"Fossies" - the Fresh Open Source Software Archive

Member "bind-9.11.23/bin/named/named.conf.5" (7 Sep 2020, 38837 Bytes) of package /linux/misc/dns/bind9/9.11.23/bind-9.11.23.tar.gz:


Caution: As a special service "Fossies" has tried to format the requested manual source page into HTML format but links to other man pages may be missing or even erroneous. Alternatively you can here view or download the uninterpreted manual source code. A member file download can also be achieved by clicking within a package contents listing on the according byte size field.

NAMED.CONF

NAME
SYNOPSIS
DESCRIPTION
ACL
CONTROLS
DLZ
DYNDB
KEY
LOGGING
LWRES
MANAGED-KEYS
MASTERS
OPTIONS
SERVER
STATISTICS-CHANNELS
TRUSTED-KEYS
VIEW
ZONE
FILES
SEE ALSO
AUTHOR
COPYRIGHT

NAME

named.conf − configuration file for named

SYNOPSIS

named.conf

DESCRIPTION

named.conf is the configuration file for named. Statements are enclosed in braces and terminated with a semi−colon. Clauses in the statements are also semi−colon terminated. The usual comment styles are supported:

C style: /* */

C++ style: // to end of line

Unix style: # to end of line

ACL

acl string { address_match_element; ... };

CONTROLS

controls {

inet ( ipv4_address | ipv6_address |

* ) [ port ( integer | * ) ] allow

{ address_match_element; ... } [

keys { string; ... } ] [ read−only

boolean ];

unix quoted_string perm integer

owner integer group integer [

keys { string; ... } ] [ read−only

boolean ];

};

DLZ

dlz string {

database string;

search boolean;

};

DYNDB

dyndb string quoted_string {
unspecified−text
};

KEY

key string {

algorithm string;

secret string;

};

LOGGING

logging {

category string { string; ... };

channel string {

buffered boolean;

file quoted_string [ versions ( "unlimited" | integer )

] [ size size ];

null;

print−category boolean;

print−severity boolean;

print−time boolean;

severity log_severity;

stderr;

syslog [ syslog_facility ];

};

};

LWRES

lwres {

listen−on [ port integer ] [ dscp integer ] { ( ipv4_address

| ipv6_address ) [ port integer ] [ dscp integer ]; ... };

lwres−clients integer;

lwres−tasks integer;

ndots integer;

search { string; ... };

view string [ class ];

};

MANAGED-KEYS

managed−keys { string string integer
integer integer quoted_string
; ... };

MASTERS

masters string [ port integer ] [ dscp
integer
] { ( masters | ipv4_address [
port integer ] | ipv6_address [ port
integer
] ) [ key string ]; ... };

OPTIONS

options {

acache−cleaning−interval integer;

acache−enable boolean;

additional−from−auth boolean;

additional−from−cache boolean;

allow−new−zones boolean;

allow−notify { address_match_element; ... };

allow−query { address_match_element; ... };

allow−query−cache { address_match_element; ... };

allow−query−cache−on { address_match_element; ... };

allow−query−on { address_match_element; ... };

allow−recursion { address_match_element; ... };

allow−recursion−on { address_match_element; ... };

allow−transfer { address_match_element; ... };

allow−update { address_match_element; ... };

allow−update−forwarding { address_match_element; ... };

also−notify [ port integer ] [ dscp integer ] { ( masters |

ipv4_address [ port integer ] | ipv6_address [ port

integer ] ) [ key string ]; ... };

alt−transfer−source ( ipv4_address | * ) [ port ( integer | * )

] [ dscp integer ];

alt−transfer−source−v6 ( ipv6_address | * ) [ port ( integer |

* ) ] [ dscp integer ];

answer−cookie boolean;

attach−cache string;

auth−nxdomain boolean; // default changed

auto−dnssec ( allow | maintain | off );

automatic−interface−scan boolean;

avoid−v4−udp−ports { portrange; ... };

avoid−v6−udp−ports { portrange; ... };

bindkeys−file quoted_string;

blackhole { address_match_element; ... };

cache−file quoted_string;

catalog−zones { zone string [ default−masters [ port integer ]

