| Current Path : /usr/src/contrib/bind9/bin/named/ |
FreeBSD hs32.drive.ne.jp 9.1-RELEASE FreeBSD 9.1-RELEASE #1: Wed Jan 14 12:18:08 JST 2015 root@hs32.drive.ne.jp:/sys/amd64/compile/hs32 amd64 |
| Current File : //usr/src/contrib/bind9/bin/named/named.conf.html |
<!--
- Copyright (C) 2004-2011 Internet Systems Consortium, Inc. ("ISC")
-
- Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id$ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>named.conf</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2476275"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p><code class="filename">named.conf</code> — configuration file for named</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">named.conf</code> </p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543353"></a><h2>DESCRIPTION</h2>
<p><code class="filename">named.conf</code> is the configuration file
for
<span><strong class="command">named</strong></span>. Statements are enclosed
in braces and terminated with a semi-colon. Clauses in
the statements are also semi-colon terminated. The usual
comment styles are supported:
</p>
<p>
C style: /* */
</p>
<p>
C++ style: // to end of line
</p>
<p>
Unix style: # to end of line
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543381"></a><h2>ACL</h2>
<div class="literallayout"><p><br>
acl <em class="replaceable"><code>string</code></em> { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
<br>
</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543397"></a><h2>KEY</h2>
<div class="literallayout"><p><br>
key <em class="replaceable"><code>domain_name</code></em> {<br>
algorithm <em class="replaceable"><code>string</code></em>;<br>
secret <em class="replaceable"><code>string</code></em>;<br>
};<br>
</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543416"></a><h2>MASTERS</h2>
<div class="literallayout"><p><br>
masters <em class="replaceable"><code>string</code></em> [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br>
( <em class="replaceable"><code>masters</code></em> | <em class="replaceable"><code>ipv4_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] |<br>
<em class="replaceable"><code>ipv6_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] ) [<span class="optional"> key <em class="replaceable"><code>string</code></em> </span>]; ...<br>
};<br>
</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543462"></a><h2>SERVER</h2>
<div class="literallayout"><p><br>
server ( <em class="replaceable"><code>ipv4_address[<span class="optional">/prefixlen</span>]</code></em> | <em class="replaceable"><code>ipv6_address[<span class="optional">/prefixlen</span>]</code></em> ) {<br>
bogus <em class="replaceable"><code>boolean</code></em>;<br>
edns <em class="replaceable"><code>boolean</code></em>;<br>
edns-udp-size <em class="replaceable"><code>integer</code></em>;<br>
max-udp-size <em class="replaceable"><code>integer</code></em>;<br>
provide-ixfr <em class="replaceable"><code>boolean</code></em>;<br>
request-ixfr <em class="replaceable"><code>boolean</code></em>;<br>
keys <em class="replaceable"><code>server_key</code></em>;<br>
transfers <em class="replaceable"><code>integer</code></em>;<br>
transfer-format ( many-answers | one-answer );<br>
transfer-source ( <em class="replaceable"><code>ipv4_address</code></em> | * )<br>
[<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
transfer-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * )<br>
[<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
<br>
support-ixfr <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
};<br>
</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543530"></a><h2>TRUSTED-KEYS</h2>
<div class="literallayout"><p><br>
trusted-keys {<br>
<em class="replaceable"><code>domain_name</code></em> <em class="replaceable"><code>flags</code></em> <em class="replaceable"><code>protocol</code></em> <em class="replaceable"><code>algorithm</code></em> <em class="replaceable"><code>key</code></em>; ... <br>
};<br>
</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543556"></a><h2>MANAGED-KEYS</h2>
<div class="literallayout"><p><br>
managed-keys {<br>
<em class="replaceable"><code>domain_name</code></em> <code class="constant">initial-key</code> <em class="replaceable"><code>flags</code></em> <em class="replaceable"><code>protocol</code></em> <em class="replaceable"><code>algorithm</code></em> <em class="replaceable"><code>key</code></em>; ... <br>
};<br>
</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543585"></a><h2>CONTROLS</h2>
<div class="literallayout"><p><br>
controls {<br>
inet ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> | * )<br>
[<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>]<br>
