SpecialistOff.NET / Вопросы / Статьи / Фрагменты кода / Резюме / Метки / Помощь / Файлы
НазадМетки: named.conf man dns bind named
NAME
SYNOPSIS
DESCRIPTION
ACL
CONTROLS
DLZ
DYNDB
KEY
LOGGING
LWRES
MANAGED-KEYS
MASTERS
OPTIONS
SERVER
STATISTICS-CHANNELS
TRUSTED-KEYS
VIEW
ZONE
FILES
SEE ALSO
AUTHOR
COPYRIGHT
named.conf − configuration file for named
|
named.conf |
named.conf is the configuration file for named. Statements are enclosed in braces and terminated with a semi−colon. Clauses in the statements are also semi−colon terminated. The usual comment styles are supported:
C style: /* */
C++ style: // to end of line
Unix style: # to end of line
acl string { address_match_element; ... };
controls {
|
inet ( ipv4_address | ipv6_address | |
|
|
* ) [ port ( integer | * ) ] allow |
|
|
{ address_match_element; ... } [ |
|
|
keys { string; ... } ] [ read−only |
|
|
boolean ]; |
|
|
unix quoted_string perm integer |
|
|
owner integer group integer [ |
|
|
keys { string; ... } ] [ read−only |
|
|
boolean ]; |
};
dlz string {
|
database string; |
|
|
search boolean; |
};
dyndb string quoted_string {
unspecified−text };
key string {
|
algorithm string; |
|
|
secret string; |
};
logging {
|
category string { string; ... }; |
|||
|
channel string { |
|||
|
buffered boolean; |
|||
|
file quoted_string [ versions ( "unlimited" | integer ) |
|||
|
] [ size size ]; |
|||
|
null; |
|||
|
print−category boolean; |
|||
|
print−severity boolean; |
|||
|
print−time boolean; |
|||
|
severity log_severity; |
|||
|
stderr; |
|||
|
syslog [ syslog_facility ]; |
|||
|
}; |
};
lwres {
|
listen−on [ port integer ] [ dscp integer ] { ( ipv4_address |
|
|
| ipv6_address ) [ port integer ] [ dscp integer ]; ... }; |
|
|
lwres−clients integer; |
|
|
lwres−tasks integer; |
|
|
ndots integer; |
|
|
search { string; ... }; |
|
|
view string [ class ]; |
};
managed−keys { string string integer
integer integer quoted_string; ... };
masters string [ port integer ] [ dscp
integer ] { ( masters | ipv4_address [
port integer ] | ipv6_address [ port
integer ] ) [ key string ]; ... };
options {
|
acache−cleaning−interval integer; |
|||
|
acache−enable boolean; |
|||
|
additional−from−auth boolean; |
|||
|
additional−from−cache boolean; |
|||
|
allow−new−zones boolean; |
|||
|
allow−notify { address_match_element; ... }; |
|||
|
allow−query { address_match_element; ... }; |
|||
|
allow−query−cache { address_match_element; ... }; |
|||
|
allow−query−cache−on { address_match_element; ... }; |
|||
|
allow−query−on { address_match_element; ... }; |
|||
|
allow−recursion { address_match_element; ... }; |
|||
|
allow−recursion−on { address_match_element; ... }; |
|||
|
allow−transfer { address_match_element; ... }; |
|||
|
allow−update { address_match_element; ... }; |
|||
|
allow−update−forwarding { address_match_element; ... }; |
|||
|
also−notify [ port integer ] [ dscp integer ] { ( masters | |
|||
|
ipv4_address [ port integer ] | ipv6_address [ port |
|||
|
integer ] ) [ key string ]; ... }; |
|||
|
alt−transfer−source ( ipv4_address | * ) [ port ( integer | * ) |
|||
|
] [ dscp integer ]; |
|||
|
alt−transfer−source−v6 ( ipv6_address | * ) [ port ( integer | |
|||
|
* ) ] [ dscp integer ]; |
|||
|
answer−cookie boolean; |
|||
|
attach−cache string; |
|||
|
auth−nxdomain boolean; // default changed |
|||
|
auto−dnssec ( allow | maintain | off ); |
|||
|
automatic−interface−scan boolean; |
|||
|
avoid−v4−udp−ports { portrange; ... }; |
|||
|
avoid−v6−udp−ports { portrange; ... }; |
|||
|
bindkeys−file quoted_string; |
|||
|
blackhole { address_match_element; ... }; |
|||
|
cache−file quoted_string; |
|||
|
catalog−zones { zone string [ default−masters [ port integer ] |
|||
|
[ dscp integer ] { ( masters | ipv4_address [ port |
|||
|
integer ] | ipv6_address [ port integer ] ) [ key |
|||
|
string ]; ... } ] [ zone−directory quoted_string ] [ |
|||
|
in−memory boolean ] [ min−update−interval integer ]; ... }; |
|||
|
check−dup−records ( fail | warn | ignore ); |
|||
|
check−integrity boolean; |
|||
|
check−mx ( fail | warn | ignore ); |
|||
|
check−mx−cname ( fail | warn | ignore ); |
|||
|
check−names ( master | slave | response |
|||
|
) ( fail | warn | ignore ); |
|||
|
check−sibling boolean; |
