/*****************************************************************
**
**      #(@)    named.conf	(c) 6. May 2004 (hoz)
**
*****************************************************************/

/*****************************************************************
**      logging options
*****************************************************************/
logging {
        channel "named-log" {
                file "/var/log/named" versions 3 size 2m;
                print-time yes;
                print-category yes;
                print-severity yes;
                severity info;
        };
        channel "resolver-log" {
                file "/var/log/named";
                print-time yes;
                print-category yes;
                print-severity yes;
                severity debug 1;
        };
        channel "dnssec-log" {
#                file "/var/log/named-dnssec" ;
                file "/var/log/named" ;
                print-time yes;
                print-category yes;
                print-severity yes;
                severity debug 3;
        };
        category "dnssec" { "dnssec-log"; };
        category "default" { "named-log"; };
        category "resolver" { "resolver-log"; };
        category "client" { "resolver-log"; };
        category "queries" { "resolver-log"; };
};

/*****************************************************************
**      name server options
*****************************************************************/
options {
	directory ".";

	dump-file "/var/log/named_dump.db";
	statistics-file "/var/log/named.stats";

	listen-on-v6 { any; };

	query-source address * port 53;
	transfer-source * port 53;
	notify-source * port 53;

	recursion yes;
	dnssec-enable yes;
	edns-udp-size 4096;

#	dnssec-lookaside "." trust-anchor "trusted-keys.de.";

	querylog yes;

};

/*****************************************************************
**      include shared secrets...
*****************************************************************/
/**      for control sessions ...	**/
#	include "rndc.key";
controls {
 	inet 127.0.0.1 
 		allow { localhost; }
		keys { "rndc-key"; };
 	inet ::1 
 		allow { localhost; }
		keys { "rndc-key"; };
};

/*****************************************************************
**      ... and trusted_keys
*****************************************************************/
# include "trusted-keys.conf" ;

/*****************************************************************
**      root server hints and required 127 stuff
*****************************************************************/
zone "." in {
	type hint;
	file "root.hint";
};

zone "localhost" in {
	type master;
	file "localhost.zone";
};

zone "0.0.127.in-addr.arpa" in {
	type master;
	file "127.0.0.zone";
};

include "zone.conf";