allow { <em class="replaceable"><code>address_match_element</code></em>; ... }<br>
[<span class="optional"> keys { <em class="replaceable"><code>string</code></em>; ... } </span>];<br>
unix <em class="replaceable"><code>unsupported</code></em>; // not implemented<br>
};<br>
</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543620"></a><h2>LOGGING</h2>
<div class="literallayout"><p><br>
logging {<br>
channel <em class="replaceable"><code>string</code></em> {<br>
file <em class="replaceable"><code>log_file</code></em>;<br>
syslog <em class="replaceable"><code>optional_facility</code></em>;<br>
null;<br>
stderr;<br>
severity <em class="replaceable"><code>log_severity</code></em>;<br>
print-time <em class="replaceable"><code>boolean</code></em>;<br>
print-severity <em class="replaceable"><code>boolean</code></em>;<br>
print-category <em class="replaceable"><code>boolean</code></em>;<br>
};<br>
category <em class="replaceable"><code>string</code></em> { <em class="replaceable"><code>string</code></em>; ... };<br>
};<br>
</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543658"></a><h2>LWRES</h2>
<div class="literallayout"><p><br>
lwres {<br>
listen-on [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br>
( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> ) [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>]; ...<br>
};<br>
view <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>optional_class</code></em>;<br>
search { <em class="replaceable"><code>string</code></em>; ... };<br>
ndots <em class="replaceable"><code>integer</code></em>;<br>
};<br>
</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543700"></a><h2>OPTIONS</h2>
<div class="literallayout"><p><br>
options {<br>
avoid-v4-udp-ports { <em class="replaceable"><code>port</code></em>; ... };<br>
avoid-v6-udp-ports { <em class="replaceable"><code>port</code></em>; ... };<br>
blackhole { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
coresize <em class="replaceable"><code>size</code></em>;<br>
datasize <em class="replaceable"><code>size</code></em>;<br>
directory <em class="replaceable"><code>quoted_string</code></em>;<br>
dump-file <em class="replaceable"><code>quoted_string</code></em>;<br>
files <em class="replaceable"><code>size</code></em>;<br>
heartbeat-interval <em class="replaceable"><code>integer</code></em>;<br>
host-statistics <em class="replaceable"><code>boolean</code></em>; // not implemented<br>
host-statistics-max <em class="replaceable"><code>number</code></em>; // not implemented<br>
hostname ( <em class="replaceable"><code>quoted_string</code></em> | none );<br>
interface-interval <em class="replaceable"><code>integer</code></em>;<br>
listen-on [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
listen-on-v6 [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
match-mapped-addresses <em class="replaceable"><code>boolean</code></em>;<br>
memstatistics-file <em class="replaceable"><code>quoted_string</code></em>;<br>
pid-file ( <em class="replaceable"><code>quoted_string</code></em> | none );<br>
port <em class="replaceable"><code>integer</code></em>;<br>
querylog <em class="replaceable"><code>boolean</code></em>;<br>
recursing-file <em class="replaceable"><code>quoted_string</code></em>;<br>
reserved-sockets <em class="replaceable"><code>integer</code></em>;<br>
random-device <em class="replaceable"><code>quoted_string</code></em>;<br>
recursive-clients <em class="replaceable"><code>integer</code></em>;<br>
serial-query-rate <em class="replaceable"><code>integer</code></em>;<br>
server-id ( <em class="replaceable"><code>quoted_string</code></em> | none |;<br>
stacksize <em class="replaceable"><code>size</code></em>;<br>
statistics-file <em class="replaceable"><code>quoted_string</code></em>;<br>
statistics-interval <em class="replaceable"><code>integer</code></em>; // not yet implemented<br>
tcp-clients <em class="replaceable"><code>integer</code></em>;<br>
tcp-listen-queue <em class="replaceable"><code>integer</code></em>;<br>
tkey-dhkey <em class="replaceable"><code>quoted_string</code></em> <em class="replaceable"><code>integer</code></em>;<br>
tkey-gssapi-credential <em class="replaceable"><code>quoted_string</code></em>;<br>
tkey-gssapi-keytab <em class="replaceable"><code>quoted_string</code></em>;<br>
tkey-domain <em class="replaceable"><code>quoted_string</code></em>;<br>
transfers-per-ns <em class="replaceable"><code>integer</code></em>;<br>
transfers-in <em class="replaceable"><code>integer</code></em>;<br>
transfers-out <em class="replaceable"><code>integer</code></em>;<br>
use-ixfr <em class="replaceable"><code>boolean</code></em>;<br>
version ( <em class="replaceable"><code>quoted_string</code></em> | none );<br>
