1 '\" te |
|
2 .\" Copyright (C) 2009 Internet Systems Consortium, Inc. ("ISC") |
|
3 .\" Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies. THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
|
4 .\" Portions Copyright (c) 2009, Sun Microsystems, Inc. All Rights Reserved. |
|
5 .TH named.conf 5 "19 Oct 2015" "SunOS 5.12" "File Formats" |
|
6 .SH NAME |
|
7 named.conf \- configuration file for named |
|
8 .SH SYNOPSIS |
|
9 .LP |
|
10 .nf |
|
11 named.conf |
|
12 .fi |
|
13 |
|
14 .SH DESCRIPTION |
|
15 .sp |
|
16 .LP |
|
17 \fBnamed.conf\fR is the configuration file for \fBnamed\fR(8). Statements are enclosed in braces and terminated with a semicolon. Clauses in the statements are also terminated with a semicolon. The usual comment styles are supported: |
|
18 .sp |
|
19 .ne 2 |
|
20 .mk |
|
21 .na |
|
22 \fBC style\fR |
|
23 .ad |
|
24 .RS 14n |
|
25 .rt |
|
26 /* */ |
|
27 .RE |
|
28 |
|
29 .sp |
|
30 .ne 2 |
|
31 .mk |
|
32 .na |
|
33 \fBC++ style\fR |
|
34 .ad |
|
35 .RS 14n |
|
36 .rt |
|
37 // to end of line |
|
38 .RE |
|
39 |
|
40 .sp |
|
41 .ne 2 |
|
42 .mk |
|
43 .na |
|
44 \fBUnix style\fR |
|
45 .ad |
|
46 .RS 14n |
|
47 .rt |
|
48 # to end of line |
|
49 .RE |
|
50 |
|
51 .SS "ACL" |
|
52 .sp |
|
53 .in +2 |
|
54 .nf |
|
55 acl \fIstring\fR { \fIaddress_match_element\fR; ... }; |
|
56 .fi |
|
57 .in -2 |
|
58 |
|
59 .SS "Key" |
|
60 .sp |
|
61 .in +2 |
|
62 .nf |
|
63 key \fIdomain_name\fR { |
|
64 algorithm \fIstring\fR; |
|
65 secret \fIstring\fR; |
|
66 }; |
|
67 .fi |
|
68 .in -2 |
|
69 |
|
70 .SS "Masters" |
|
71 .sp |
|
72 .in +2 |
|
73 .nf |
|
74 masters \fIstring\fR [ port \fIinteger\fR ] { |
|
75 ( \fImasters\fR | \fIipv4_address\fR [port \fIinteger\fR] | |
|
76 \fIipv6_address\fR [port \fIinteger\fR] ) [ key \fIstring\fR ]; ... |
|
77 }; |
|
78 .fi |
|
79 .in -2 |
|
80 |
|
81 .SS "Server" |
|
82 .sp |
|
83 .in +2 |
|
84 .nf |
|
85 server ( \fIipv4_address\fR[/\fIprefixlen\fR] | \fIipv6_address\fR[/\fIprefixlen\fR] ) { |
|
86 bogus \fIboolean\fR; |
|
87 edns \fIboolean\fR; |
|
88 edns-udp-size \fIinteger\fR; |
|
89 max-udp-size \fIinteger\fR; |
|
90 provide-ixfr \fIboolean\fR; |
|
91 request-ixfr \fIboolean\fR; |
|
92 keys \fIserver_key\fR; |
|
93 transfers \fIinteger\fR; |
|
94 transfer-format ( many-answers | one-answer ); |
|
95 transfer-source ( \fIipv4_address\fR | * ) |
|
96 [ port ( \fIinteger\fR | * ) ]; |
|
97 transfer-source-v6 ( \fIipv6_address\fR | * ) |
|
98 [ port ( \fIinteger\fR | * ) ]; |
|
99 support-ixfr \fIboolean\fR; // obsolete |
|
100 }. |
|
101 .fi |
|
102 .in -2 |
|
103 |
|
104 .SS "Trusted-Keys" |
|
105 .sp |
|
106 .in +2 |
|
107 .nf |
|
108 trusted-keys { |
|
109 \fIdomain_name flags protocol algorithm key\fR; ... |
|