[ dscp integer ] { ( masters | ipv4_address [ port

integer ] | ipv6_address [ port integer ] ) [ key

string ]; ... } ] [ zone−directory quoted_string ] [

in−memory boolean ] [ min−update−interval integer ]; ... };

check−dup−records ( fail | warn | ignore );

check−integrity boolean;

check−mx ( fail | warn | ignore );

check−mx−cname ( fail | warn | ignore );

check−names ( master | slave | response

) ( fail | warn | ignore );

check−sibling boolean;

check−spf ( warn | ignore );

check−srv−cname ( fail | warn | ignore );

check−wildcard boolean;

cleaning−interval integer;

clients−per−query integer;

cookie−algorithm ( aes | sha1 | sha256 | siphash24 );

cookie−secret string;

coresize ( default | unlimited | sizeval );

datasize ( default | unlimited | sizeval );

deny−answer−addresses { address_match_element; ... } [

except−from { quoted_string; ... } ];

deny−answer−aliases { quoted_string; ... } [ except−from {

quoted_string; ... } ];

dialup ( notify | notify−passive | passive | refresh | boolean );

directory quoted_string;

disable−algorithms string { string;

... };

disable−ds−digests string { string;

... };

disable−empty−zone string;

dns64 netprefix {

break−dnssec boolean;

clients { address_match_element; ... };

exclude { address_match_element; ... };

mapped { address_match_element; ... };

recursive−only boolean;

suffix ipv6_address;

};

dns64−contact string;

dns64−server string;

dnssec−accept−expired boolean;

dnssec−dnskey−kskonly boolean;

dnssec−enable boolean;

dnssec−loadkeys−interval integer;

dnssec−lookaside ( string trust−anchor

string | auto | no );

dnssec−must−be−secure string boolean;

dnssec−secure−to−insecure boolean;

dnssec−update−mode ( maintain | no−resign );

dnssec−validation ( yes | no | auto );

dnstap { ( all | auth | client | forwarder |

resolver ) [ ( query | response ) ]; ... };

dnstap−identity ( quoted_string | none |

hostname );

dnstap−output ( file | unix ) quoted_string;

dnstap−version ( quoted_string | none );

dscp integer;

dual−stack−servers [ port integer ] { ( quoted_string [ port

integer ] [ dscp integer ] | ipv4_address [ port

integer ] [ dscp integer ] | ipv6_address [ port

integer ] [ dscp integer ] ); ... };

dump−file quoted_string;

edns−udp−size integer;

empty−contact string;

empty−server string;

empty−zones−enable boolean;

fetch−quota−params integer fixedpoint fixedpoint fixedpoint;

fetches−per−server integer [ ( drop | fail ) ];

fetches−per−zone integer [ ( drop | fail ) ];

files ( default | unlimited | sizeval );

filter−aaaa { address_match_element; ... };

filter−aaaa−on−v4 ( break−dnssec | boolean );

filter−aaaa−on−v6 ( break−dnssec | boolean );

flush−zones−on−shutdown boolean;

forward ( first | only );

forwarders [ port integer ] [ dscp integer ] { ( ipv4_address

| ipv6_address ) [ port integer ] [ dscp integer ]; ... };

fstrm−set−buffer−hint integer;

fstrm−set−flush−timeout integer;

fstrm−set−input−queue−size integer;

fstrm−set−output−notify−threshold integer;

fstrm−set−output−queue−model ( mpsc | spsc );

fstrm−set−output−queue−size integer;

fstrm−set−reopen−interval integer;

geoip−directory ( quoted_string | none );

geoip−use−ecs boolean;

heartbeat−interval integer;

hostname ( quoted_string | none );

inline−signing boolean;

interface−interval integer;

ixfr−from−differences ( master | slave | boolean );

keep−response−order { address_match_element; ... };

key−directory quoted_string;

lame−ttl ttlval;

listen−on [ port integer ] [ dscp

integer ] {

address_match_element; ... };

listen−on−v6 [ port integer ] [ dscp

integer ] {

address_match_element; ... };