allow-recursion { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
allow-recursion-on { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
sortlist { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
topology { <em class="replaceable"><code>address_match_element</code></em>; ... }; // not implemented<br>
auth-nxdomain <em class="replaceable"><code>boolean</code></em>; // default changed<br>
minimal-responses <em class="replaceable"><code>boolean</code></em>;<br>
recursion <em class="replaceable"><code>boolean</code></em>;<br>
rrset-order {<br>
[<span class="optional"> class <em class="replaceable"><code>string</code></em> </span>] [<span class="optional"> type <em class="replaceable"><code>string</code></em> </span>]<br>
[<span class="optional"> name <em class="replaceable"><code>quoted_string</code></em> </span>] <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>string</code></em>; ...<br>
};<br>
provide-ixfr <em class="replaceable"><code>boolean</code></em>;<br>
request-ixfr <em class="replaceable"><code>boolean</code></em>;<br>
rfc2308-type1 <em class="replaceable"><code>boolean</code></em>; // not yet implemented<br>
additional-from-auth <em class="replaceable"><code>boolean</code></em>;<br>
additional-from-cache <em class="replaceable"><code>boolean</code></em>;<br>
query-source ( ( <em class="replaceable"><code>ipv4_address</code></em> | * ) | [<span class="optional"> address ( <em class="replaceable"><code>ipv4_address</code></em> | * ) </span>] ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
query-source-v6 ( ( <em class="replaceable"><code>ipv6_address</code></em> | * ) | [<span class="optional"> address ( <em class="replaceable"><code>ipv6_address</code></em> | * ) </span>] ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
use-queryport-pool <em class="replaceable"><code>boolean</code></em>;<br>
queryport-pool-ports <em class="replaceable"><code>integer</code></em>;<br>
queryport-pool-updateinterval <em class="replaceable"><code>integer</code></em>;<br>
cleaning-interval <em class="replaceable"><code>integer</code></em>;<br>
resolver-query-timeout <em class="replaceable"><code>integer</code></em>;<br>
min-roots <em class="replaceable"><code>integer</code></em>; // not implemented<br>
lame-ttl <em class="replaceable"><code>integer</code></em>;<br>
max-ncache-ttl <em class="replaceable"><code>integer</code></em>;<br>
max-cache-ttl <em class="replaceable"><code>integer</code></em>;<br>
transfer-format ( many-answers | one-answer );<br>
max-cache-size <em class="replaceable"><code>size</code></em>;<br>
max-acache-size <em class="replaceable"><code>size</code></em>;<br>
clients-per-query <em class="replaceable"><code>number</code></em>;<br>
max-clients-per-query <em class="replaceable"><code>number</code></em>;<br>
check-names ( master | slave | response )<br>
( fail | warn | ignore );<br>
check-mx ( fail | warn | ignore );<br>
check-integrity <em class="replaceable"><code>boolean</code></em>;<br>
check-mx-cname ( fail | warn | ignore );<br>
check-srv-cname ( fail | warn | ignore );<br>
cache-file <em class="replaceable"><code>quoted_string</code></em>; // test option<br>
suppress-initial-notify <em class="replaceable"><code>boolean</code></em>; // not yet implemented<br>
preferred-glue <em class="replaceable"><code>string</code></em>;<br>
dual-stack-servers [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br>
( <em class="replaceable"><code>quoted_string</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] |<br>
<em class="replaceable"><code>ipv4_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] |<br>
<em class="replaceable"><code>ipv6_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] ); ...<br>
};<br>
edns-udp-size <em class="replaceable"><code>integer</code></em>;<br>
max-udp-size <em class="replaceable"><code>integer</code></em>;<br>
root-delegation-only [<span class="optional"> exclude { <em class="replaceable"><code>quoted_string</code></em>; ... } </span>];<br>
disable-algorithms <em class="replaceable"><code>string</code></em> { <em class="replaceable"><code>string</code></em>; ... };<br>
dnssec-enable <em class="replaceable"><code>boolean</code></em>;<br>
dnssec-validation <em class="replaceable"><code>boolean</code></em>;<br>
dnssec-lookaside ( <em class="replaceable"><code>auto</code></em> | <em class="replaceable"><code>no</code></em> | <em class="replaceable"><code>domain</code></em> trust-anchor <em class="replaceable"><code>domain</code></em> );<br>
dnssec-must-be-secure <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>boolean</code></em>;<br>
dnssec-accept-expired <em class="replaceable"><code>boolean</code></em>;<br>
<br>