110 }; |
|
111 .fi |
|
112 .in -2 |
|
113 |
|
114 .SS "Controls" |
|
115 .sp |
|
116 .in +2 |
|
117 .nf |
|
118 controls { |
|
119 inet ( \fIipv4_address\fR | \fIipv6_address\fR | * ) |
|
120 [ port ( \fIinteger\fR | * ) ] |
|
121 allow { \fIaddress_match_element\fR; ... } |
|
122 [ keys { \fIstring\fR; ... } ]; |
|
123 unix \fIunsupported\fR; // not implemented |
|
124 } |
|
125 .fi |
|
126 .in -2 |
|
127 |
|
128 .SS "Logging" |
|
129 .sp |
|
130 .in +2 |
|
131 .nf |
|
132 logging { |
|
133 channel string { |
|
134 file \fIlog_file\fR; |
|
135 syslog \fIoptional_facility\fR; |
|
136 null; |
|
137 stderr; |
|
138 severity \fIlog_severity\fR; |
|
139 print-time \fIboolean\fR; |
|
140 print-severity \fIboolean\fR; |
|
141 print-category \fIboolean\fR; |
|
142 }; |
|
143 category \fIstring\fR { \fIstring\fR; ... }; |
|
144 }; |
|
145 .fi |
|
146 .in -2 |
|
147 |
|
148 .SS "LWRES" |
|
149 .sp |
|
150 .in +2 |
|
151 .nf |
|
152 lwres { |
|
153 listen-on [ port \fIinteger\fR ] { |
|
154 ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ... |
|
155 }; |
|
156 view \fI\fR |
|
157 \fIstring optional_class\fR; |
|
158 search { \fIstring\fR; ... }; |
|
159 ndots \fIinteger\fR; |
|
160 }; |
|
161 .fi |
|
162 .in -2 |
|
163 |
|
164 .SS "Options" |
|
165 .sp |
|
166 .in +2 |
|
167 .nf |
|
168 options { |
|
169 avoid-v4-udp-ports { \fIport\fR; ... }; |
|
170 avoid-v6-udp-ports { \fIport\fR; ... }; |
|
171 blackhole { \fIaddress_match_element\fR; ... }; |
|
172 coresize \fIsize\fR; |
|
173 datasize \fIsize\fR; |
|
174 directory \fIquoted_string\fR; |
|
175 dump-file \fIquoted_string\fR; |
|
176 files \fIsize\fR; |
|
177 heartbeat-interval \fIinteger\fR; |
|
178 host-statistics \fIboolean\fR; // not implemented |
|
179 host-statistics-max \fInumber\fR; // not implemented |
|
180 hostname ( \fIquoted_string\fR | none ); |
|
181 interface-interval \fIinteger\fR; |
|
182 listen-on [ port \fIinteger\fR ] \e |
|
183 { \fIaddress_match_element\fR; ... }; |
|
184 listen-on-v6 [ port \fIinteger\fR ] \e |
|
185 { \fIaddress_match_element\fR; ... }; |
|
186 match-mapped-addresses \fIboolean\fR; |
|
187 memstatistics-file \fIquoted_string\fR; |
|
188 pid-file ( \fIquoted_string\fR | none ); |
|
189 port \fIinteger\fR; |
|
190 querylog \fIboolean\fR; |
|
191 recursing-file \fIquoted_string\fR; |
|
192 reserved-sockets \fIinteger\fR; |
|
193 random-device \fIquoted_string\fR; |
|
194 recursive-clients \fIinteger\fR; |
|
195 serial-query-rate \fIinteger\fR; |
|
196 server-id ( \fIquoted_string\fR | none |; |
|
197 stacksize \fIsize\fR; |
|
198 statistics-file \fIquoted_string\fR; |
|
199 statistics-interval \fIinteger\fR; \e |
|
200 // not yet implemented |
|
201 tcp-clients \fIinteger\fR; |
|