|||
|
check−spf ( warn | ignore ); |
|||
|
check−srv−cname ( fail | warn | ignore ); |
|||
|
check−wildcard boolean; |
|||
|
cleaning−interval integer; |
|||
|
clients−per−query integer; |
|||
|
cookie−algorithm ( aes | sha1 | sha256 | siphash24 ); |
|||
|
cookie−secret string; |
|||
|
coresize ( default | unlimited | sizeval ); |
|||
|
datasize ( default | unlimited | sizeval ); |
|||
|
deny−answer−addresses { address_match_element; ... } [ |
|||
|
except−from { quoted_string; ... } ]; |
|||
|
deny−answer−aliases { quoted_string; ... } [ except−from { |
|||
|
quoted_string; ... } ]; |
|||
|
dialup ( notify | notify−passive | passive | refresh | boolean ); |
|||
|
directory quoted_string; |
|||
|
disable−algorithms string { string; |
|||
|
... }; |
|||
|
disable−ds−digests string { string; |
|||
|
... }; |
|||
|
disable−empty−zone string; |
|||
|
dns64 netprefix { |
|||
|
break−dnssec boolean; |
|||
|
clients { address_match_element; ... }; |
|||
|
exclude { address_match_element; ... }; |
|||
|
mapped { address_match_element; ... }; |
|||
|
recursive−only boolean; |
|||
|
suffix ipv6_address; |
|||
|
}; |
|||
|
dns64−contact string; |
|||
|
dns64−server string; |
|||
|
dnssec−accept−expired boolean; |
|||
|
dnssec−dnskey−kskonly boolean; |
|||
|
dnssec−enable boolean; |
|||
|
dnssec−loadkeys−interval integer; |
|||
|
dnssec−lookaside ( string trust−anchor |
|||
|
string | auto | no ); |
|||
|
dnssec−must−be−secure string boolean; |
|||
|
dnssec−secure−to−insecure boolean; |
|||
|
dnssec−update−mode ( maintain | no−resign ); |
|||
|
dnssec−validation ( yes | no | auto ); |
|||
|
dnstap { ( all | auth | client | forwarder | |
|||
|
resolver ) [ ( query | response ) ]; ... }; |
|||
|
dnstap−identity ( quoted_string | none | |
|||
|
hostname ); |
|||
|
dnstap−output ( file | unix ) quoted_string; |
|||
|
dnstap−version ( quoted_string | none ); |
|||
|
dscp integer; |
|||
|
dual−stack−servers [ port integer ] { ( quoted_string [ port |
|||
|
integer ] [ dscp integer ] | ipv4_address [ port |
|||
|
integer ] [ dscp integer ] | ipv6_address [ port |
|||
|
integer ] [ dscp integer ] ); ... }; |
|||
|
dump−file quoted_string; |
|||
|
edns−udp−size integer; |
|||
|
empty−contact string; |
|||
|
empty−server string; |
|||
|
empty−zones−enable boolean; |
|||
|
fetch−quota−params integer fixedpoint fixedpoint fixedpoint; |
|||
|
fetches−per−server integer [ ( drop | fail ) ]; |
|||
|
fetches−per−zone integer [ ( drop | fail ) ]; |
|||
|
files ( default | unlimited | sizeval ); |
|||
|
filter−aaaa { address_match_element; ... }; |
|||
|
filter−aaaa−on−v4 ( break−dnssec | boolean ); |
|||
|
filter−aaaa−on−v6 ( break−dnssec | boolean ); |
|||
|
flush−zones−on−shutdown boolean; |
|||
|
forward ( first | only ); |
|||
|
forwarders [ port integer ] [ dscp integer ] { ( ipv4_address |
|||
|
| ipv6_address ) [ port integer ] [ dscp integer ]; ... }; |
|||
|
fstrm−set−buffer−hint integer; |
|||
|
fstrm−set−flush−timeout integer; |
|||
|
fstrm−set−input−queue−size integer; |
|||
|
fstrm−set−output−notify−threshold integer; |
|||
|
fstrm−set−output−queue−model ( mpsc | spsc ); |
|||
|
fstrm−set−output−queue−size integer; |
|||
|
fstrm−set−reopen−interval integer; |
|||
|
geoip−directory ( quoted_string | none ); |
|||
|
geoip−use−ecs boolean; |
|||
|
heartbeat−interval integer; |
|||
|
hostname ( quoted_string | none ); |
|||
|
inline−signing boolean; |
|||
|
interface−interval integer; |
|||
|
ixfr−from−differences ( master | slave | boolean ); |
|||
|
keep−response−order { address_match_element; ... }; |
|||
|
key−directory quoted_string; |
|||
|
lame−ttl ttlval; |
|||
|
listen−on [ port integer ] [ dscp |
|||
|
integer ] { |
|||
|
address_match_element; ... }; |
|||
|
listen−on−v6 [ port integer ] [ dscp |
|||
|
integer ] { |
|||
|
address_match_element; ... }; |
|||
|
lmdb−mapsize sizeval; |
|||
|
lock−file ( quoted_string | none ); |
|||
|
managed−keys−directory quoted_string; |
|||
|
masterfile−format ( map | raw | text ); |
|||
|
masterfile−style ( full | relative ); |
|||
|
match−mapped−addresses boolean; |
|||
|
max−acache−size ( unlimited | sizeval ); |
|||
|
max−cache−size ( default | unlimited | sizeval | percentage ); |
|||
|
max−cache−ttl integer; |
|||
|