lmdb−mapsize sizeval;

lock−file ( quoted_string | none );

managed−keys−directory quoted_string;

masterfile−format ( map | raw | text );

masterfile−style ( full | relative );

match−mapped−addresses boolean;

max−acache−size ( unlimited | sizeval );

max−cache−size ( default | unlimited | sizeval | percentage );

max−cache−ttl integer;

max−clients−per−query integer;

max−journal−size ( unlimited | sizeval );

max−ncache−ttl integer;

max−records integer;

max−recursion−depth integer;

max−recursion−queries integer;

max−refresh−time integer;

max−retry−time integer;

max−rsa−exponent−size integer;

max−transfer−idle−in integer;

max−transfer−idle−out integer;

max−transfer−time−in integer;

max−transfer−time−out integer;

max−udp−size integer;

max−zone−ttl ( unlimited | ttlval );

memstatistics boolean;

memstatistics−file quoted_string;

message−compression boolean;

min−refresh−time integer;

min−retry−time integer;

minimal−any boolean;

minimal−responses ( no−auth | no−auth−recursive | boolean );

multi−master boolean;

no−case−compress { address_match_element; ... };

nocookie−udp−size integer;

notify ( explicit | master−only | boolean );

notify−delay integer;

notify−rate integer;

notify−source ( ipv4_address | * ) [ port ( integer | * ) ] [

dscp integer ];

notify−source−v6 ( ipv6_address | * ) [ port ( integer | * ) ]

[ dscp integer ];

notify−to−soa boolean;

nta−lifetime ttlval;

nta−recheck ttlval;

nxdomain−redirect string;

pid−file ( quoted_string | none );

port integer;

preferred−glue string;

prefetch integer [ integer ];

provide−ixfr boolean;

query−source ( ( [ address ] ( ipv4_address | * ) [ port (

integer | * ) ] ) | ( [ [ address ] ( ipv4_address | * ) ]

port ( integer | * ) ) ) [ dscp integer ];

query−source−v6 ( ( [ address ] ( ipv6_address | * ) [ port (

integer | * ) ] ) | ( [ [ address ] ( ipv6_address | * ) ]

port ( integer | * ) ) ) [ dscp integer ];

querylog boolean;

random−device quoted_string;

rate−limit {

all−per−second integer;

errors−per−second integer;

exempt−clients { address_match_element; ... };

ipv4−prefix−length integer;

ipv6−prefix−length integer;

log−only boolean;

max−table−size integer;

min−table−size integer;

nodata−per−second integer;

nxdomains−per−second integer;

qps−scale integer;

referrals−per−second integer;

responses−per−second integer;

slip integer;

window integer;

};

recursing−file quoted_string;

recursion boolean;

recursive−clients integer;

request−expire boolean;

request−ixfr boolean;

request−nsid boolean;

require−server−cookie boolean;

reserved−sockets integer;

resolver−query−timeout integer;

response−policy { zone string [ log boolean ] [ max−policy−ttl

integer ] [ policy ( cname | disabled | drop | given | no−op

| nodata | nxdomain | passthru | tcp−only quoted_string ) ] [

recursive−only boolean ]; ... } [ break−dnssec boolean ] [

max−policy−ttl integer ] [ min−ns−dots integer ] [

nsip−wait−recurse boolean ] [ qname−wait−recurse boolean ]

[ recursive−only boolean ];

root−delegation−only [ exclude { quoted_string; ... } ];

root−key−sentinel boolean;

rrset−order { [ class string ] [ type string ] [ name

quoted_string ] string string; ... };

secroots−file quoted_string;

send−cookie boolean;

serial−query−rate integer;

serial−update−method ( date | increment | unixtime );

server−id ( quoted_string | none | hostname );

servfail−ttl ttlval;

session−keyalg string;

session−keyfile ( quoted_string | none );

session−keyname string;

sig−signing−nodes integer;

sig−signing−signatures integer;

sig−signing−type integer;

sig−validity−interval integer [ integer ];

sortlist { address_match_element; ... };

stacksize ( default | unlimited | sizeval );

startup−notify−rate integer;

statistics−file quoted_string;

tcp−clients integer;

tcp−listen−queue integer;

tkey−dhkey quoted_string integer;

tkey−domain quoted_string;

tkey−gssapi−credential quoted_string;

tkey−gssapi−keytab quoted_string;

transfer−format ( many−answers | one−answer );

transfer−message−size integer;

transfer−source ( ipv4_address | * ) [ port ( integer | * ) ] [

dscp integer ];

transfer−source−v6 ( ipv6_address | * ) [ port ( integer | * )