202 tcp-listen-queue \fIinteger\fR; |
|
203 tkey-dhkey \fIquoted_string integer\fR; |
|
204 tkey-gssapi-credential \fIquoted_string\fR; |
|
205 tkey-domain \fIquoted_string\fR; |
|
206 transfers-per-ns \fIinteger\fR; |
|
207 transfers-in \fIinteger\fR; |
|
208 transfers-out \fIinteger\fR; |
|
209 use-ixfr \fIboolean\fR; |
|
210 version ( \fIquoted_string\fR | none ); |
|
211 allow-recursion { \fIaddress_match_element\fR; ... }; |
|
212 allow-recursion-on { \fIaddress_match_element\fR; ... }; |
|
213 sortlist { \fIaddress_match_element\fR; ... }; |
|
214 topology { \fIaddress_match_element\fR; ... }; \e |
|
215 // not implemented |
|
216 auth-nxdomain \fIboolean\fR; // default changed |
|
217 minimal-responses \fIboolean\fR; |
|
218 recursion \fIboolean\fR; |
|
219 rrset-order { |
|
220 [ class \fIstring\fR ] [ type \fIstring\fR ] |
|
221 [ name \fIquoted_string\fR ] \fIstring string\fR; ... |
|
222 }; |
|
223 provide-ixfr \fIboolean\fR; |
|
224 request-ixfr \fIboolean\fR; |
|
225 rfc2308-type1 \fIboolean\fR; // not yet implemented |
|
226 additional-from-auth \fIboolean\fR; |
|
227 additional-from-cache \fIboolean\fR; |
|
228 query-source ( ( \fIipv4_address\fR | * ) | \e |
|
229 [ address ( \fIipv4_address\fR | * ) ] ) \e |
|
230 [ port ( \fIinteger\fR | * ) ]; |
|
231 query-source-v6 ( ( \fIipv6_address\fR | * ) | \e |
|
232 [ address ( \fIipv6_address\fR | * ) ] ) \e |
|
233 [ port ( \fIinteger\fR | * ) ]; |
|
234 use-queryport-pool \fIboolean\fR; |
|
235 queryport-pool-ports \fIinteger\fR; |
|
236 queryport-pool-updateinterval \fIinteger\fR; |
|
237 cleaning-interval \fIinteger\fR; |
|
238 min-roots \fIinteger\fR; // not implemented |
|
239 lame-ttl \fIinteger\fR; |
|
240 max-ncache-ttl \fIinteger\fR; |
|
241 max-cache-ttl \fIinteger\fR; |
|
242 transfer-format ( many-answers | one-answer ); |
|
243 max-cache-size \fIsize\fR; |
|
244 max-acache-size \fIsize\fR; |
|
245 clients-per-query \fInumber\fR; |
|
246 max-clients-per-query \fInumber\fR; |
|
247 check-names ( master | slave | response )\e |
|
248 ( fail | warn | ignore ); |
|
249 check-mx ( fail | warn | ignore ); |
|
250 check-integrity \fIboolean\fR; |
|
251 check-mx-cname ( fail | warn | ignore ); |
|
252 check-srv-cname ( fail | warn | ignore ); |
|
253 cache-file \fIquoted_string\fR; // test option |
|
254 suppress-initial-notify \fIboolean\fR; \e |
|
255 // not yet implemented |
|
256 preferred-glue \fIstring\fR; |
|
257 dual-stack-servers [ port \fIinteger\fR ] { |
|
258 ( \fIquoted_string\fR [port \fIinteger\fR] | |
|
259 ipv4_address [port \fIinteger\fR] | |
|
260 ipv6_address [port \fIinteger\fR] ); ... |
|
261 }; |
|
262 edns-udp-size \fIinteger\fR; |
|
263 max-udp-size \fIinteger\fR; |
|
264 root-delegation-only [ exclude |
|
