blob: 8bd3f9db7c396f29739255c5032a13831869f5f7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
|
/*****************************************************************
**
** #(@) named.conf (c) 6. May 2004 (hoz)
**
*****************************************************************/
/*****************************************************************
** logging options
*****************************************************************/
logging {
channel "named-log" {
file "/var/log/named" versions 3 size 2m;
print-time yes;
print-category yes;
print-severity yes;
severity info;
};
channel "resolver-log" {
file "/var/log/named";
print-time yes;
print-category yes;
print-severity yes;
severity debug 1;
};
channel "dnssec-log" {
# file "/var/log/named-dnssec" ;
file "/var/log/named" ;
print-time yes;
print-category yes;
print-severity yes;
severity debug 3;
};
category "dnssec" { "dnssec-log"; };
category "default" { "named-log"; };
category "resolver" { "resolver-log"; };
category "client" { "resolver-log"; };
category "queries" { "resolver-log"; };
};
/*****************************************************************
** name server options
*****************************************************************/
options {
directory ".";
dump-file "/var/log/named_dump.db";
statistics-file "/var/log/named.stats";
listen-on-v6 { any; };
query-source address * port 53;
transfer-source * port 53;
notify-source * port 53;
recursion yes;
dnssec-enable yes;
edns-udp-size 4096;
# dnssec-lookaside "." trust-anchor "trusted-keys.de.";
querylog yes;
};
/*****************************************************************
** include shared secrets...
*****************************************************************/
/** for control sessions ... **/
# include "rndc.key";
controls {
inet 127.0.0.1
allow { localhost; }
keys { "rndc-key"; };
inet ::1
allow { localhost; }
keys { "rndc-key"; };
};
/*****************************************************************
** ... and trusted_keys
*****************************************************************/
# include "trusted-keys.conf" ;
/*****************************************************************
** root server hints and required 127 stuff
*****************************************************************/
zone "." in {
type hint;
file "root.hint";
};
zone "localhost" in {
type master;
file "localhost.zone";
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "127.0.0.zone";
};
include "zone.conf";
|