] [ dscp integer ];

transfers−in integer;

transfers−out integer;

transfers−per−ns integer;

trust−anchor−telemetry boolean; // experimental

try−tcp−refresh boolean;

update−check−ksk boolean;

use−alt−transfer−source boolean;

use−v4−udp−ports { portrange; ... };

use−v6−udp−ports { portrange; ... };

v6−bias integer;

version ( quoted_string | none );

zero−no−soa−ttl boolean;

zero−no−soa−ttl−cache boolean;

zone−statistics ( full | terse | none | boolean );

};

SERVER

server netprefix {

bogus boolean;

edns boolean;

edns−udp−size integer;

edns−version integer;

keys server_key;

max−udp−size integer;

notify−source ( ipv4_address | * ) [ port ( integer | * ) ] [

dscp integer ];

notify−source−v6 ( ipv6_address | * ) [ port ( integer | * ) ]

[ dscp integer ];

provide−ixfr boolean;

query−source ( ( [ address ] ( ipv4_address | * ) [ port (

integer | * ) ] ) | ( [ [ address ] ( ipv4_address | * ) ]

port ( integer | * ) ) ) [ dscp integer ];

query−source−v6 ( ( [ address ] ( ipv6_address | * ) [ port (

integer | * ) ] ) | ( [ [ address ] ( ipv6_address | * ) ]

port ( integer | * ) ) ) [ dscp integer ];

request−expire boolean;

request−ixfr boolean;

request−nsid boolean;

send−cookie boolean;

tcp−only boolean;

transfer−format ( many−answers | one−answer );

transfer−source ( ipv4_address | * ) [ port ( integer | * ) ] [

dscp integer ];

transfer−source−v6 ( ipv6_address | * ) [ port ( integer | * )

] [ dscp integer ];

transfers integer;

};

STATISTICS-CHANNELS

statistics−channels {

inet ( ipv4_address | ipv6_address |

* ) [ port ( integer | * ) ] [

allow { address_match_element; ...

} ];

};

TRUSTED-KEYS

trusted−keys { string integer integer
integer quoted_string
; ... };

VIEW

view string [ class ] {

acache−cleaning−interval integer;

acache−enable boolean;

additional−from−auth boolean;

additional−from−cache boolean;

allow−new−zones boolean;

allow−notify { address_match_element; ... };

allow−query { address_match_element; ... };

allow−query−cache { address_match_element; ... };

allow−query−cache−on { address_match_element; ... };

allow−query−on { address_match_element; ... };

allow−recursion { address_match_element; ... };

allow−recursion−on { address_match_element; ... };

allow−transfer { address_match_element; ... };

allow−update { address_match_element; ... };

allow−update−forwarding { address_match_element; ... };

also−notify [ port integer ] [ dscp integer ] { ( masters |

ipv4_address [ port integer ] | ipv6_address [ port

integer ] ) [ key string ]; ... };

alt−transfer−source ( ipv4_address | * ) [ port ( integer | * )

] [ dscp integer ];

alt−transfer−source−v6 ( ipv6_address | * ) [ port ( integer |

* ) ] [ dscp integer ];

attach−cache string;

auth−nxdomain boolean; // default changed

auto−dnssec ( allow | maintain | off );

cache−file quoted_string;

catalog−zones { zone string [ default−masters [ port integer ]