max−clients−per−query integer; |
|||
|
max−journal−size ( unlimited | sizeval ); |
|||
|
max−ncache−ttl integer; |
|||
|
max−records integer; |
|||
|
max−recursion−depth integer; |
|||
|
max−recursion−queries integer; |
|||
|
max−refresh−time integer; |
|||
|
max−retry−time integer; |
|||
|
max−rsa−exponent−size integer; |
|||
|
max−transfer−idle−in integer; |
|||
|
max−transfer−idle−out integer; |
|||
|
max−transfer−time−in integer; |
|||
|
max−transfer−time−out integer; |
|||
|
max−udp−size integer; |
|||
|
max−zone−ttl ( unlimited | ttlval ); |
|||
|
memstatistics boolean; |
|||
|
memstatistics−file quoted_string; |
|||
|
message−compression boolean; |
|||
|
min−refresh−time integer; |
|||
|
min−retry−time integer; |
|||
|
minimal−any boolean; |
|||
|
minimal−responses ( no−auth | no−auth−recursive | boolean ); |
|||
|
multi−master boolean; |
|||
|
no−case−compress { address_match_element; ... }; |
|||
|
nocookie−udp−size integer; |
|||
|
notify ( explicit | master−only | boolean ); |
|||
|
notify−delay integer; |
|||
|
notify−rate integer; |
|||
|
notify−source ( ipv4_address | * ) [ port ( integer | * ) ] [ |
|||
|
dscp integer ]; |
|||
|
notify−source−v6 ( ipv6_address | * ) [ port ( integer | * ) ] |
|||
|
[ dscp integer ]; |
|||
|
notify−to−soa boolean; |
|||
|
nta−lifetime ttlval; |
|||
|
nta−recheck ttlval; |
|||
|
nxdomain−redirect string; |
|||
|
pid−file ( quoted_string | none ); |
|||
|
port integer; |
|||
|
preferred−glue string; |
|||
|
prefetch integer [ integer ]; |
|||
|
provide−ixfr boolean; |
|||
|
query−source ( ( [ address ] ( ipv4_address | * ) [ port ( |
|||
|
integer | * ) ] ) | ( [ [ address ] ( ipv4_address | * ) ] |
|||
|
port ( integer | * ) ) ) [ dscp integer ]; |
|||
|
query−source−v6 ( ( [ address ] ( ipv6_address | * ) [ port ( |
|||
|
integer | * ) ] ) | ( [ [ address ] ( ipv6_address | * ) ] |
|||
|
port ( integer | * ) ) ) [ dscp integer ]; |
|||
|
querylog boolean; |
|||
|
random−device quoted_string; |
|||
|
rate−limit { |
|||
|
all−per−second integer; |
|||
|
errors−per−second integer; |
|||
|
exempt−clients { address_match_element; ... }; |
|||
|
ipv4−prefix−length integer; |
|||
|
ipv6−prefix−length integer; |
|||
|
log−only boolean; |
|||
|
max−table−size integer; |
|||
|
min−table−size integer; |
|||
|
nodata−per−second integer; |
|||
|
nxdomains−per−second integer; |
|||
|
qps−scale integer; |
|||
|
referrals−per−second integer; |
|||
|
responses−per−second integer; |
|||
|
slip integer; |
|||
|
window integer; |
|||
|
}; |
|||
|
recursing−file quoted_string; |
|||
|
recursion boolean; |
|||
|
recursive−clients integer; |
|||
|
request−expire boolean; |
|||
|
request−ixfr boolean; |
|||
|
request−nsid boolean; |
|||
|
require−server−cookie boolean; |
|||
|
reserved−sockets integer; |
|||
|
resolver−query−timeout integer; |
|||
|
response−policy { zone string [ log boolean ] [ max−policy−ttl |
|||
|
integer ] [ policy ( cname | disabled | drop | given | no−op |
|||
|
| nodata | nxdomain | passthru | tcp−only quoted_string ) ] [ |
|||
|
recursive−only boolean ]; ... } [ break−dnssec boolean ] [ |
|||
|
max−policy−ttl integer ] [ min−ns−dots integer ] [ |
|||
|
nsip−wait−recurse boolean ] [ qname−wait−recurse boolean ] |
|||
|
[ recursive−only boolean ]; |
|||
|
root−delegation−only [ exclude { quoted_string; ... } ]; |
|||
|
root−key−sentinel boolean; |
|||
|
rrset−order { [ class string ] [ type string ] [ name |
|||
|
quoted_string ] string string; ... }; |
|||
|
secroots−file quoted_string; |
|||
|
send−cookie boolean; |
|||
|
serial−query−rate integer; |
|||
|
serial−update−method ( date | increment | unixtime ); |
|||
|
server−id ( quoted_string | none | hostname ); |
|||
|
servfail−ttl ttlval; |
|||
|
session−keyalg string; |
|||
|
session−keyfile ( quoted_string | none ); |
|||
|
session−keyname string; |
|||
|
sig−signing−nodes integer; |
|||
|
sig−signing−signatures integer; |
|||
|
sig−signing−type integer; |
|||
|
sig−validity−interval integer [ integer ]; |
|||
|
sortlist { address_match_element; ... }; |
|||
|
stacksize ( default | unlimited | sizeval ); |
|||
|
startup−notify−rate integer; |
|||
|
statistics−file quoted_string; |
|||
|
tcp−clients integer; |
|||
|
tcp−listen−queue integer; |
|||
|