265 { \fIquoted_string\fR; ... } ]; |
|
266 disable-algorithms \fIstring\fR { \fIstring\fR; ... }; |
|
267 dnssec-enable \fIboolean\fR; |
|
268 dnssec-validation \fIboolean\fR; |
|
269 dnssec-lookaside string trust-anchor \fIstring\fR; |
|
270 dnssec-must-be-secure \fIstring boolean\fR; |
|
271 dnssec-accept-expired \fIboolean\fR; |
|
272 empty-server \fIstring\fR; |
|
273 empty-contact \fIstring\fR; |
|
274 empty-zones-enable \fIboolean\fR; |
|
275 disable-empty-zone \fIstring\fR; |
|
276 dialup \fIdialuptype\fR; |
|
277 ixfr-from-differences ixfrdiff; |
|
278 allow-query { \fIaddress_match_element\fR; \e |
|
279 ... }; |
|
280 allow-query-on { \fIaddress_match_element\fR; \e |
|
281 ... }; |
|
282 allow-query-cache { \fIaddress_match_element\fR; \e |
|
283 ... }; |
|
284 allow-query-cache-on { \fIaddress_match_element\fR; \e |
|
285 ... }; |
|
286 allow-transfer { \fIaddress_match_element\fR; \e |
|
287 ... }; |
|
288 allow-update { \fIaddress_match_element\fR; \e |
|
289 ... }; |
|
290 allow-update-forwarding { \fIaddress_match_element\fR; \e |
|
291 ... }; |
|
292 update-check-ksk \fIboolean\fR; |
|
293 masterfile-format ( text | raw ); |
|
294 notify \fInotifytype\fR; |
|
295 notify-source ( \fIipv4_address\fR | * ) \e |
|
296 [ port ( \fIinteger\fR | * ) ]; |
|
297 notify-source-v6 ( \fIipv6_address\fR | * ) |
|
298 [ port ( \fIinteger\fR | * ) ]; |
|
299 notify-delay \fIseconds\fR; |
|
300 notify-to-soa \fIboolean\fR; |
|
301 also-notify [ port \fIinteger\fR ] \e |
|
302 { ( \fIipv4_address\fR | \fIipv6_address\fR \e) |
|
303 [port integer ]; ... }; |
|
304 allow-notify { \fIaddress_match_element\fR; ... }; |
|
305 forward ( first | only ); |
|
306 forwarders [ port \fIinteger\fR ] { |
|
307 ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ... |
|
308 }; |
|
309 max-journal-size \fIsize_no_default\fR; |
|
310 max-transfer-time-in \fIinteger\fR; |
|
311 max-transfer-time-out \fIinteger\fR; |
|
312 max-transfer-idle-in \fIinteger\fR; |
|
313 max-transfer-idle-out \fIinteger\fR; |
|
314 max-retry-time \fIinteger\fR; |
|
315 min-retry-time \fIinteger\fR; |
|
316 max-refresh-time \fIinteger\fR; |
|
317 min-refresh-time \fIinteger\fR; |
|
318 multi-master \fIboolean\fR; |
|
319 sig-validity-interval \fIinteger\fR; |
|
320 sig-re-signing-interval \fIinteger\fR; |
|
321 sig-signing-nodes \fIinteger\fR; |
|
322 sig-signing-signatures \fIinteger\fR; |
|
323 sig-signing-type \fIinteger\fR; |
|
324 transfer-source ( \fIipv4_address\fR | * )\e |
|
325 [ port ( \fIinteger\fR | * ) ]; |
|
326 transfer-source-v6 ( \fIipv6_address\fR | * )\e |
|
327 [ port ( \fIinteger\fR | * ) ]; |
|
328 alt-transfer-source ( \fIipv4_address\fR | * )\e |
|
329 [ port ( \fIinteger\fR | * ) ]; |
|