dns64-server <em class="replaceable"><code>string</code></em>;<br>
dns64-contact <em class="replaceable"><code>string</code></em>;<br>
dns64 <em class="replaceable"><code>prefix</code></em> {<br>
clients { <font color="red"><replacable>acl</replacable></font>; };<br>
exclude { <font color="red"><replacable>acl</replacable></font>; };<br>
mapped { <font color="red"><replacable>acl</replacable></font>; };<br>
break-dnssec <em class="replaceable"><code>boolean</code></em>;<br>
recursive-only <em class="replaceable"><code>boolean</code></em>;<br>
suffix <em class="replaceable"><code>ipv6_address</code></em>;<br>
};<br>
<br>
empty-server <em class="replaceable"><code>string</code></em>;<br>
empty-contact <em class="replaceable"><code>string</code></em>;<br>
empty-zones-enable <em class="replaceable"><code>boolean</code></em>;<br>
disable-empty-zone <em class="replaceable"><code>string</code></em>;<br>
<br>
dialup <em class="replaceable"><code>dialuptype</code></em>;<br>
ixfr-from-differences <em class="replaceable"><code>ixfrdiff</code></em>;<br>
<br>
allow-query { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
allow-query-on { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
allow-query-cache { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
allow-query-cache-on { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
allow-transfer { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
allow-update { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
allow-update-forwarding { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
update-check-ksk <em class="replaceable"><code>boolean</code></em>;<br>
dnssec-dnskey-kskonly <em class="replaceable"><code>boolean</code></em>;<br>
<br>
masterfile-format ( text | raw );<br>
notify <em class="replaceable"><code>notifytype</code></em>;<br>
notify-source ( <em class="replaceable"><code>ipv4_address</code></em> | * ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
notify-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
notify-delay <em class="replaceable"><code>seconds</code></em>;<br>
notify-to-soa <em class="replaceable"><code>boolean</code></em>;<br>
also-notify [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] { ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> )<br>
[<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>]; ... };<br>
allow-notify { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
<br>
forward ( first | only );<br>
forwarders [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br>
( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> ) [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>]; ...<br>
};<br>
<br>
max-journal-size <em class="replaceable"><code>size_no_default</code></em>;<br>
max-transfer-time-in <em class="replaceable"><code>integer</code></em>;<br>
max-transfer-time-out <em class="replaceable"><code>integer</code></em>;<br>
max-transfer-idle-in <em class="replaceable"><code>integer</code></em>;<br>
max-transfer-idle-out <em class="replaceable"><code>integer</code></em>;<br>
max-retry-time <em class="replaceable"><code>integer</code></em>;<br>
min-retry-time <em class="replaceable"><code>integer</code></em>;<br>
max-refresh-time <em class="replaceable"><code>integer</code></em>;<br>
min-refresh-time <em class="replaceable"><code>integer</code></em>;<br>
multi-master <em class="replaceable"><code>boolean</code></em>;<br>
<br>
sig-validity-interval <em class="replaceable"><code>integer</code></em>;<br>
sig-re-signing-interval <em class="replaceable"><code>integer</code></em>;<br>
sig-signing-nodes <em class="replaceable"><code>integer</code></em>;<br>
sig-signing-signatures <em class="replaceable"><code>integer</code></em>;<br>
sig-signing-type <em class="replaceable"><code>integer</code></em>;<br>
<br>
transfer-source ( <em class="replaceable"><code>ipv4_address</code></em> | * )<br>
[<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
transfer-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * )<br>
[<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
<br>
alt-transfer-source ( <em class="replaceable"><code>ipv4_address</code></em> | * )<br>
[<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
alt-transfer-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * )<br>
[<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
use-alt-transfer-source <em class="replaceable"><code>boolean</code></em>;<br>
<br>
zone-statistics <em class="replaceable"><code>boolean</code></em>;<br>
key-directory <em class="replaceable"><code>quoted_string</code></em>;<br>
managed-keys-directory <em class="replaceable"><code>quoted_string</code></em>;<br>
auto-dnssec <code class="constant">allow</code>|<code class="constant">maintain</code>|<code class="constant">create</code>|<code class="constant">off</code>;<br>