tkey−dhkey quoted_string integer; |
|||
|
tkey−domain quoted_string; |
|||
|
tkey−gssapi−credential quoted_string; |
|||
|
tkey−gssapi−keytab quoted_string; |
|||
|
transfer−format ( many−answers | one−answer ); |
|||
|
transfer−message−size integer; |
|||
|
transfer−source ( ipv4_address | * ) [ port ( integer | * ) ] [ |
|||
|
dscp integer ]; |
|||
|
transfer−source−v6 ( ipv6_address | * ) [ port ( integer | * ) |
|||
|
] [ dscp integer ]; |
|||
|
transfers−in integer; |
|||
|
transfers−out integer; |
|||
|
transfers−per−ns integer; |
|||
|
trust−anchor−telemetry boolean; // experimental |
|||
|
try−tcp−refresh boolean; |
|||
|
update−check−ksk boolean; |
|||
|
use−alt−transfer−source boolean; |
|||
|
use−v4−udp−ports { portrange; ... }; |
|||
|
use−v6−udp−ports { portrange; ... }; |
|||
|
v6−bias integer; |
|||
|
version ( quoted_string | none ); |
|||
|
zero−no−soa−ttl boolean; |
|||
|
zero−no−soa−ttl−cache boolean; |
|||
|
zone−statistics ( full | terse | none | boolean ); |
};
server netprefix {
|
bogus boolean; |
|
|
edns boolean; |
|
|
edns−udp−size integer; |
|
|
edns−version integer; |
|
|
keys server_key; |
|
|
max−udp−size integer; |
|
|
notify−source ( ipv4_address | * ) [ port ( integer | * ) ] [ |
|
|
dscp integer ]; |
|
|
notify−source−v6 ( ipv6_address | * ) [ port ( integer | * ) ] |
|
|
[ dscp integer ]; |
|
|
provide−ixfr boolean; |
|
|
query−source ( ( [ address ] ( ipv4_address | * ) [ port ( |
|
|
integer | * ) ] ) | ( [ [ address ] ( ipv4_address | * ) ] |
|
|
port ( integer | * ) ) ) [ dscp integer ]; |
|
|
query−source−v6 ( ( [ address ] ( ipv6_address | * ) [ port ( |
|
|
integer | * ) ] ) | ( [ [ address ] ( ipv6_address | * ) ] |
|
|
port ( integer | * ) ) ) [ dscp integer ]; |
|
|
request−expire boolean; |
|
|
request−ixfr boolean; |
|
|
request−nsid boolean; |
|
|
send−cookie boolean; |
|
|
tcp−only boolean; |
|
|
transfer−format ( many−answers | one−answer ); |
|
|
transfer−source ( ipv4_address | * ) [ port ( integer | * ) ] [ |
|
|
dscp integer ]; |
|
|
transfer−source−v6 ( ipv6_address | * ) [ port ( integer | * ) |
|
|
] [ dscp integer ]; |
|
|
transfers integer; |
};
statistics−channels {
|
inet ( ipv4_address | ipv6_address | |
|
|
* ) [ port ( integer | * ) ] [ |
|
|
allow { address_match_element; ... |
|
|
} ]; |
};
trusted−keys { string integer integer
integer quoted_string; ... };
view string [ class ] {
|
acache−cleaning−interval integer; |
|||
|
acache−enable boolean; |
|||
|
additional−from−auth boolean; |
|||
|
additional−from−cache boolean; |
|||
|
allow−new−zones boolean; |
|||
|
allow−notify { address_match_element; ... }; |
|||
|
allow−query { address_match_element; ... }; |
|||
|
allow−query−cache { address_match_element; ... }; |
|||
|
allow−query−cache−on { address_match_element; ... }; |
|||
|
allow−query−on { address_match_element; ... }; |
|||
|
allow−recursion { address_match_element; ... }; |
|||
|
allow−recursion−on { address_match_element; ... }; |
|||
|
allow−transfer { address_match_element; ... }; |
|||
|
allow−update { address_match_element; ... }; |
|||
|
allow−update−forwarding { address_match_element; ... }; |
|||
|
also−notify [ port integer ] [ dscp integer ] { ( masters | |
|||
|
ipv4_address [ port integer ] | ipv6_address [ port |
|||
|
integer ] ) [ key string ]; ... }; |
|||
|
alt−transfer−source ( ipv4_address | * ) [ port ( integer | * ) |
|||
|
] [ dscp integer ]; |
|||
|
alt−transfer−source−v6 ( ipv6_address | * ) [ port ( integer | |
|||
|
* ) ] [ dscp integer ]; |
|||
|
attach−cache string; |
|||
|
auth−nxdomain boolean; // default changed |
|||
|
auto−dnssec ( allow | maintain | off ); |
|||
|
cache−file quoted_string; |
|||
|
catalog−zones { zone string [ default−masters [ port integer ] |
|||
|
[ dscp integer ] { ( masters | ipv4_address [ port |
|||
|
integer ] | ipv6_address [ port integer ] ) [ key |
|||
|
string ]; ... } ] [ zone−directory quoted_string ] [ |
|||
|
in−memory boolean ] [ min−update−interval integer ]; ... }; |
|||
|
check−dup−records ( fail | warn | ignore ); |
|||
|
check−integrity boolean; |
|||
|
check−mx ( fail | warn | ignore ); |
|||
|
check−mx−cname ( fail | warn | ignore ); |
|||
|
check−names ( master | slave | response |
|||
|
) ( fail | warn | ignore ); |
