceable>;
ixfr-from-differences <replaceable>ixfrdiff</replaceable>;
allow-query { <replaceable>address_match_element</replaceable>; ... };
allow-transfer { <replaceable>address_match_element</replaceable>; ... };
allow-update-forwarding { <replaceable>address_match_element</replaceable>; ... };
notify <replaceable>notifytype</replaceable>;
notify-source ( <replaceable>ipv4_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
notify-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
also-notify <optional> port <replaceable>integer</replaceable> </optional> { ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> )
<optional> port <replaceable>integer</replaceable> </optional>; ... };
allow-notify { <replaceable>address_match_element</replaceable>; ... };
forward ( first | only );
forwarders <optional> port <replaceable>integer</replaceable> </optional> {
( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> ) <optional> port <replaceable>integer</replaceable> </optional>; ...
};
max-journal-size <replaceable>size_no_default</replaceable>;
max-transfer-time-in <replaceable>integer</replaceable>;
max-transfer-time-out <replaceable>integer</replaceable>;
max-transfer-idle-in <replaceable>integer</replaceable>;
max-transfer-idle-out <replaceable>integer</replaceable>;
max-retry-time <replaceable>integer</replaceable>;
min-retry-time <replaceable>integer</replaceable>;
max-refresh-time <replaceable>integer</replaceable>;
min-refresh-time <replaceable>integer</replaceable>;
multi-master <replaceable>boolean</replaceable>;
sig-validity-interval <replaceable>integer</replaceable>;
transfer-source ( <replaceable>ipv4_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
alt-transfer-source ( <replaceable>ipv4_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
alt-transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
use-alt-transfer-source <replaceable>boolean</replaceable>;
zone-statistics <replaceable>boolean</replaceable>;
key-directory <replaceable>quoted_string</replaceable>;
allow-v6-synthesis { <replaceable>address_match_element</replaceable>; ... }; // obsolete
fetch-glue <replaceable>boolean</replaceable>; // obsolete
maintain-ixfr-base <replaceable>boolean</replaceable>; // obsolete
max-ixfr-log-size <replaceable>size</replaceable>; // obsolete
};
</LITERALLAYOUT>
</refsect1>
<refsect1>
<title>ZONE</title>
<LITERALLAYOUT>
zone <replaceable>string</replaceable> <replaceable>optional_class</replaceable> {
type ( master | slave | stub | hint |
forward | delegation-only );
file <replaceable>quoted_string</replaceable>;
masters <optional> port <replaceable>integer</replaceable> </optional> {
( <replaceable>masters</replaceable> |
<replaceable>ipv4_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> |
<replaceable>ipv6_address</replaceable> <optional> port <replaceable>integer</replaceable> </optional> ) <optional> key <replaceable>string</replaceable> </optional>; ...
};
database <replaceable>string</replaceable>;
delegation-only <replaceable>boolean</replaceable>;
check-names ( fail | warn | ignore );
dialup <replaceable>dialuptype</replaceable>;
ixfr-from-differences <replaceable>boolean</replaceable>;
allow-query { <replaceable>address_match_element</replaceable>; ... };
allow-transfer { <replaceable>address_match_element</replaceable>; ... };
allow-update { <replaceable>address_match_element</replaceable>; ... };
allow-update-forwarding { <replaceable>address_match_element</replaceable>; ... };
update-policy {
( grant | deny ) <replaceable>string</replaceable>
( name | subdomain | wildcard | self ) <replaceable>string</replaceable>
<replaceable>rrtypelist</replaceable>; ...
};
notify <replaceable>notifytype</replaceable>;
notify-source ( <replaceable>ipv4_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
notify-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
also-notify <optional> port <replaceable>integer</replaceable> </optional> { ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> )
<optional> port <replaceable>integer</replaceable> </optional>; ... };
allow-notify { <replaceable>address_match_element</replaceable>; ... };
forward ( first | only );
forwarders <optional> port <replaceable>integer</replaceable> </optional> {
( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> ) <optional> port <replaceable>integer</replaceable> </optional>; ...
};
max-journal-size <replaceable>size_no_default</replaceable>;
max-transfer-time-in <replaceable>integer</replaceable>;
max-transfer-time-out <replaceable>integer</replaceable>;
max-transfer-idle-in <replaceable>integer</replaceable>;
max-transfer-idle-out <replaceable>integer</replaceable>;
max-retry-time <replaceable>integer</replaceable>;
min-retry-time <replaceable>integer</replaceable>;
max-refresh-time <replaceable>integer</replaceable>;
min-refresh-time <replaceable>integer</replaceable>;
multi-master <replaceable>boolean</replaceable>;
sig-validity-interval <replaceable>integer</replaceable>;
transfer-source ( <replaceable>ipv4_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
alt-transfer-source ( <replaceable>ipv4_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
alt-transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * )
<optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
use-alt-transfer-source <replaceable>boolean</replaceable>;
zone-statistics <replaceable>boolean</replaceable>;
key-directory <replaceable>quoted_string</replaceable>;
ixfr-base <replaceable>quoted_string</replaceable>; // obsolete
ixfr-tmp-file <replaceable>quoted_string</replaceable>; // obsolete
maintain-ixfr-base <replaceable>boolean</replaceable>; // obsolete
max-ixfr-log-size <replaceable>size</replaceable>; // obsolete
pubkey <replaceable>integer</replaceable> <replaceable>integer</replaceable> <replaceable>integer</replaceable> <replaceable>quoted_string</replaceable>; // obsolete
};
</LITERALLAYOUT>
</refsect1>
<refsect1>
<title>FILES</title>
<para>
<filename>/etc/named.conf</filename>
</para>
</refsect1>
<refsect1>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>named</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>rndc</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>BIND 9 Adminstrators Reference Manual</refentrytitle>
</citerefentry>.
</para>
</refsect1>
</refentry>
<!--
- Local variables:
- mode: sgml
- End:
-->

2587
bin/named/named.conf.html Normal file
View file

File diff suppressed because it is too large Load diff