[ dscp integer ] { ( masters | ipv4_address [ port

integer ] | ipv6_address [ port integer ] ) [ key

string ]; ... } ] [ zone−directory quoted_string ] [

in−memory boolean ] [ min−update−interval integer ]; ... };

check−dup−records ( fail | warn | ignore );

check−integrity boolean;

check−mx ( fail | warn | ignore );

check−mx−cname ( fail | warn | ignore );

check−names ( master | slave | response

) ( fail | warn | ignore );

check−sibling boolean;

check−spf ( warn | ignore );

check−srv−cname ( fail | warn | ignore );

check−wildcard boolean;

cleaning−interval integer;

clients−per−query integer;

deny−answer−addresses { address_match_element; ... } [

except−from { quoted_string; ... } ];

deny−answer−aliases { quoted_string; ... } [ except−from {

quoted_string; ... } ];

dialup ( notify | notify−passive | passive | refresh | boolean );

disable−algorithms string { string;

... };

disable−ds−digests string { string;

... };

disable−empty−zone string;

dlz string {

database string;

search boolean;

};

dns64 netprefix {

break−dnssec boolean;

clients { address_match_element; ... };

exclude { address_match_element; ... };

mapped { address_match_element; ... };

recursive−only boolean;

suffix ipv6_address;

};

dns64−contact string;

dns64−server string;

dnssec−accept−expired boolean;

dnssec−dnskey−kskonly boolean;

dnssec−enable boolean;

dnssec−loadkeys−interval integer;

dnssec−lookaside ( string trust−anchor

string | auto | no );

dnssec−must−be−secure string boolean;

dnssec−secure−to−insecure boolean;

dnssec−update−mode ( maintain | no−resign );

dnssec−validation ( yes | no | auto );

dnstap { ( all | auth | client | forwarder |

resolver ) [ ( query | response ) ]; ... };

dual−stack−servers [ port integer ] { ( quoted_string [ port

integer ] [ dscp integer ] | ipv4_address [ port

integer ] [ dscp integer ] | ipv6_address [ port

integer ] [ dscp integer ] ); ... };

dyndb string quoted_string {

unspecified−text };

edns−udp−size integer;

empty−contact string;

empty−server string;

empty−zones−enable boolean;

fetch−quota−params integer fixedpoint fixedpoint fixedpoint;

fetches−per−server integer [ ( drop | fail ) ];

fetches−per−zone integer [ ( drop | fail ) ];

filter−aaaa { address_match_element; ... };

filter−aaaa−on−v4 ( break−dnssec | boolean );

filter−aaaa−on−v6 ( break−dnssec | boolean );

forward ( first | only );

forwarders [ port integer ] [ dscp integer ] { ( ipv4_address

| ipv6_address ) [ port integer ] [ dscp integer ]; ... };

inline−signing boolean;

ixfr−from−differences ( master | slave | boolean );

key string {

algorithm string;

secret string;

};

key−directory quoted_string;

lame−ttl ttlval;

lmdb−mapsize sizeval;

managed−keys { string string

integer integer integer

quoted_string; ... };

masterfile−format ( map | raw | text );

masterfile−style ( full | relative );

match−clients { address_match_element; ... };

match−destinations { address_match_element; ... };

match−recursive−only boolean;

max−acache−size ( unlimited | sizeval );

max−cache−size ( default | unlimited | sizeval | percentage );

max−cache−ttl integer;

max−clients−per−query integer;

max−journal−size ( unlimited | sizeval );

max−ncache−ttl integer;

max−records integer;

max−recursion−depth integer;

max−recursion−queries integer;

max−refresh−time integer;

max−retry−time integer;

max−transfer−idle−in integer;

max−transfer−idle−out integer;

max−transfer−time−in integer;

max−transfer−time−out integer;

max−udp−size integer;

max−zone−ttl ( unlimited | ttlval );

message−compression boolean;

min−refresh−time integer;

min−retry−time integer;

minimal−any boolean;

minimal−responses ( no−auth | no−auth−recursive | boolean );

multi−master boolean;

no−case−compress { address_match_element; ... };

nocookie−udp−size integer;

notify ( explicit | master−only | boolean );

notify−delay integer;

notify−source ( ipv4_address | * ) [ port ( integer | * ) ] [

dscp integer ];

notify−source−v6 ( ipv6_address | * ) [ port ( integer | * ) ]