330 alt-transfer-source-v6 ( \fIipv6_address\fR | * )\e |
|
331 [ port ( \fIinteger\fR | * ) ]; |
|
332 use-alt-transfer-source \fIboolean\fR; |
|
333 zone-statistics \fIboolean\fR; |
|
334 key-directory \fIquoted_string\fR; |
|
335 try-tcp-refresh \fIboolean\fR; |
|
336 zero-no-soa-ttl \fIboolean\fR; |
|
337 zero-no-soa-ttl-cache \fIboolean\fR; |
|
338 nsec3-test-zone \fIboolean\fR; // testing only |
|
339 allow-v6-synthesis { \fIaddress_match_element\fR; ... }; \e |
|
340 // obsolete |
|
341 deallocate-on-exit \fIboolean\fR; // obsolete |
|
342 fake-iquery \fIboolean\fR; // obsolete |
|
343 fetch-glue \fIboolean\fR; // obsolete |
|
344 has-old-clients \fIboolean\fR; // obsolete |
|
345 maintain-ixfr-base \fIboolean\fR; // obsolete |
|
346 max-ixfr-log-size \fIsize\fR; // obsolete |
|
347 multiple-cnames \fIboolean\fR; // obsolete |
|
348 named-xfer \fIquoted_string\fR; // obsolete |
|
349 serial-queries \fIinteger\fR; // obsolete |
|
350 treat-cr-as-space \fIboolean\fR; // obsolete |
|
351 use-id-pool \fIboolean\fR; // obsolete |
|
352 }; |
|
353 .fi |
|
354 .in -2 |
|
355 |
|
356 .SS "View" |
|
357 .sp |
|
358 .in +2 |
|
359 .nf |
|
360 view \fIstring optional_class\fR { |
|
361 match-clients { \fIaddress_match_element\fR; ... }; |
|
362 match-destinations { \fIaddress_match_element\fR; ... }; |
|
363 match-recursive-only \fIboolean\fR; |
|
364 key \fIstring\fR { |
|
365 algorithm \fIstring\fR; |
|
366 secret \fIstring\fR; |
|
367 }; |
|
368 zone \fIstring optional_class\fR { |
|
369 ... |
|
370 }; |
|
371 server ( \fIipv4_address\fR[/\fIprefixlen\fR] | \fIipv6_address\fR[/\fIprefixlen\fR]) { |
|
372 ... |
|
373 }; |
|
374 trusted-keys { |
|
375 \fIstring integer integer integer quoted_string\fR; ... |
|
376 }; |
|
377 allow-recursion { \fIaddress_match_element\fR; ... }; |
|
378 allow-recursion-on { \fIaddress_match_element\fR; ... }; |
|
379 sortlist { \fIaddress_match_element\fR; ... }; |
|
380 topology { \fIaddress_match_element\fR; ... }; // not implemented |
|
381 auth-nxdomain \fIboolean\fR; // default changed |
|
382 minimal-responses \fIboolean\fR; |
|
383 recursion \fIboolean\fR; |
|
384 rrset-order { |
|
385 [ class \fIstring\fR ] [ type \fIstring\fR ] |
|
386 [ name \fIquoted_string\fR ] string \fIstring\fR; ... |
|
387 }; |
|
388 provide-ixfr \fIboolean\fR; |
|
389 request-ixfr \fIboolean\fR; |
|
390 rfc2308-type1 \fIboolean\fR; // not yet implemented |
|
391 additional-from-auth \fIboolean\fR; |
|
392 additional-from-cache \fIboolean\fR; |
|
393 query-source ( ( \fIipv4_address\fR | * ) | [ address \e |
|
394 ( \fIipv4_address\fR | * ) ] ) [ port ( \fIinteger\fR | * ) ]; |
|
395 query-source-v6 ( ( \fIipv6_address\fR | * ) | [ address \e |
|