|||
|
check−sibling boolean; |
|||
|
check−spf ( warn | ignore ); |
|||
|
check−srv−cname ( fail | warn | ignore ); |
|||
|
check−wildcard boolean; |
|||
|
cleaning−interval integer; |
|||
|
clients−per−query integer; |
|||
|
deny−answer−addresses { address_match_element; ... } [ |
|||
|
except−from { quoted_string; ... } ]; |
|||
|
deny−answer−aliases { quoted_string; ... } [ except−from { |
|||
|
quoted_string; ... } ]; |
|||
|
dialup ( notify | notify−passive | passive | refresh | boolean ); |
|||
|
disable−algorithms string { string; |
|||
|
... }; |
|||
|
disable−ds−digests string { string; |
|||
|
... }; |
|||
|
disable−empty−zone string; |
|||
|
dlz string { |
|||
|
database string; |
|||
|
search boolean; |
|||
|
}; |
|||
|
dns64 netprefix { |
|||
|
break−dnssec boolean; |
|||
|
clients { address_match_element; ... }; |
|||
|
exclude { address_match_element; ... }; |
|||
|
mapped { address_match_element; ... }; |
|||
|
recursive−only boolean; |
|||
|
suffix ipv6_address; |
|||
|
}; |
|||
|
dns64−contact string; |
|||
|
dns64−server string; |
|||
|
dnssec−accept−expired boolean; |
|||
|
dnssec−dnskey−kskonly boolean; |
|||
|
dnssec−enable boolean; |
|||
|
dnssec−loadkeys−interval integer; |
|||
|
dnssec−lookaside ( string trust−anchor |
|||
|
string | auto | no ); |
|||
|
dnssec−must−be−secure string boolean; |
|||
|
dnssec−secure−to−insecure boolean; |
|||
|
dnssec−update−mode ( maintain | no−resign ); |
|||
|
dnssec−validation ( yes | no | auto ); |
|||
|
dnstap { ( all | auth | client | forwarder | |
|||
|
resolver ) [ ( query | response ) ]; ... }; |
|||
|
dual−stack−servers [ port integer ] { ( quoted_string [ port |
|||
|
integer ] [ dscp integer ] | ipv4_address [ port |
|||
|
integer ] [ dscp integer ] | ipv6_address [ port |
|||
|
integer ] [ dscp integer ] ); ... }; |
|||
|
dyndb string quoted_string { |
|||
|
unspecified−text }; |
|||
|
edns−udp−size integer; |
|||
|
empty−contact string; |
|||
|
empty−server string; |
|||
|
empty−zones−enable boolean; |
|||
|
fetch−quota−params integer fixedpoint fixedpoint fixedpoint; |
|||
|
fetches−per−server integer [ ( drop | fail ) ]; |
|||
|
fetches−per−zone integer [ ( drop | fail ) ]; |
|||
|
filter−aaaa { address_match_element; ... }; |
|||
|
filter−aaaa−on−v4 ( break−dnssec | boolean ); |
|||
|
filter−aaaa−on−v6 ( break−dnssec | boolean ); |
|||
|
forward ( first | only ); |
|||
|
forwarders [ port integer ] [ dscp integer ] { ( ipv4_address |
|||
|
| ipv6_address ) [ port integer ] [ dscp integer ]; ... }; |
|||
|
inline−signing boolean; |
|||
|
ixfr−from−differences ( master | slave | boolean ); |
|||
|
key string { |
|||
|
algorithm string; |
|||
|
secret string; |
|||
|
}; |
|||
|
key−directory quoted_string; |
|||
|
lame−ttl ttlval; |
|||
|
lmdb−mapsize sizeval; |
|||
|
managed−keys { string string |
|||
|
integer integer integer |
|||
|
quoted_string; ... }; |
|||
|
masterfile−format ( map | raw | text ); |
|||
|
masterfile−style ( full | relative ); |
|||
|
match−clients { address_match_element; ... }; |
|||
|
match−destinations { address_match_element; ... }; |
|||
|
match−recursive−only boolean; |
|||
|
max−acache−size ( unlimited | sizeval ); |
|||
|
max−cache−size ( default | unlimited | sizeval | percentage ); |
|||
|
max−cache−ttl integer; |
|||
|
max−clients−per−query integer; |
|||
|
max−journal−size ( unlimited | sizeval ); |
|||
|
max−ncache−ttl integer; |
|||
|
max−records integer; |
|||
|
max−recursion−depth integer; |
|||
|
max−recursion−queries integer; |
|||
|
max−refresh−time integer; |
|||
|
max−retry−time integer; |
|||
|
max−transfer−idle−in integer; |
|||
|
max−transfer−idle−out integer; |
|||
|
max−transfer−time−in integer; |
|||
|
max−transfer−time−out integer; |
|||
|
max−udp−size integer; |
|||
|
max−zone−ttl ( unlimited | ttlval ); |
|||
|
message−compression boolean; |
|||
|
min−refresh−time integer; |
|||
|
min−retry−time integer; |
|||
|
minimal−any boolean; |
|||
|
minimal−responses ( no−auth | no−auth−recursive | boolean ); |
|||
|
multi−master boolean; |
|||
|
no−case−compress { address_match_element; ... }; |
|||
|
nocookie−udp−size integer; |
|||
|
notify ( explicit | master−only | boolean ); |
|||
|
notify−delay integer; |
|||
|