try-tcp-refresh <em class="replaceable"><code>boolean</code></em>;<br>
zero-no-soa-ttl <em class="replaceable"><code>boolean</code></em>;<br>
zero-no-soa-ttl-cache <em class="replaceable"><code>boolean</code></em>;<br>
dnssec-secure-to-insecure <em class="replaceable"><code>boolean</code></em>;<br>
deny-answer-addresses {<br>
<em class="replaceable"><code>address_match_list</code></em><br>
} [<span class="optional"> except-from { <em class="replaceable"><code>namelist</code></em> } </span>];<br>
deny-answer-aliases {<br>
<em class="replaceable"><code>namelist</code></em><br>
} [<span class="optional"> except-from { <em class="replaceable"><code>namelist</code></em> } </span>];<br>
<br>
nsec3-test-zone <em class="replaceable"><code>boolean</code></em>; // testing only<br>
<br>
allow-v6-synthesis { <em class="replaceable"><code>address_match_element</code></em>; ... }; // obsolete<br>
deallocate-on-exit <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
fake-iquery <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
fetch-glue <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
has-old-clients <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
maintain-ixfr-base <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
max-ixfr-log-size <em class="replaceable"><code>size</code></em>; // obsolete<br>
multiple-cnames <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
named-xfer <em class="replaceable"><code>quoted_string</code></em>; // obsolete<br>
serial-queries <em class="replaceable"><code>integer</code></em>; // obsolete<br>
treat-cr-as-space <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
use-id-pool <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
};<br>
</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2544574"></a><h2>VIEW</h2>
<div class="literallayout"><p><br>
view <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>optional_class</code></em> {<br>
match-clients { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
match-destinations { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
match-recursive-only <em class="replaceable"><code>boolean</code></em>;<br>
<br>
key <em class="replaceable"><code>string</code></em> {<br>
algorithm <em class="replaceable"><code>string</code></em>;<br>
secret <em class="replaceable"><code>string</code></em>;<br>
};<br>
<br>
zone <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>optional_class</code></em> {<br>
...<br>
};<br>
<br>
server ( <em class="replaceable"><code>ipv4_address[<span class="optional">/prefixlen</span>]</code></em> | <em class="replaceable"><code>ipv6_address[<span class="optional">/prefixlen</span>]</code></em> ) {<br>
...<br>
};<br>
<br>
trusted-keys {<br>
<em class="replaceable"><code>string</code></em> <em class="replaceable"><code>integer</code></em> <em class="replaceable"><code>integer</code></em> <em class="replaceable"><code>integer</code></em> <em class="replaceable"><code>quoted_string</code></em>;<br>
[<span class="optional">...</span>]<br>
};<br>
<br>
allow-recursion { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
allow-recursion-on { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
sortlist { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
topology { <em class="replaceable"><code>address_match_element</code></em>; ... }; // not implemented<br>
auth-nxdomain <em class="replaceable"><code>boolean</code></em>; // default changed<br>
minimal-responses <em class="replaceable"><code>boolean</code></em>;<br>
recursion <em class="replaceable"><code>boolean</code></em>;<br>
rrset-order {<br>
[<span class="optional"> class <em class="replaceable"><code>string</code></em> </span>] [<span class="optional"> type <em class="replaceable"><code>string</code></em> </span>]<br>
[<span class="optional"> name <em class="replaceable"><code>quoted_string</code></em> </span>] <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>string</code></em>; ...<br>
};<br>
provide-ixfr <em class="replaceable"><code>boolean</code></em>;<br>
request-ixfr <em class="replaceable"><code>boolean</code></em>;<br>
rfc2308-type1 <em class="replaceable"><code>boolean</code></em>; // not yet implemented<br>
additional-from-auth <em class="replaceable"><code>boolean</code></em>;<br>
additional-from-cache <em class="replaceable"><code>boolean</code></em>;<br>
query-source ( ( <em class="replaceable"><code>ipv4_address</code></em> | * ) | [<span class="optional"> address ( <em class="replaceable"><code>ipv4_address</code></em> | * ) </span>] ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