[ dscp integer ];

notify−to−soa boolean;

nta−lifetime ttlval;

nta−recheck ttlval;

nxdomain−redirect string;

preferred−glue string;

prefetch integer [ integer ];

provide−ixfr boolean;

query−source ( ( [ address ] ( ipv4_address | * ) [ port (

integer | * ) ] ) | ( [ [ address ] ( ipv4_address | * ) ]

port ( integer | * ) ) ) [ dscp integer ];

query−source−v6 ( ( [ address ] ( ipv6_address | * ) [ port (

integer | * ) ] ) | ( [ [ address ] ( ipv6_address | * ) ]

port ( integer | * ) ) ) [ dscp integer ];

rate−limit {

all−per−second integer;

errors−per−second integer;

exempt−clients { address_match_element; ... };

ipv4−prefix−length integer;

ipv6−prefix−length integer;

log−only boolean;

max−table−size integer;

min−table−size integer;

nodata−per−second integer;

nxdomains−per−second integer;

qps−scale integer;

referrals−per−second integer;

responses−per−second integer;

slip integer;

window integer;

};

recursion boolean;

request−expire boolean;

request−ixfr boolean;

request−nsid boolean;

require−server−cookie boolean;

resolver−query−timeout integer;

response−policy { zone string [ log boolean ] [ max−policy−ttl

integer ] [ policy ( cname | disabled | drop | given | no−op

| nodata | nxdomain | passthru | tcp−only quoted_string ) ] [

recursive−only boolean ]; ... } [ break−dnssec boolean ] [

max−policy−ttl integer ] [ min−ns−dots integer ] [

nsip−wait−recurse boolean ] [ qname−wait−recurse boolean ]

[ recursive−only boolean ];

root−delegation−only [ exclude { quoted_string; ... } ];

root−key−sentinel boolean;

rrset−order { [ class string ] [ type string ] [ name

quoted_string ] string string; ... };

send−cookie boolean;

serial−update−method ( date | increment | unixtime );

server netprefix {

bogus boolean;

edns boolean;

edns−udp−size integer;

edns−version integer;

keys server_key;

max−udp−size integer;

notify−source ( ipv4_address | * ) [ port ( integer | *

) ] [ dscp integer ];

notify−source−v6 ( ipv6_address | * ) [ port ( integer

| * ) ] [ dscp integer ];

provide−ixfr boolean;

query−source ( ( [ address ] ( ipv4_address | * ) [ port

( integer | * ) ] ) | ( [ [ address ] (

ipv4_address | * ) ] port ( integer | * ) ) ) [

dscp integer ];

query−source−v6 ( ( [ address ] ( ipv6_address | * ) [

port ( integer | * ) ] ) | ( [ [ address ] (

ipv6_address | * ) ] port ( integer | * ) ) ) [

dscp integer ];

request−expire boolean;

request−ixfr boolean;

request−nsid boolean;

send−cookie boolean;

tcp−only boolean;

transfer−format ( many−answers | one−answer );

transfer−source ( ipv4_address | * ) [ port ( integer |

* ) ] [ dscp integer ];

transfer−source−v6 ( ipv6_address | * ) [ port (

integer | * ) ] [ dscp integer ];

transfers integer;

};

servfail−ttl ttlval;

sig−signing−nodes integer;

sig−signing−signatures integer;

sig−signing−type integer;

sig−validity−interval integer [ integer ];

sortlist { address_match_element; ... };

transfer−format ( many−answers | one−answer );

transfer−source ( ipv4_address | * ) [ port ( integer | * ) ] [

dscp integer ];

transfer−source−v6 ( ipv6_address | * ) [ port ( integer | * )

] [ dscp integer ];

trust−anchor−telemetry boolean; // experimental

trusted−keys { string integer

integer integer quoted_string;