notify−source ( ipv4_address | * ) [ port ( integer | * ) ] [ |
|||
|
dscp integer ]; |
|||
|
notify−source−v6 ( ipv6_address | * ) [ port ( integer | * ) ] |
|||
|
[ dscp integer ]; |
|||
|
notify−to−soa boolean; |
|||
|
nta−lifetime ttlval; |
|||
|
nta−recheck ttlval; |
|||
|
nxdomain−redirect string; |
|||
|
preferred−glue string; |
|||
|
prefetch integer [ integer ]; |
|||
|
provide−ixfr boolean; |
|||
|
query−source ( ( [ address ] ( ipv4_address | * ) [ port ( |
|||
|
integer | * ) ] ) | ( [ [ address ] ( ipv4_address | * ) ] |
|||
|
port ( integer | * ) ) ) [ dscp integer ]; |
|||
|
query−source−v6 ( ( [ address ] ( ipv6_address | * ) [ port ( |
|||
|
integer | * ) ] ) | ( [ [ address ] ( ipv6_address | * ) ] |
|||
|
port ( integer | * ) ) ) [ dscp integer ]; |
|||
|
rate−limit { |
|||
|
all−per−second integer; |
|||
|
errors−per−second integer; |
|||
|
exempt−clients { address_match_element; ... }; |
|||
|
ipv4−prefix−length integer; |
|||
|
ipv6−prefix−length integer; |
|||
|
log−only boolean; |
|||
|
max−table−size integer; |
|||
|
min−table−size integer; |
|||
|
nodata−per−second integer; |
|||
|
nxdomains−per−second integer; |
|||
|
qps−scale integer; |
|||
|
referrals−per−second integer; |
|||
|
responses−per−second integer; |
|||
|
slip integer; |
|||
|
window integer; |
|||
|
}; |
|||
|
recursion boolean; |
|||
|
request−expire boolean; |
|||
|
request−ixfr boolean; |
|||
|
request−nsid boolean; |
|||
|
require−server−cookie boolean; |
|||
|
resolver−query−timeout integer; |
|||
|
response−policy { zone string [ log boolean ] [ max−policy−ttl |
|||
|
integer ] [ policy ( cname | disabled | drop | given | no−op |
|||
|
| nodata | nxdomain | passthru | tcp−only quoted_string ) ] [ |
|||
|
recursive−only boolean ]; ... } [ break−dnssec boolean ] [ |
|||
|
max−policy−ttl integer ] [ min−ns−dots integer ] [ |
|||
|
nsip−wait−recurse boolean ] [ qname−wait−recurse boolean ] |
|||
|
[ recursive−only boolean ]; |
|||
|
root−delegation−only [ exclude { quoted_string; ... } ]; |
|||
|
root−key−sentinel boolean; |
|||
|
rrset−order { [ class string ] [ type string ] [ name |
|||
|
quoted_string ] string string; ... }; |
|||
|
send−cookie boolean; |
|||
|
serial−update−method ( date | increment | unixtime ); |
|||
|
server netprefix { |
|||
|
bogus boolean; |
|||
|
edns boolean; |
|||
|
edns−udp−size integer; |
|||
|
edns−version integer; |
|||
|
keys server_key; |
|||
|
max−udp−size integer; |
|||
|
notify−source ( ipv4_address | * ) [ port ( integer | * |
|||
|
) ] [ dscp integer ]; |
|||
|
notify−source−v6 ( ipv6_address | * ) [ port ( integer |
|||
|
| * ) ] [ dscp integer ]; |
|||
|
provide−ixfr boolean; |
|||
|
query−source ( ( [ address ] ( ipv4_address | * ) [ port |
|||
|
( integer | * ) ] ) | ( [ [ address ] ( |
|||
|
ipv4_address | * ) ] port ( integer | * ) ) ) [ |
|||
|
dscp integer ]; |
|||
|
query−source−v6 ( ( [ address ] ( ipv6_address | * ) [ |
|||
|
port ( integer | * ) ] ) | ( [ [ address ] ( |
|||
|
ipv6_address | * ) ] port ( integer | * ) ) ) [ |
|||
|
dscp integer ]; |
|||
|
request−expire boolean; |
|||
|
request−ixfr boolean; |
|||
|
request−nsid boolean; |
|||
|
send−cookie boolean; |
|||
|
tcp−only boolean; |
|||
|
transfer−format ( many−answers | one−answer ); |
|||
|
transfer−source ( ipv4_address | * ) [ port ( integer | |
|||
|
* ) ] [ dscp integer ]; |
|||
|
transfer−source−v6 ( ipv6_address | * ) [ port ( |
|||
|
integer | * ) ] [ dscp integer ]; |
|||
|
transfers integer; |
|||
|
}; |
|||
|
servfail−ttl ttlval; |
|||
|
sig−signing−nodes integer; |
|||
|
sig−signing−signatures integer; |
|||
|
sig−signing−type integer; |
|||
|
sig−validity−interval integer [ integer ]; |
|||
|
sortlist { address_match_element; ... }; |
|||
|
transfer−format ( many−answers | one−answer ); |
|||
|
transfer−source ( ipv4_address | * ) [ port ( integer | * ) ] [ |
|||
|
dscp integer ]; |
|||
|
transfer−source−v6 ( ipv6_address | * ) [ port ( integer | * ) |
|||
|
] [ dscp integer ]; |
|||
|
trust−anchor−telemetry boolean; // experimental |
|||
|
trusted−keys { string integer |
|||
|
integer integer quoted_string; |
|||
|
... }; |
|||
|
try−tcp−refresh boolean; |
|||
|
update−check−ksk boolean; |
|||
|
use−alt−transfer−source boolean; |
|||
|
v6−bias integer; |