396 ( \fIipv6_address\fR | * ) ] ) [ port ( \fIinteger\fR | * ) ]; |
|
397 use-queryport-pool \fIboolean\fR; |
|
398 queryport-pool-ports \fIinteger\fR; |
|
399 queryport-pool-updateinterval \fIinteger\fR; |
|
400 cleaning-interval \fIinteger\fR; |
|
401 min-roots \fIinteger\fR; // not implemented |
|
402 lame-ttl \fIinteger\fR; |
|
403 max-ncache-ttl \fIinteger\fR; |
|
404 max-cache-ttl \fIinteger\fR; |
|
405 transfer-format ( many-answers | one-answer ); |
|
406 max-cache-size \fIsize\fR; |
|
407 max-acache-size \fIsize\fR; |
|
408 clients-per-query \fInumber\fR; |
|
409 max-clients-per-query \fInumber\fR; |
|
410 check-names ( master | slave | response )\e |
|
411 ( fail | warn | ignore ); |
|
412 check-mx ( fail | warn | ignore ); |
|
413 check-integrity \fIboolean\fR; |
|
414 check-mx-cname ( fail | warn | ignore ); |
|
415 check-srv-cname ( fail | warn | ignore ); |
|
416 cache-file \fIquoted_string\fR; // test option |
|
417 suppress-initial-notify \fIboolean\fR; // not yet implemented |
|
418 preferred-glue \fIstring\fR; |
|
419 dual-stack-servers [ port \fIinteger\fR ] { |
|
420 ( \fIquoted_string\fR [port \fIinteger\fR] | |
|
421 \fIipv4_address\fR [port \fIinteger\fR] | |
|
422 \fIipv6_address\fR [port \fIinteger\fR] ); ... |
|
423 }; |
|
424 edns-udp-size \fIinteger\fR; |
|
425 max-udp-size \fIinteger\fR; |
|
426 root-delegation-only [ exclude { quoted_string; ... } ]; |
|
427 disable-algorithms \fIstring\fR { \fIstring\fR; ... }; |
|
428 dnssec-enable \fIboolean\fR; |
|
429 dnssec-validation \fIboolean\fR; |
|
430 dnssec-lookaside \fIstring\fR trust-anchor \fIstring\fR; |
|
431 dnssec-must-be-secure \fIstring boolean\fR; |
|
432 dnssec-accept-expired \fIboolean\fR; |
|
433 empty-server \fIstring\fR; |
|
434 empty-contact \fIstring\fR; |
|
435 empty-zones-enable \fIboolean\fR; |
|
436 disable-empty-zone \fIstring\fR; |
|
437 dialup \fIdialuptype\fR; |
|
438 ixfr-from-differences \fIixfrdiff\fR; |
|
439 allow-query { \fIaddress_match_element\fR; ... }; |
|
440 allow-query-on { \fIaddress_match_element\fR; ... }; |
|
441 allow-query-cache { \fI\fR |
|
442 \fIaddress_match_element\fR; ... }; |
|
443 allow-query-cache-on { address_match_element; ... }; |
|
444 allow-transfer { \fIaddress_match_element\fR; ... }; |
|
445 allow-update { \fIaddress_match_element\fR; ... }; |
|
446 allow-update-forwarding { \fIaddress_match_element\fR; ... }; |
|
447 update-check-ksk \fIboolean\fR; |
|
448 masterfile-format ( text | raw ); |
|
449 notify notifytype; |
|
450 notify-source ( \fIipv4_address\fR | * ) \e |
|
451 [ port ( \fIinteger\fR | * ) ]; |
|
452 notify-source-v6 ( \fIipv6_address\fR | * ) \e |
|
453 [ port ( \fIinteger\fR | * ) ]; |
|
454 notify-delay \fIseconds\fR; |
|
455 notify-to-soa \fIboolean\fR; |