query-source-v6 ( ( <em class="replaceable"><code>ipv6_address</code></em> | * ) | [<span class="optional"> address ( <em class="replaceable"><code>ipv6_address</code></em> | * ) </span>] ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
use-queryport-pool <em class="replaceable"><code>boolean</code></em>;<br>
queryport-pool-ports <em class="replaceable"><code>integer</code></em>;<br>
queryport-pool-updateinterval <em class="replaceable"><code>integer</code></em>;<br>
cleaning-interval <em class="replaceable"><code>integer</code></em>;<br>
resolver-query-timeout <em class="replaceable"><code>integer</code></em>;<br>
min-roots <em class="replaceable"><code>integer</code></em>; // not implemented<br>
lame-ttl <em class="replaceable"><code>integer</code></em>;<br>
max-ncache-ttl <em class="replaceable"><code>integer</code></em>;<br>
max-cache-ttl <em class="replaceable"><code>integer</code></em>;<br>
transfer-format ( many-answers | one-answer );<br>
max-cache-size <em class="replaceable"><code>size</code></em>;<br>
max-acache-size <em class="replaceable"><code>size</code></em>;<br>
clients-per-query <em class="replaceable"><code>number</code></em>;<br>
max-clients-per-query <em class="replaceable"><code>number</code></em>;<br>
check-names ( master | slave | response )<br>
( fail | warn | ignore );<br>
check-mx ( fail | warn | ignore );<br>
check-integrity <em class="replaceable"><code>boolean</code></em>;<br>
check-mx-cname ( fail | warn | ignore );<br>
check-srv-cname ( fail | warn | ignore );<br>
cache-file <em class="replaceable"><code>quoted_string</code></em>; // test option<br>
suppress-initial-notify <em class="replaceable"><code>boolean</code></em>; // not yet implemented<br>
preferred-glue <em class="replaceable"><code>string</code></em>;<br>
dual-stack-servers [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br>
( <em class="replaceable"><code>quoted_string</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] |<br>
<em class="replaceable"><code>ipv4_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] |<br>
<em class="replaceable"><code>ipv6_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] ); ...<br>
};<br>
edns-udp-size <em class="replaceable"><code>integer</code></em>;<br>
max-udp-size <em class="replaceable"><code>integer</code></em>;<br>
root-delegation-only [<span class="optional"> exclude { <em class="replaceable"><code>quoted_string</code></em>; ... } </span>];<br>
disable-algorithms <em class="replaceable"><code>string</code></em> { <em class="replaceable"><code>string</code></em>; ... };<br>
dnssec-enable <em class="replaceable"><code>boolean</code></em>;<br>
dnssec-validation <em class="replaceable"><code>boolean</code></em>;<br>
dnssec-lookaside ( <em class="replaceable"><code>auto</code></em> | <em class="replaceable"><code>no</code></em> | <em class="replaceable"><code>domain</code></em> trust-anchor <em class="replaceable"><code>domain</code></em> );<br>
dnssec-must-be-secure <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>boolean</code></em>;<br>
dnssec-accept-expired <em class="replaceable"><code>boolean</code></em>;<br>
<br>
dns64-server <em class="replaceable"><code>string</code></em>;<br>
dns64-contact <em class="replaceable"><code>string</code></em>;<br>
dns64 <em class="replaceable"><code>prefix</code></em> {<br>
clients { <font color="red"><replacable>acl</replacable></font>; };<br>
exclude { <font color="red"><replacable>acl</replacable></font>; };<br>
mapped { <font color="red"><replacable>acl</replacable></font>; };<br>
break-dnssec <em class="replaceable"><code>boolean</code></em>;<br>
recursive-only <em class="replaceable"><code>boolean</code></em>;<br>
suffix <em class="replaceable"><code>ipv6_address</code></em>;<br>
};<br>
<br>
empty-server <em class="replaceable"><code>string</code></em>;<br>
empty-contact <em class="replaceable"><code>string</code></em>;<br>
empty-zones-enable <em class="replaceable"><code>boolean</code></em>;<br>
disable-empty-zone <em class="replaceable"><code>string</code></em>;<br>
<br>
dialup <em class="replaceable"><code>dialuptype</code></em>;<br>
ixfr-from-differences <em class="replaceable"><code>ixfrdiff</code></em>;<br>
<br>
allow-query { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
allow-query-on { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
allow-query-cache { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
allow-query-cache-on { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
allow-transfer { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
allow-update { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
allow-update-forwarding { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
update-check-ksk <em class="replaceable"><code>boolean</code></em>;<br>