|||
|
zero−no−soa−ttl boolean; |
|||
|
zero−no−soa−ttl−cache boolean; |
|||
|
zone string [ class ] { |
|||
|
allow−notify { address_match_element; ... }; |
|||
|
allow−query { address_match_element; ... }; |
|||
|
allow−query−on { address_match_element; ... }; |
|||
|
allow−transfer { address_match_element; ... }; |
|||
|
allow−update { address_match_element; ... }; |
|||
|
allow−update−forwarding { address_match_element; ... }; |
|||
|
also−notify [ port integer ] [ dscp integer ] { ( |
|||
|
masters | ipv4_address [ port integer ] | |
|||
|
ipv6_address [ port integer ] ) [ key string ]; |
|||
|
... }; |
|||
|
alt−transfer−source ( ipv4_address | * ) [ port ( |
|||
|
integer | * ) ] [ dscp integer ]; |
|||
|
alt−transfer−source−v6 ( ipv6_address | * ) [ port ( |
|||
|
integer | * ) ] [ dscp integer ]; |
|||
|
auto−dnssec ( allow | maintain | off ); |
|||
|
check−dup−records ( fail | warn | ignore ); |
|||
|
check−integrity boolean; |
|||
|
check−mx ( fail | warn | ignore ); |
|||
|
check−mx−cname ( fail | warn | ignore ); |
|||
|
check−names ( fail | warn | ignore ); |
|||
|
check−sibling boolean; |
|||
|
check−spf ( warn | ignore ); |
|||
|
check−srv−cname ( fail | warn | ignore ); |
|||
|
check−wildcard boolean; |
|||
|
database string; |
|||
|
delegation−only boolean; |
|||
|
dialup ( notify | notify−passive | passive | refresh | |
|||
|
boolean ); |
|||
|
dlz string; |
|||
|
dnssec−dnskey−kskonly boolean; |
|||
|
dnssec−loadkeys−interval integer; |
|||
|
dnssec−secure−to−insecure boolean; |
|||
|
dnssec−update−mode ( maintain | no−resign ); |
|||
|
file quoted_string; |
|||
|
forward ( first | only ); |
|||
|
forwarders [ port integer ] [ dscp integer ] { ( |
|||
|
ipv4_address | ipv6_address ) [ port integer ] [ |
|||
|
dscp integer ]; ... }; |
|||
|
in−view string; |
|||
|
inline−signing boolean; |
|||
|
ixfr−from−differences boolean; |
|||
|
journal quoted_string; |
|||
|
key−directory quoted_string; |
|||
|
masterfile−format ( map | raw | text ); |
|||
|
masterfile−style ( full | relative ); |
|||
|
masters [ port integer ] [ dscp integer ] { ( masters |
|||
|
| ipv4_address [ port integer ] | ipv6_address [ |
|||
|
port integer ] ) [ key string ]; ... }; |
|||
|
max−ixfr−log−size ( default | unlimited | |
|||
|
max−journal−size ( unlimited | sizeval ); |
|||
|
max−records integer; |
|||
|
max−refresh−time integer; |
|||
|
max−retry−time integer; |
|||
|
max−transfer−idle−in integer; |
|||
|
max−transfer−idle−out integer; |
|||
|
max−transfer−time−in integer; |
|||
|
max−transfer−time−out integer; |
|||
|
max−zone−ttl ( unlimited | ttlval ); |
|||
|
min−refresh−time integer; |
|||
|
min−retry−time integer; |
|||
|
multi−master boolean; |
|||
|
notify ( explicit | master−only | boolean ); |
|||
|
notify−delay integer; |
|||
|
notify−source ( ipv4_address | * ) [ port ( integer | * |
|||
|
) ] [ dscp integer ]; |
|||
|
notify−source−v6 ( ipv6_address | * ) [ port ( integer |
|||
|
| * ) ] [ dscp integer ]; |
|||
|
notify−to−soa boolean; |
|||
|
pubkey integer |
|||
|
integer |
|||
|
integer |
|||
|
request−expire boolean; |
|||
|
request−ixfr boolean; |
|||
|
serial−update−method ( date | increment | unixtime ); |
|||
|
server−addresses { ( ipv4_address | ipv6_address ); ... }; |
|||
|
server−names { quoted_string; ... }; |
|||
|
sig−signing−nodes integer; |
|||
|
sig−signing−signatures integer; |
|||
|
sig−signing−type integer; |
|||
|
sig−validity−interval integer [ integer ]; |
|||
|
transfer−source ( ipv4_address | * ) [ port ( integer | |
|||
|
* ) ] [ dscp integer ]; |
|||
|
transfer−source−v6 ( ipv6_address | * ) [ port ( |
|||
|
integer | * ) ] [ dscp integer ]; |
|||
|
try−tcp−refresh boolean; |
|||
|
type ( delegation−only | forward | hint | master | redirect |
|||
|
| slave | static−stub | stub ); |
|||
|
update−check−ksk boolean; |
|||
|
update−policy ( local | { ( deny | grant ) string ( |
|||
|
6to4−self | external | krb5−self | krb5−selfsub | |
|||
|
krb5−subdomain | ms−self | ms−selfsub | ms−subdomain | |
|||
|
name | self | selfsub | selfwild | subdomain | tcp−self |
|||
|
| wildcard | zonesub ) [ string ] rrtypelist; ... }; |
|||
|
use−alt−transfer−source boolean; |
|||
|
zero−no−soa−ttl boolean; |
|||
|