|
456 also-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \e |
|
457 \fIipv6_address\fR ) [ port \fIinteger\fR ]; ... }; |
|
458 allow-notify { \fIaddress_match_element\fR; ... }; |
|
459 forward ( first | only ); |
|
460 forwarders [ port \fIinteger\fR ] \e{ |
|
461 ( \fIipv4_address\fR | \fIipv6_address\fR ) \e |
|
462 [ port \fIinteger\fR ]; ... |
|
463 }; |
|
464 max-journal-size \fIsize_no_default\fR; |
|
465 max-transfer-time-in \fIinteger\fR; |
|
466 max-transfer-time-out \fIinteger\fR; |
|
467 max-transfer-idle-in \fIinteger\fR; |
|
468 max-transfer-idle-out \fIinteger\fR; |
|
469 max-retry-time \fIinteger\fR; |
|
470 min-retry-time \fIinteger\fR; |
|
471 max-refresh-time \fIinteger\fR; |
|
472 min-refresh-time \fIinteger\fR; |
|
473 multi-master \fIboolean\fR; |
|
474 sig-validity-interval \fIinteger\fR; |
|
475 transfer-source ( \fIipv4_address\fR | * )\e |
|
476 [ port ( \fIinteger\fR | * ) ]; |
|
477 transfer-source-v6 ( \fIipv6_address\fR | * )\e |
|
478 [ port ( \fIinteger\fR | * ) ]; |
|
479 alt-transfer-source ( \fIipv4_address\fR | * )\e |
|
480 [ port ( \fIinteger\fR | * ) ]; |
|
481 alt-transfer-source-v6 ( \fIipv6_address\fR | * )\e |
|
482 [ port ( \fIinteger\fR | * ) ]; |
|
483 use-alt-transfer-source \fIboolean\fR; |
|
484 zone-statistics \fIboolean\fR; |
|
485 try-tcp-refresh \fIboolean\fR; |
|
486 key-directory \fIquoted_string\fR; |
|
487 zero-no-soa-ttl \fIboolean\fR; |
|
488 zero-no-soa-ttl-cache \fIboolean\fR; |
|
489 allow-v6-synthesis { \fIaddress_match_element\fR; ... };\e |
|
490 // obsolete |
|
491 fetch-glue \fIboolean\fR; // obsolete |
|
492 maintain-ixfr-base \fIboolean\fR; // obsolete |
|
493 max-ixfr-log-size \fIsize\fR; // obsolete |
|
494 }; |
|
495 .fi |
|
496 .in -2 |
|
497 |
|
498 .SS "Zone" |
|
499 .sp |
|
500 .in +2 |
|
501 .nf |
|
502 zone\fIstring optional_class\fR { |
|
503 type ( master | slave | stub | hint | |
|
504 forward | delegation-only ); |
|
505 file \fIquoted_string\fR; |
|
506 masters [ port \fIinteger\fR ] \e{ |
|
507 ( \fImasters\fR | |
|
508 \fIipv4_address\fR [port \fIinteger\fR] | |
|
509 \fIipv6_address\fR [ port \fIinteger\fR ] ) [ key \fIstring\fR ]; ... |
|
510 }; |
|
511 database \fIstring\fR; |
|
512 delegation-only \fIboolean\fR; |
|
513 check-names ( fail | warn | ignore ); |
|
514 check-mx ( fail | warn | ignore ); |
|
515 check-integrity \fIboolean\fR; |
|
516 check-mx-cname ( fail | warn | ignore ); |
|
517 check-srv-cname ( fail | warn | ignore ); |
|
518 dialup \fIdialuptype\fR; |
|
519 ixfr-from-differences \fIboolean\fR; |
|
520 journal \fIquoted_string\fR; |
|
521 zero-no-soa-ttl \fIboolean\fR; |
|
522 allow-query { \fIaddress_match_element\fR; ... }; |
|
523 allow-query-on { \fIaddress_match_element\fR; ... }; |