... };

try−tcp−refresh boolean;

update−check−ksk boolean;

use−alt−transfer−source boolean;

v6−bias integer;

zero−no−soa−ttl boolean;

zero−no−soa−ttl−cache boolean;

zone string [ class ] {

allow−notify { address_match_element; ... };

allow−query { address_match_element; ... };

allow−query−on { address_match_element; ... };

allow−transfer { address_match_element; ... };

allow−update { address_match_element; ... };

allow−update−forwarding { address_match_element; ... };

also−notify [ port integer ] [ dscp integer ] { (

masters | ipv4_address [ port integer ] |

ipv6_address [ port integer ] ) [ key string ];

... };

alt−transfer−source ( ipv4_address | * ) [ port (

integer | * ) ] [ dscp integer ];

alt−transfer−source−v6 ( ipv6_address | * ) [ port (

integer | * ) ] [ dscp integer ];

auto−dnssec ( allow | maintain | off );

check−dup−records ( fail | warn | ignore );

check−integrity boolean;

check−mx ( fail | warn | ignore );

check−mx−cname ( fail | warn | ignore );

check−names ( fail | warn | ignore );

check−sibling boolean;

check−spf ( warn | ignore );

check−srv−cname ( fail | warn | ignore );

check−wildcard boolean;

database string;

delegation−only boolean;

dialup ( notify | notify−passive | passive | refresh |

boolean );

dlz string;

dnssec−dnskey−kskonly boolean;

dnssec−loadkeys−interval integer;

dnssec−secure−to−insecure boolean;

dnssec−update−mode ( maintain | no−resign );

file quoted_string;

forward ( first | only );

forwarders [ port integer ] [ dscp integer ] { (

ipv4_address | ipv6_address ) [ port integer ] [

dscp integer ]; ... };

in−view string;

inline−signing boolean;

ixfr−from−differences boolean;

journal quoted_string;

key−directory quoted_string;

masterfile−format ( map | raw | text );

masterfile−style ( full | relative );

masters [ port integer ] [ dscp integer ] { ( masters

| ipv4_address [ port integer ] | ipv6_address [

port integer ] ) [ key string ]; ... };

max−ixfr−log−size ( default | unlimited |

max−journal−size ( unlimited | sizeval );

max−records integer;

max−refresh−time integer;

max−retry−time integer;

max−transfer−idle−in integer;

max−transfer−idle−out integer;

max−transfer−time−in integer;

max−transfer−time−out integer;

max−zone−ttl ( unlimited | ttlval );

min−refresh−time integer;

min−retry−time integer;

multi−master boolean;

notify ( explicit | master−only | boolean );

notify−delay integer;

notify−source ( ipv4_address | * ) [ port ( integer | *

) ] [ dscp integer ];

notify−source−v6 ( ipv6_address | * ) [ port ( integer

| * ) ] [ dscp integer ];

notify−to−soa boolean;

pubkey integer

integer

integer

request−expire boolean;

request−ixfr boolean;

serial−update−method ( date | increment | unixtime );

server−addresses { ( ipv4_address | ipv6_address ); ... };

server−names { quoted_string; ... };

sig−signing−nodes integer;

sig−signing−signatures integer;

sig−signing−type integer;

sig−validity−interval integer [ integer ];

transfer−source ( ipv4_address | * ) [ port ( integer |

* ) ] [ dscp integer ];

transfer−source−v6 ( ipv6_address | * ) [ port (

integer | * ) ] [ dscp integer ];

try−tcp−refresh boolean;

type ( delegation−only | forward | hint | master | redirect

| slave | static−stub | stub );

update−check−ksk boolean;

update−policy ( local | { ( deny | grant ) string (

6to4−self | external | krb5−self | krb5−selfsub |

krb5−subdomain | ms−self | ms−selfsub | ms−subdomain |

name | self | selfsub | selfwild | subdomain | tcp−self

| wildcard | zonesub ) [ string ] rrtypelist; ... };

use−alt−transfer−source boolean;

zero−no−soa−ttl boolean;

zone−statistics ( full | terse | none | boolean );

};

zone−statistics ( full | terse | none | boolean );

};