zone−statistics ( full | terse | none | boolean ); |
|||
|
}; |
|||
|
zone−statistics ( full | terse | none | boolean ); |
};
zone string [ class ] {
|
allow−notify { address_match_element; ... }; |
|
|
allow−query { address_match_element; ... }; |
|
|
allow−query−on { address_match_element; ... }; |
|
|
allow−transfer { address_match_element; ... }; |
|
|
allow−update { address_match_element; ... }; |
|
|
allow−update−forwarding { address_match_element; ... }; |
|
|
also−notify [ port integer ] [ dscp integer ] { ( masters | |
|
|
ipv4_address [ port integer ] | ipv6_address [ port |
|
|
integer ] ) [ key string ]; ... }; |
|
|
alt−transfer−source ( ipv4_address | * ) [ port ( integer | * ) |
|
|
] [ dscp integer ]; |
|
|
alt−transfer−source−v6 ( ipv6_address | * ) [ port ( integer | |
|
|
* ) ] [ dscp integer ]; |
|
|
auto−dnssec ( allow | maintain | off ); |
|
|
check−dup−records ( fail | warn | ignore ); |
|
|
check−integrity boolean; |
|
|
check−mx ( fail | warn | ignore ); |
|
|
check−mx−cname ( fail | warn | ignore ); |
|
|
check−names ( fail | warn | ignore ); |
|
|
check−sibling boolean; |
|
|
check−spf ( warn | ignore ); |
|
|
check−srv−cname ( fail | warn | ignore ); |
|
|
check−wildcard boolean; |
|
|
database string; |
|
|
delegation−only boolean; |
|
|
dialup ( notify | notify−passive | passive | refresh | boolean ); |
|
|
dlz string; |
|
|
dnssec−dnskey−kskonly boolean; |
|
|
dnssec−loadkeys−interval integer; |
|
|
dnssec−secure−to−insecure boolean; |
|
|
dnssec−update−mode ( maintain | no−resign ); |
|
|
file quoted_string; |
|
|
forward ( first | only ); |
|
|
forwarders [ port integer ] [ dscp integer ] { ( ipv4_address |
|
|
| ipv6_address ) [ port integer ] [ dscp integer ]; ... }; |
|
|
in−view string; |
|
|
inline−signing boolean; |
|
|
ixfr−from−differences boolean; |
|
|
journal quoted_string; |
|
|
key−directory quoted_string; |
|
|
masterfile−format ( map | raw | text ); |
|
|
masterfile−style ( full | relative ); |
|
|
masters [ port integer ] [ dscp integer ] { ( masters | |
|
|
ipv4_address [ port integer ] | ipv6_address [ port |
|
|
integer ] ) [ key string ]; ... }; |
|
|
max−journal−size ( unlimited | sizeval ); |
|
|
max−records integer; |
|
|
max−refresh−time integer; |
|
|
max−retry−time integer; |
|
|
max−transfer−idle−in integer; |
|
|
max−transfer−idle−out integer; |
|
|
max−transfer−time−in integer; |
|
|
max−transfer−time−out integer; |
|
|
max−zone−ttl ( unlimited | ttlval ); |
|
|
min−refresh−time integer; |
|
|
min−retry−time integer; |
|
|
multi−master boolean; |
|
|
notify ( explicit | master−only | boolean ); |
|
|
notify−delay integer; |
|
|
notify−source ( ipv4_address | * ) [ port ( integer | * ) ] [ |
|
|
dscp integer ]; |
|
|
notify−source−v6 ( ipv6_address | * ) [ port ( integer | * ) ] |
|
|
[ dscp integer ]; |
|
|
notify−to−soa boolean; |
|
|
pubkey integer integer |
|
|
request−expire boolean; |
|
|
request−ixfr boolean; |
|
|
serial−update−method ( date | increment | unixtime ); |
|
|
server−addresses { ( ipv4_address | ipv6_address ); ... }; |
|
|
server−names { quoted_string; ... }; |
|
|
sig−signing−nodes integer; |
|
|
sig−signing−signatures integer; |
|
|
sig−signing−type integer; |
|
|
sig−validity−interval integer [ integer ]; |
|
|
transfer−source ( ipv4_address | * ) [ port ( integer | * ) ] [ |
|
|
dscp integer ]; |
|
|
transfer−source−v6 ( ipv6_address | * ) [ port ( integer | * ) |
|
|
] [ dscp integer ]; |
|
|
try−tcp−refresh boolean; |
|
|
type ( delegation−only | forward | hint | master | redirect | slave |
|
|
| static−stub | stub ); |
|
|
update−check−ksk boolean; |
|
|
update−policy ( local | { ( deny | grant ) string ( 6to4−self | |
|
|
external | krb5−self | krb5−selfsub | krb5−subdomain | ms−self |
|
|
| ms−selfsub | ms−subdomain | name | self | selfsub | selfwild |
|
|
| subdomain | tcp−self | wildcard | zonesub ) [ string ] |
|
|
rrtypelist; ... }; |
|
|
use−alt−transfer−source boolean; |
|
|
zero−no−soa−ttl boolean; |
|
|
zone−statistics ( full | terse | none | boolean ); |
};
/etc/named.conf
ddns-confgen(8), named(8), named-checkconf(8), rndc(8), rndc-confgen(8), BIND 9 Administrator Reference Manual.
Internet Systems Consortium, Inc.
Copyright © 2004-2019 Internet Systems Consortium, Inc. ("ISC")