dnssec-dnskey-kskonly <em class="replaceable"><code>boolean</code></em>;<br>
<br>
masterfile-format ( text | raw );<br>
notify <em class="replaceable"><code>notifytype</code></em>;<br>
notify-source ( <em class="replaceable"><code>ipv4_address</code></em> | * ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
notify-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
notify-delay <em class="replaceable"><code>seconds</code></em>;<br>
notify-to-soa <em class="replaceable"><code>boolean</code></em>;<br>
also-notify [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] { ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> )<br>
[<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>]; ... };<br>
allow-notify { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
<br>
forward ( first | only );<br>
forwarders [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br>
( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> ) [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>]; ...<br>
};<br>
<br>
max-journal-size <em class="replaceable"><code>size_no_default</code></em>;<br>
max-transfer-time-in <em class="replaceable"><code>integer</code></em>;<br>
max-transfer-time-out <em class="replaceable"><code>integer</code></em>;<br>
max-transfer-idle-in <em class="replaceable"><code>integer</code></em>;<br>
max-transfer-idle-out <em class="replaceable"><code>integer</code></em>;<br>
max-retry-time <em class="replaceable"><code>integer</code></em>;<br>
min-retry-time <em class="replaceable"><code>integer</code></em>;<br>
max-refresh-time <em class="replaceable"><code>integer</code></em>;<br>
min-refresh-time <em class="replaceable"><code>integer</code></em>;<br>
multi-master <em class="replaceable"><code>boolean</code></em>;<br>
sig-validity-interval <em class="replaceable"><code>integer</code></em>;<br>
<br>
transfer-source ( <em class="replaceable"><code>ipv4_address</code></em> | * )<br>
[<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
transfer-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * )<br>
[<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
<br>
alt-transfer-source ( <em class="replaceable"><code>ipv4_address</code></em> | * )<br>
[<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
alt-transfer-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * )<br>
[<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
use-alt-transfer-source <em class="replaceable"><code>boolean</code></em>;<br>
<br>
zone-statistics <em class="replaceable"><code>boolean</code></em>;<br>
try-tcp-refresh <em class="replaceable"><code>boolean</code></em>;<br>
key-directory <em class="replaceable"><code>quoted_string</code></em>;<br>
zero-no-soa-ttl <em class="replaceable"><code>boolean</code></em>;<br>
zero-no-soa-ttl-cache <em class="replaceable"><code>boolean</code></em>;<br>
dnssec-secure-to-insecure <em class="replaceable"><code>boolean</code></em>;<br>
<br>
allow-v6-synthesis { <em class="replaceable"><code>address_match_element</code></em>; ... }; // obsolete<br>
fetch-glue <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
maintain-ixfr-base <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
max-ixfr-log-size <em class="replaceable"><code>size</code></em>; // obsolete<br>
};<br>
</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2545284"></a><h2>ZONE</h2>
<div class="literallayout"><p><br>
zone <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>optional_class</code></em> {<br>
type ( master | slave | stub | hint |<br>
forward | delegation-only );<br>
file <em class="replaceable"><code>quoted_string</code></em>;<br>
<br>
masters [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br>
( <em class="replaceable"><code>masters</code></em> |<br>
<em class="replaceable"><code>ipv4_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] |<br>
<em class="replaceable"><code>ipv6_address</code></em> [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] ) [<span class="optional"> key <em class="replaceable"><code>string</code></em> </span>]; ...<br>
};<br>
<br>
database <em class="replaceable"><code>string</code></em>;<br>
delegation-only <em class="replaceable"><code>boolean</code></em>;<br>
check-names ( fail | warn | ignore );<br>
check-mx ( fail | warn | ignore );<br>
check-integrity <em class="replaceable"><code>boolean</code></em>;<br>
check-mx-cname ( fail | warn | ignore );<br>
check-srv-cname ( fail | warn | ignore );<br>
dialup <em class="replaceable"><code>dialuptype</code></em>;<br>
ixfr-from-differences <em class="replaceable"><code>boolean</code></em>;<br>
journal <em class="replaceable"><code>quoted_string</code></em>;<br>
zero-no-soa-ttl <em class="replaceable"><code>boolean</code></em>;<br>