ZONE

zone string [ class ] {

allow−notify { address_match_element; ... };

allow−query { address_match_element; ... };

allow−query−on { address_match_element; ... };

allow−transfer { address_match_element; ... };

allow−update { address_match_element; ... };

allow−update−forwarding { address_match_element; ... };

also−notify [ port integer ] [ dscp integer ] { ( masters |

ipv4_address [ port integer ] | ipv6_address [ port

integer ] ) [ key string ]; ... };

alt−transfer−source ( ipv4_address | * ) [ port ( integer | * )

] [ dscp integer ];

alt−transfer−source−v6 ( ipv6_address | * ) [ port ( integer |

* ) ] [ dscp integer ];

auto−dnssec ( allow | maintain | off );

check−dup−records ( fail | warn | ignore );

check−integrity boolean;

check−mx ( fail | warn | ignore );

check−mx−cname ( fail | warn | ignore );

check−names ( fail | warn | ignore );

check−sibling boolean;

check−spf ( warn | ignore );

check−srv−cname ( fail | warn | ignore );

check−wildcard boolean;

database string;

delegation−only boolean;

dialup ( notify | notify−passive | passive | refresh | boolean );

dlz string;

dnssec−dnskey−kskonly boolean;

dnssec−loadkeys−interval integer;

dnssec−secure−to−insecure boolean;

dnssec−update−mode ( maintain | no−resign );

file quoted_string;

forward ( first | only );

forwarders [ port integer ] [ dscp integer ] { ( ipv4_address

| ipv6_address ) [ port integer ] [ dscp integer ]; ... };

in−view string;

inline−signing boolean;

ixfr−from−differences boolean;

journal quoted_string;

key−directory quoted_string;

masterfile−format ( map | raw | text );

masterfile−style ( full | relative );

masters [ port integer ] [ dscp integer ] { ( masters |

ipv4_address [ port integer ] | ipv6_address [ port

integer ] ) [ key string ]; ... };

max−journal−size ( unlimited | sizeval );

max−records integer;

max−refresh−time integer;

max−retry−time integer;

max−transfer−idle−in integer;

max−transfer−idle−out integer;

max−transfer−time−in integer;

max−transfer−time−out integer;

max−zone−ttl ( unlimited | ttlval );

min−refresh−time integer;

min−retry−time integer;

multi−master boolean;

notify ( explicit | master−only | boolean );

notify−delay integer;

notify−source ( ipv4_address | * ) [ port ( integer | * ) ] [

dscp integer ];

notify−source−v6 ( ipv6_address | * ) [ port ( integer | * ) ]

[ dscp integer ];

notify−to−soa boolean;

pubkey integer integer

request−expire boolean;

request−ixfr boolean;

serial−update−method ( date | increment | unixtime );

server−addresses { ( ipv4_address | ipv6_address ); ... };

server−names { quoted_string; ... };

sig−signing−nodes integer;

sig−signing−signatures integer;

sig−signing−type integer;

sig−validity−interval integer [ integer ];

transfer−source ( ipv4_address | * ) [ port ( integer | * ) ] [

dscp integer ];

transfer−source−v6 ( ipv6_address | * ) [ port ( integer | * )

] [ dscp integer ];

try−tcp−refresh boolean;

type ( delegation−only | forward | hint | master | redirect | slave

| static−stub | stub );

update−check−ksk boolean;

update−policy ( local | { ( deny | grant ) string ( 6to4−self |

external | krb5−self | krb5−selfsub | krb5−subdomain | ms−self

| ms−selfsub | ms−subdomain | name | self | selfsub | selfwild

| subdomain | tcp−self | wildcard | zonesub ) [ string ]

rrtypelist; ... };

use−alt−transfer−source boolean;

zero−no−soa−ttl boolean;

zone−statistics ( full | terse | none | boolean );

};

FILES

/etc/named.conf

SEE ALSO

ddns-confgen(8), named(8), named-checkconf(8), rndc(8), rndc-confgen(8), BIND 9 Administrator Reference Manual.

AUTHOR

Internet Systems Consortium, Inc.

COPYRIGHT

Copyright © 2004-2020 Internet Systems Consortium, Inc. ("ISC")