|
524 allow-transfer { \fIaddress_match_element\fR; ... }; |
|
525 allow-update { \fIaddress_match_element\fR; ... }; |
|
526 allow-update-forwarding { \fIaddress_match_element\fR; ... }; |
|
527 update-policy { |
|
528 ( grant | deny ) \fIstring\fR |
|
529 ( name | subdomain | wildcard | self | selfsub | |
|
530 selfwild |krb5-self | ms-self | krb5-subdomain | |
|
531 ms-subdomain | tcp-self | 6to4-self ) \fIstring\fR |
|
532 rrtypelist; ... |
|
533 }; |
|
534 update-check-ksk \fIboolean\fR; |
|
535 masterfile-format ( text | raw ); |
|
536 notify \fInotifytype\fR; |
|
537 notify-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ]; |
|
538 notify-source-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ]; |
|
539 notify-delay \fIseconds\fR; |
|
540 notify-to-soa \fIboolean\fR; |
|
541 also-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | ipv6_address ) |
|
542 [ port integer ]; ... }; |
|
543 allow-notify { \fIaddress_match_element\fR; ... }; |
|
544 forward ( first | only ); |
|
545 forwarders [ port \fIinteger\fR ] { |
|
546 ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ... |
|
547 }; |
|
548 max-journal-size \fIsize_no_default\fR; |
|
549 max-transfer-time-in \fIinteger\fR; |
|
550 max-transfer-time-out \fIinteger\fR; |
|
551 max-transfer-idle-in \fIinteger\fR; |
|
552 max-transfer-idle-out \fIinteger\fR; |
|
553 max-retry-time \fIinteger\fR; |
|
554 min-retry-time \fIinteger\fR; |
|
555 max-refresh-time \fIinteger\fR; |
|
556 min-refresh-time \fIinteger\fR; |
|
557 multi-master \fIboolean\fR; |
|
558 sig-validity-interval \fIinteger\fR; |
|
559 transfer-source ( \fIipv4_address\fR | * ) |
|
560 [ port ( \fIinteger\fR | * ) ]; |
|
561 transfer-source-v6 ( \fIipv6_address\fR | * ) |
|
562 [ port ( \fIinteger\fR | * ) ]; |
|
563 alt-transfer-source ( \fIipv4_address\fR | * ) |
|
564 [ port ( \fIinteger\fR | * ) ]; |
|
565 alt-transfer-source-v6 ( \fIipv6_address\fR | * ) |
|
566 [ port ( \fIinteger\fR | * ) ]; |
|
567 use-alt-transfer-source \fIboolean\fR; |
|
568 zone-statistics \fIboolean\fR; |
|
569 try-tcp-refresh \fIboolean\fR; |
|
570 key-directory \fIquoted_string\fR; |
|
571 nsec3-test-zone \fIboolean\fR; // testing only |
|
572 ixfr-base \fIquoted_string\fR; // obsolete |
|
573 ixfr-tmp-file \fIquoted_string\fR; // obsolete |
|
574 maintain-ixfr-base \fIboolean\fR; // obsolete |
|
575 max-ixfr-log-size \fIsize\fR; // obsolete |
|
576 pubkey \fIinteger integer integer quoted_string\fR; // obsolete |
|
577 }; |
|
578 .fi |
|
579 .in -2 |
|
580 |
|
581 .SH SEE ALSO |
|
582 .sp |
|
583 .LP |
|
584 \fBnamed\fR(8), \fBnamed-checkconf\fR(8), \fBrndc\fR(8) |
|
585 .sp |
|
586 .LP |
|
587 \fIBIND 9 Administrator Reference Manual\fR |
|