diff options
Diffstat (limited to 'bin/named/named.conf.docbook')
-rw-r--r-- | bin/named/named.conf.docbook | 629 |
1 files changed, 629 insertions, 0 deletions
diff --git a/bin/named/named.conf.docbook b/bin/named/named.conf.docbook new file mode 100644 index 0000000..a4a8044 --- /dev/null +++ b/bin/named/named.conf.docbook @@ -0,0 +1,629 @@ +<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" + [<!ENTITY mdash "—">]> +<!-- + - Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") + - + - Permission to use, copy, modify, and/or distribute this software for any + - purpose with or without fee is hereby granted, provided that the above + - copyright notice and this permission notice appear in all copies. + - + - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + - PERFORMANCE OF THIS SOFTWARE. +--> + +<!-- $Id: named.conf.docbook,v 1.39 2008/09/24 02:46:21 marka Exp $ --> +<refentry> + <refentryinfo> + <date>Aug 13, 2004</date> + </refentryinfo> + + <refmeta> + <refentrytitle><filename>named.conf</filename></refentrytitle> + <manvolnum>5</manvolnum> + <refmiscinfo>BIND9</refmiscinfo> + </refmeta> + + <refnamediv> + <refname><filename>named.conf</filename></refname> + <refpurpose>configuration file for named</refpurpose> + </refnamediv> + + <docinfo> + <copyright> + <year>2004</year> + <year>2005</year> + <year>2006</year> + <year>2007</year> + <year>2008</year> + <holder>Internet Systems Consortium, Inc. ("ISC")</holder> + </copyright> + </docinfo> + + <refsynopsisdiv> + <cmdsynopsis> + <command>named.conf</command> + </cmdsynopsis> + </refsynopsisdiv> + + <refsect1> + <title>DESCRIPTION</title> + <para><filename>named.conf</filename> is the configuration file + for + <command>named</command>. Statements are enclosed + in braces and terminated with a semi-colon. Clauses in + the statements are also semi-colon terminated. The usual + comment styles are supported: + </para> + <para> + C style: /* */ + </para> + <para> + C++ style: // to end of line + </para> + <para> + Unix style: # to end of line + </para> + </refsect1> + + <refsect1> + <title>ACL</title> + <literallayout> +acl <replaceable>string</replaceable> { <replaceable>address_match_element</replaceable>; ... }; + +</literallayout> + </refsect1> + + <refsect1> + <title>KEY</title> + <literallayout> +key <replaceable>domain_name</replaceable> { + algorithm <replaceable>string</replaceable>; + secret <replaceable>string</replaceable>; +}; +</literallayout> + </refsect1> + + <refsect1> + <title>MASTERS</title> + <literallayout> +masters <replaceable>string</replaceable> <optional> port <replaceable>integer</replaceable> </optional> { + ( <replaceable>masters</replaceable> | <replaceable>ipv4_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> | + <replaceable>ipv6_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> ) <optional> key <replaceable>string</replaceable> </optional>; ... +}; +</literallayout> + </refsect1> + + <refsect1> + <title>SERVER</title> + <literallayout> +server ( <replaceable>ipv4_address<optional>/prefixlen</optional></replaceable> | <replaceable>ipv6_address<optional>/prefixlen</optional></replaceable> ) { + bogus <replaceable>boolean</replaceable>; + edns <replaceable>boolean</replaceable>; + edns-udp-size <replaceable>integer</replaceable>; + max-udp-size <replaceable>integer</replaceable>; + provide-ixfr <replaceable>boolean</replaceable>; + request-ixfr <replaceable>boolean</replaceable>; + keys <replaceable>server_key</replaceable>; + transfers <replaceable>integer</replaceable>; + transfer-format ( many-answers | one-answer ); + transfer-source ( <replaceable>ipv4_address</replaceable> | * ) + <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) + <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + + support-ixfr <replaceable>boolean</replaceable>; // obsolete +}; +</literallayout> + </refsect1> + + <refsect1> + <title>TRUSTED-KEYS</title> + <literallayout> +trusted-keys { + <replaceable>domain_name</replaceable> <replaceable>flags</replaceable> <replaceable>protocol</replaceable> <replaceable>algorithm</replaceable> <replaceable>key</replaceable>; ... +}; +</literallayout> + </refsect1> + + <refsect1> + <title>CONTROLS</title> + <literallayout> +controls { + inet ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> | * ) + <optional> port ( <replaceable>integer</replaceable> | * ) </optional> + allow { <replaceable>address_match_element</replaceable>; ... } + <optional> keys { <replaceable>string</replaceable>; ... } </optional>; + unix <replaceable>unsupported</replaceable>; // not implemented +}; +</literallayout> + </refsect1> + + <refsect1> + <title>LOGGING</title> + <literallayout> +logging { + channel <replaceable>string</replaceable> { + file <replaceable>log_file</replaceable>; + syslog <replaceable>optional_facility</replaceable>; + null; + stderr; + severity <replaceable>log_severity</replaceable>; + print-time <replaceable>boolean</replaceable>; + print-severity <replaceable>boolean</replaceable>; + print-category <replaceable>boolean</replaceable>; + }; + category <replaceable>string</replaceable> { <replaceable>string</replaceable>; ... }; +}; +</literallayout> + </refsect1> + + <refsect1> + <title>LWRES</title> + <literallayout> +lwres { + listen-on <optional> port <replaceable>integer</replaceable> </optional> { + ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> ) <optional> port <replaceable>integer</replaceable> </optional>; ... + }; + view <replaceable>string</replaceable> <replaceable>optional_class</replaceable>; + search { <replaceable>string</replaceable>; ... }; + ndots <replaceable>integer</replaceable>; +}; +</literallayout> + </refsect1> + + <refsect1> + <title>OPTIONS</title> + <literallayout> +options { + avoid-v4-udp-ports { <replaceable>port</replaceable>; ... }; + avoid-v6-udp-ports { <replaceable>port</replaceable>; ... }; + blackhole { <replaceable>address_match_element</replaceable>; ... }; + coresize <replaceable>size</replaceable>; + datasize <replaceable>size</replaceable>; + directory <replaceable>quoted_string</replaceable>; + dump-file <replaceable>quoted_string</replaceable>; + files <replaceable>size</replaceable>; + heartbeat-interval <replaceable>integer</replaceable>; + host-statistics <replaceable>boolean</replaceable>; // not implemented + host-statistics-max <replaceable>number</replaceable>; // not implemented + hostname ( <replaceable>quoted_string</replaceable> | none ); + interface-interval <replaceable>integer</replaceable>; + listen-on <optional> port <replaceable>integer</replaceable> </optional> { <replaceable>address_match_element</replaceable>; ... }; + listen-on-v6 <optional> port <replaceable>integer</replaceable> </optional> { <replaceable>address_match_element</replaceable>; ... }; + match-mapped-addresses <replaceable>boolean</replaceable>; + memstatistics-file <replaceable>quoted_string</replaceable>; + pid-file ( <replaceable>quoted_string</replaceable> | none ); + port <replaceable>integer</replaceable>; + querylog <replaceable>boolean</replaceable>; + recursing-file <replaceable>quoted_string</replaceable>; + reserved-sockets <replaceable>integer</replaceable>; + random-device <replaceable>quoted_string</replaceable>; + recursive-clients <replaceable>integer</replaceable>; + serial-query-rate <replaceable>integer</replaceable>; + server-id ( <replaceable>quoted_string</replaceable> | none |; + stacksize <replaceable>size</replaceable>; + statistics-file <replaceable>quoted_string</replaceable>; + statistics-interval <replaceable>integer</replaceable>; // not yet implemented + tcp-clients <replaceable>integer</replaceable>; + tcp-listen-queue <replaceable>integer</replaceable>; + tkey-dhkey <replaceable>quoted_string</replaceable> <replaceable>integer</replaceable>; + tkey-gssapi-credential <replaceable>quoted_string</replaceable>; + tkey-domain <replaceable>quoted_string</replaceable>; + transfers-per-ns <replaceable>integer</replaceable>; + transfers-in <replaceable>integer</replaceable>; + transfers-out <replaceable>integer</replaceable>; + use-ixfr <replaceable>boolean</replaceable>; + version ( <replaceable>quoted_string</replaceable> | none ); + allow-recursion { <replaceable>address_match_element</replaceable>; ... }; + allow-recursion-on { <replaceable>address_match_element</replaceable>; ... }; + sortlist { <replaceable>address_match_element</replaceable>; ... }; + topology { <replaceable>address_match_element</replaceable>; ... }; // not