dnssec-secure-to-insecure <em class="replaceable"><code>boolean</code></em>;<br>
<br>
allow-query { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
allow-query-on { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
allow-transfer { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
allow-update { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
allow-update-forwarding { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
update-policy <em class="replaceable"><code>local</code></em> | <em class="replaceable"><code> {<br>
( grant | deny ) <em class="replaceable"><code>string</code></em><br>
( name | subdomain | wildcard | self | selfsub | selfwild |<br>
krb5-self | ms-self | krb5-subdomain | ms-subdomain |<br>
tcp-self | zonesub | 6to4-self ) <em class="replaceable"><code>string</code></em><br>
<em class="replaceable"><code>rrtypelist</code></em>;<br>
[<span class="optional">...</span>]<br>
}</code></em>;<br>
update-check-ksk <em class="replaceable"><code>boolean</code></em>;<br>
dnssec-dnskey-kskonly <em class="replaceable"><code>boolean</code></em>;<br>
<br>
masterfile-format ( text | raw );<br>
notify <em class="replaceable"><code>notifytype</code></em>;<br>
notify-source ( <em class="replaceable"><code>ipv4_address</code></em> | * ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
notify-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
notify-delay <em class="replaceable"><code>seconds</code></em>;<br>
notify-to-soa <em class="replaceable"><code>boolean</code></em>;<br>
also-notify [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] { ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> )<br>
[<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>]; ... };<br>
allow-notify { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
<br>
forward ( first | only );<br>
forwarders [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br>
( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> ) [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>]; ...<br>
};<br>
<br>
max-journal-size <em class="replaceable"><code>size_no_default</code></em>;<br>
max-transfer-time-in <em class="replaceable"><code>integer</code></em>;<br>
max-transfer-time-out <em class="replaceable"><code>integer</code></em>;<br>
max-transfer-idle-in <em class="replaceable"><code>integer</code></em>;<br>
max-transfer-idle-out <em class="replaceable"><code>integer</code></em>;<br>
max-retry-time <em class="replaceable"><code>integer</code></em>;<br>
min-retry-time <em class="replaceable"><code>integer</code></em>;<br>
max-refresh-time <em class="replaceable"><code>integer</code></em>;<br>
min-refresh-time <em class="replaceable"><code>integer</code></em>;<br>
multi-master <em class="replaceable"><code>boolean</code></em>;<br>
sig-validity-interval <em class="replaceable"><code>integer</code></em>;<br>
<br>
transfer-source ( <em class="replaceable"><code>ipv4_address</code></em> | * )<br>
[<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
transfer-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * )<br>
[<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
<br>
alt-transfer-source ( <em class="replaceable"><code>ipv4_address</code></em> | * )<br>
[<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
alt-transfer-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * )<br>
[<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
use-alt-transfer-source <em class="replaceable"><code>boolean</code></em>;<br>
<br>
zone-statistics <em class="replaceable"><code>boolean</code></em>;<br>
try-tcp-refresh <em class="replaceable"><code>boolean</code></em>;<br>
key-directory <em class="replaceable"><code>quoted_string</code></em>;<br>
<br>
nsec3-test-zone <em class="replaceable"><code>boolean</code></em>; // testing only<br>
<br>
ixfr-base <em class="replaceable"><code>quoted_string</code></em>; // obsolete<br>
ixfr-tmp-file <em class="replaceable"><code>quoted_string</code></em>; // obsolete<br>
maintain-ixfr-base <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
max-ixfr-log-size <em class="replaceable"><code>size</code></em>; // obsolete<br>
pubkey <em class="replaceable"><code>integer</code></em> <em class="replaceable"><code>integer</code></em> <em class="replaceable"><code>integer</code></em> <em class="replaceable"><code>quoted_string</code></em>; // obsolete<br>
};<br>
</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2545664"></a><h2>FILES</h2>
<p><code class="filename">/etc/named.conf</code>
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2545675"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">named-checkconf</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>.
</p>
</div>
</div></body>
</html>