implemented + auth-nxdomain <replaceable>boolean</replaceable>; // default changed + minimal-responses <replaceable>boolean</replaceable>; + recursion <replaceable>boolean</replaceable>; + rrset-order { + <optional> class <replaceable>string</replaceable> </optional> <optional> type <replaceable>string</replaceable> </optional> + <optional> name <replaceable>quoted_string</replaceable> </optional> <replaceable>string</replaceable> <replaceable>string</replaceable>; ... + }; + provide-ixfr <replaceable>boolean</replaceable>; + request-ixfr <replaceable>boolean</replaceable>; + rfc2308-type1 <replaceable>boolean</replaceable>; // not yet implemented + additional-from-auth <replaceable>boolean</replaceable>; + additional-from-cache <replaceable>boolean</replaceable>; + query-source ( ( <replaceable>ipv4_address</replaceable> | * ) | <optional> address ( <replaceable>ipv4_address</replaceable> | * ) </optional> ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + query-source-v6 ( ( <replaceable>ipv6_address</replaceable> | * ) | <optional> address ( <replaceable>ipv6_address</replaceable> | * ) </optional> ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + use-queryport-pool <replaceable>boolean</replaceable>; + queryport-pool-ports <replaceable>integer</replaceable>; + queryport-pool-updateinterval <replaceable>integer</replaceable>; + cleaning-interval <replaceable>integer</replaceable>; + min-roots <replaceable>integer</replaceable>; // not implemented + lame-ttl <replaceable>integer</replaceable>; + max-ncache-ttl <replaceable>integer</replaceable>; + max-cache-ttl <replaceable>integer</replaceable>; + transfer-format ( many-answers | one-answer ); + max-cache-size <replaceable>size</replaceable>; + max-acache-size <replaceable>size</replaceable>; + clients-per-query <replaceable>number</replaceable>; + max-clients-per-query <replaceable>number</replaceable>; + check-names ( master | slave | response ) + ( fail | warn | ignore ); + check-mx ( fail | warn | ignore ); + check-integrity <replaceable>boolean</replaceable>; + check-mx-cname ( fail | warn | ignore ); + check-srv-cname ( fail | warn | ignore ); + cache-file <replaceable>quoted_string</replaceable>; // test option + suppress-initial-notify <replaceable>boolean</replaceable>; // not yet implemented + preferred-glue <replaceable>string</replaceable>; + dual-stack-servers <optional> port <replaceable>integer</replaceable> </optional> { + ( <replaceable>quoted_string</replaceable> <optional>port <replaceable>integer</replaceable></optional> | + <replaceable>ipv4_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> | + <replaceable>ipv6_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> ); ... + }; + edns-udp-size <replaceable>integer</replaceable>; + max-udp-size <replaceable>integer</replaceable>; + root-delegation-only <optional> exclude { <replaceable>quoted_string</replaceable>; ... } </optional>; + disable-algorithms <replaceable>string</replaceable> { <replaceable>string</replaceable>; ... }; + dnssec-enable <replaceable>boolean</replaceable>; + dnssec-validation <replaceable>boolean</replaceable>; + dnssec-lookaside <replaceable>string</replaceable> trust-anchor <replaceable>string</replaceable>; + dnssec-must-be-secure <replaceable>string</replaceable> <replaceable>boolean</replaceable>; + dnssec-accept-expired <replaceable>boolean</replaceable>; + + empty-server <replaceable>string</replaceable>; + empty-contact <replaceable>string</replaceable>; + empty-zones-enable <replaceable>boolean</replaceable>; + disable-empty-zone <replaceable>string</replaceable>; + + dialup <replaceable>dialuptype</replaceable>; + ixfr-from-differences <replaceable>ixfrdiff</replaceable>; + + allow-query { <replaceable>address_match_element</replaceable>; ... }; + allow-query-on { <replaceable>address_match_element</replaceable>; ... }; + allow-query-cache { <replaceable>address_match_element</replaceable>; ... }; + allow-query-cache-on { <replaceable>address_match_element</replaceable>; ... }; + allow-transfer { <replaceable>address_match_element</replaceable>; ... }; + allow-update { <replaceable>address_match_element</replaceable>; ... }; + allow-update-forwarding { <replaceable>address_match_element</replaceable>; ... }; + update-check-ksk <replaceable>boolean</replaceable>; + + masterfile-format ( text | raw ); + notify <replaceable>notifytype</replaceable>; + notify-source ( <replaceable>ipv4_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + notify-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + notify-delay <replaceable>seconds</replaceable>; + notify-to-soa <replaceable>boolean</replaceable>; + also-notify <optional> port <replaceable>integer</replaceable> </optional> { ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> ) + <optional> port <replaceable>integer</replaceable> </optional>; ... }; + allow-notify { <replaceable>address_match_element</replaceable>; ... }; + + forward ( first | only ); + forwarders <optional> port <replaceable>integer</replaceable> </optional> { + ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> ) <optional> port <replaceable>integer</replaceable> </optional>; ... + }; + + max-journal-size <replaceable>size_no_default</replaceable>; + max-transfer-time-in <replaceable>integer</replaceable>; + max-transfer-time-out <replaceable>integer</replaceable>; + max-transfer-idle-in <replaceable>integer</replaceable>; + max-transfer-idle-out <replaceable>integer</replaceable>; + max-retry-time <replaceable>integer</replaceable>; + min-retry-time <replaceable>integer</replaceable>; + max-refresh-time <replaceable>integer</replaceable>; + min-refresh-time <replaceable>integer</replaceable>; + multi-master <replaceable>boolean</replaceable>; + + sig-validity-interval <replaceable>integer</replaceable>; + sig-re-signing-interval <replaceable>integer</replaceable>; + sig-signing-nodes <replaceable>integer</replaceable>; + sig-signing-signatures <replaceable>integer</replaceable>; + sig-signing-type <replaceable>integer</replaceable>; + + transfer-source ( <replaceable>ipv4_address</replaceable> | * ) + <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) + <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + + alt-transfer-source ( <replaceable>ipv4_address</replaceable> | * ) + <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + alt-transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) + <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + use-alt-transfer-source <replaceable>boolean</replaceable>; + + zone-statistics <replaceable>boolean</replaceable>; + key-directory <replaceable>quoted_string</replaceable>; + try-tcp-refresh <replaceable>boolean</replaceable>; + zero-no-soa-ttl <replaceable>boolean</replaceable>; + zero-no-soa-ttl-cache <replaceable>boolean</replaceable>; + + nsec3-test-zone <replaceable>boolean</replaceable>; // testing only + + allow-v6-synthesis { <replaceable>address_match_element</replaceable>; ... }; // obsolete + deallocate-on-exit <replaceable>boolean</replaceable>; // obsolete + fake-iquery <replaceable>boolean</replaceable>; // obsolete + fetch-glue <replaceable>boolean</replaceable>; // obsolete + has-old-clients <replaceable>boolean</replaceable>; // obsolete + maintain-ixfr-base <replaceable>boolean</replaceable>; // obsolete + max-ixfr-log-size <replaceable>size</replaceable>; // obsolete + multiple-cnames <replaceable>boolean</replaceable>; // obsolete + named-xfer <replaceable>quoted_string</replaceable>; // obsolete + serial-queries <replaceable>integer</replaceable>; // obsolete + treat-cr-as-space <replaceable>boolean</replaceable>; // obsolete + use-id-pool <replaceable>boolean</replaceable>; // obsolete +}; +</literallayout> + </refsect1> + + <refsect1> + <title>VIEW</title> + <literallayout> +view <replaceable>string</replaceable> <replaceable>optional_class</replaceable> { + match-clients { <replaceable>address_match_element</replaceable>; ... }; + match-destinations { <replaceable>address_match_element</replaceable>; ... }; + match-recursive-only <replaceable>boolean</replaceable>; + + key <replaceable>string</replaceable> { + algorithm <replaceable>string</replaceable>; + secret <replaceable>string</replaceable>; + }; + + zone <replaceable>string</replaceable> <replaceable>optional_class</replaceable> { + ... + }; + + server ( <replaceable>ipv4_address<optional>/prefixlen</optional></replaceable> | <replaceable>ipv6_address<optional>/prefixlen</optional></replaceable> ) { + ... + }; + + trusted-keys { + <replaceable>string</replaceable> <replaceable>integer</replaceable> <replaceable>integer</replaceable> <replaceable>integer</replaceable> <replaceable>quoted_string</replaceable>; ... + }; + + allow-recursion { <replaceable>address_match_element</replaceable>; ... }; + allow-recursion-on { <replaceable>address_match_element</replaceable>; ... }; + sortlist { <replaceable>address_match_element</replaceable>; ... }; + topology { <replaceable>address_match_element</replaceable>; ... }; // not implemented + auth-nxdomain <replaceable>boolean</replaceable>; // default changed + minimal-responses <replaceable>boolean</replaceable>; + recursion <replaceable>boolean</replaceable>; + rrset-order { + <optional> class <replaceable>string</replaceable> </optional> <optional> type <replaceable>string</replaceable> </optional> + <optional> name <replaceable>quoted_string</replaceable> </optional> <replaceable>string</replaceable> <replaceable>string</replaceable>; ... + }; + provide-ixfr <replaceable>boolean</replaceable>; + request-ixfr <replaceable>boolean</replaceable>; + rfc2308-type1 <replaceable>boolean</replaceable>; // not yet implemented + additional-from-auth <replaceable>boolean</replaceable>; + additional-from-cache <replaceable>boolean</replaceable>; + query-source ( ( <replaceable>ipv4_address</replaceable> | * ) | <optional> address ( <replaceable>ipv4_address</replaceable> | * ) </optional> ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + query-source-v6 ( ( <replaceable>ipv6_address</replaceable> | * ) | <optional> address ( <replaceable>ipv6_address</replaceable> | * ) </optional> ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + use-queryport-pool <replaceable>boolean</replaceable>; + queryport-pool-ports <replaceable>integer</replaceable>; + queryport-pool-updateinterval <replaceable>integer</replaceable>; + cleaning-interval <replaceable>integer</replaceable>; + min-roots <replaceable>integer</replaceable>; // not implemented + lame-ttl <replaceable>integer</replaceable>; + max-ncache-ttl <replaceable>integer</replaceable>; + max-cache-ttl <replaceable>integer</replaceable>; + transfer-format ( many-answers | one-answer ); + max-cache-size <replaceable>size</replaceable>; + max-acache-size <replaceable>size</replaceable>; + clients-per-query <replaceable>number</replaceable>; + max-clients-per-query <replaceable>number</replaceable>; + check-names ( master | slave | response ) + ( fail | warn | ignore ); + check-mx ( fail | warn | ignore ); + check-integrity <replaceable>boolean</replaceable>; + check-mx-cname ( fail | warn | ignore ); + check-srv-cname ( fail | warn | ignore ); + cache-file <replaceable>quoted_string</replaceable>; // test option + suppress-initial-notify <replaceable>boolean</replaceable>; // not yet implemented + preferred-glue <replaceable>string</replaceable>; + dual-stack-servers <optional> port <replaceable>integer</replaceable> </optional> { + ( <replaceable>quoted_string</replaceable> <optional>port <replaceable>integer</replaceable></optional> | + <replaceable>ipv4_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> | + <replaceable>ipv6_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> ); ... + }; + edns-udp-size <replaceable>integer</replaceable>; + max-udp-size <replaceable>integer</replaceable>; + root-delegation-only <optional> exclude { <replaceable>quoted_string</replaceable>; ... } </optional>; + disable-algorithms <replaceable>string</replaceable> { <replaceable>string</replaceable>; ... }; + dnssec-enable <replaceable>boolean</replaceable>; + dnssec-validation <replaceable>boolean</replaceable>; + dnssec-lookaside <replaceable>string</replaceable> trust-anchor <replaceable>string</replaceable>; + dnssec-must-be-secure <replaceable>string</replaceable> <replaceable>boolean</replaceable>; + dnssec-accept-expired <replaceable>boolean</replaceable>; + + empty-server <replaceable>string</replaceable>; + empty-contact <replaceable>string</replaceable>; + empty-zones-enable <replaceable>boolean</replaceable>; + disable-empty-zone <replaceable>string</replaceable>; + + dialup <replaceable>dialuptype</replaceable>; + ixfr-from-differences <replaceable>ixfrdiff</replaceable>; + + allow-query { <replaceable>address_match_element</replaceable>; ... }; + allow-query-on { <replaceable>address_match_element</replaceable>; ... }; + allow-query-cache { <replaceable>address_match_element</replaceable>; ... }; + allow-query-cache-on { <replaceable>address_match_element</replaceable>; ... }; + allow-transfer { <replaceable>address_match_element</replaceable>; ... }; + allow-update { <replaceable>address_match_element</replaceable>; ... }; + allow-update-forwarding { <replaceable>address_match_element</replaceable>; ... }; + update-check-ksk <replaceable>boolean</replaceable>; + + masterfile-format ( text | raw ); + notify <replaceable>notifytype</replaceable>; + notify-source ( <replaceable>ipv4_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + notify-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + notify-delay <replaceable>seconds</replaceable>; + notify-to-soa <replaceable>boolean</replaceable>; + also-notify <optional> port <replaceable>integer</replaceable> </optional> { ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> ) + <optional> port <replaceable>integer</replaceable> </optional>; ... }; + allow-notify { <replaceable>address_match_element</replaceable>; ... }; + + forward ( first | only ); + forwarders <optional> port <replaceable>integer</replaceable> </optional> { + ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> ) <optional> port <replaceable>integer</replaceable> </optional>; ... + }; + + max-journal-size <replaceable>size_no_default</replaceable>; + max-transfer-time-in <replaceable>integer</replaceable>; + max-transfer-time-out <replaceable>integer</replaceable>; + max-transfer-idle-in <replaceable>integer</replaceable>; + max-transfer-idle-out <replaceable>integer</replaceable>; + max-retry-time <replaceable>integer</replaceable>; + min-retry-time <replaceable>integer</replaceable>; + max-refresh-time <replaceable>integer</replaceable>; + min-refresh-time <replaceable>integer</replaceable>; + multi-master <replaceable>boolean</replaceable>; + sig-validity-interval <replaceable>integer</replaceable>; + + transfer-source ( <replaceable>ipv4_address</replaceable> | * ) + <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) + <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + + alt-transfer-source ( <replaceable>ipv4_address</replaceable> | * ) + <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + alt-transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) + <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + use-alt-transfer-source <replaceable>boolean</replaceable>; + + zone-statistics <replaceable>boolean</replaceable>; + try-tcp-refresh <replaceable>boolean</replaceable>; + key-directory <replaceable>quoted_string</replaceable>; + zero-no-soa-ttl <replaceable>boolean</replaceable>; + zero-no-soa-ttl-cache <replaceable>boolean</replaceable>; + + allow-v6-synthesis { <replaceable>address_match_element</replaceable>; ... }; // obsolete + fetch-glue <replaceable>boolean</replaceable>; // obsolete + maintain-ixfr-base <replaceable>boolean</replaceable>; // obsolete + max-ixfr-log-size <replaceable>size</replaceable>; // obsolete +}; +</literallayout> + </refsect1> + + <refsect1> + <title>ZONE</title> + <literallayout> +zone <replaceable>string</replaceable> <replaceable>optional_class</replaceable> { + type ( master | slave | stub | hint | + forward | delegation-only ); + file <replaceable>quoted_string</replaceable>; + + masters <optional> port <replaceable>integer</replaceable> </optional> { + ( <replaceable>masters</replaceable> | + <replaceable>ipv4_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> | + <replaceable>ipv6_address</replaceable> <optional> port <replaceable>integer</replaceable> </optional> ) <optional> key <replaceable>string</replaceable> </optional>; ... + }; + + database <replaceable>string</replaceable>; + delegation-only <replaceable>boolean</replaceable>; + check-names ( fail | warn | ignore ); + check-mx ( fail | warn | ignore ); + check-integrity <replaceable>boolean</replaceable>; + check-mx-cname ( fail | warn | ignore ); + check-srv-cname ( fail | warn | ignore ); + dialup <replaceable>dialuptype</replaceable>; + ixfr-from-differences <replaceable>boolean</replaceable>; + journal <replaceable>quoted_string</replaceable>; + zero-no-soa-ttl <replaceable>boolean</replaceable>; + + allow-query { <replaceable>address_match_element</replaceable>; ... }; + allow-query-on { <replaceable>address_match_element</replaceable>; ... }; + allow-transfer { <replaceable>address_match_element</replaceable>; ... }; + allow-update { <replaceable>address_match_element</replaceable>; ... }; + allow-update-forwarding { <replaceable>address_match_element</replaceable>; ... }; + update-policy { + ( grant | deny ) <replaceable>string</replaceable> + ( name | subdomain | wildcard | self | selfsub | selfwild | + krb5-self | ms-self | krb5-subdomain | ms-subdomain | + tcp-self | 6to4-self ) <replaceable>string</replaceable> + <replaceable>rrtypelist</replaceable>; ... + }; + update-check-ksk <replaceable>boolean</replaceable>; + + masterfile-format ( text | raw ); + notify <replaceable>notifytype</replaceable>; + notify-source ( <replaceable>ipv4_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + notify-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + notify-delay <replaceable>seconds</replaceable>; + notify-to-soa <replaceable>boolean</replaceable>; + also-notify <optional> port <replaceable>integer</replaceable> </optional> { ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> ) + <optional> port <replaceable>integer</replaceable> </optional>; ... }; + allow-notify { <replaceable>address_match_element</replaceable>; ... }; + + forward ( first | only ); + forwarders <optional> port <replaceable>integer</replaceable> </optional> { + ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> ) <optional> port <replaceable>integer</replaceable> </optional>; ... + }; + + max-journal-size <replaceable>size_no_default</replaceable>; + max-transfer-time-in <replaceable>integer</replaceable>; + max-transfer-time-out <replaceable>integer</replaceable>; + max-transfer-idle-in <replaceable>integer</replaceable>; + max-transfer-idle-out <replaceable>integer</replaceable>; + max-retry-time <replaceable>integer</replaceable>; + min-retry-time <replaceable>integer</replaceable>; + max-refresh-time <replaceable>integer</replaceable>; + min-refresh-time <replaceable>integer</replaceable>; + multi-master <replaceable>boolean</replaceable>; + sig-validity-interval <replaceable>integer</replaceable>; + + transfer-source ( <replaceable>ipv4_address</replaceable> | * ) + <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) + <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + + alt-transfer-source ( <replaceable>ipv4_address</replaceable> | * ) + <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + alt-transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) + <optional> port ( <replaceable>integer</replaceable> | * ) </optional>; + use-alt-transfer-source <replaceable>boolean</replaceable>; + + zone-statistics <replaceable>boolean</replaceable>; + try-tcp-refresh <replaceable>boolean</replaceable>; + key-directory <replaceable>quoted_string</replaceable>; + + nsec3-test-zone <replaceable>boolean</replaceable>; // testing only + + ixfr-base <replaceable>quoted_string</replaceable>; // obsolete + ixfr-tmp-file <replaceable>quoted_string</replaceable>; // obsolete + maintain-ixfr-base <replaceable>boolean</replaceable>; // obsolete + max-ixfr-log-size <replaceable>size</replaceable>; // obsolete + pubkey <replaceable>integer</replaceable> <replaceable>integer</replaceable> <replaceable>integer</replaceable> <replaceable>quoted_string</replaceable>; // obsolete +}; +</literallayout> + </refsect1> + + <refsect1> + <title>FILES</title> + <para><filename>/etc/named.conf</filename> + </para> + </refsect1> + + <refsect1> + <title>SEE ALSO</title> + <para><citerefentry> + <refentrytitle>named</refentrytitle><manvolnum>8</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>named-checkconf</refentrytitle><manvolnum>8</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>rndc</refentrytitle><manvolnum>8</manvolnum> + </citerefentry>, + <citetitle>BIND 9 Administrator Reference Manual</citetitle>. + </para> + </refsect1> + +</refentry><!-- + - Local variables: + - mode: sgml + - End: +--> |