named.conf - configuration file for named
named.conf |
named.conf is the configuration file for named. Statements are enclosed in braces and terminated with a semi-colon. Clauses in the statements are also semi-colon terminated. The usual comment styles are supported:
C style: /* */
C++ style: // to end of line
Unix style: # to end of line
acl string { address_match_element; ... };
controls {
inet ( ipv4_address | ipv6_address | |
|
* ) [ port ( integer | * ) ] allow |
|
{ address_match_element; ... } [ |
|
keys { string; ... } ] [ read-only |
|
boolean ]; |
|
unix quoted_string perm integer |
|
owner integer group integer [ |
|
keys { string; ... } ] [ read-only |
|
boolean ]; |
};
dlz string {
database string; |
|
search boolean; |
};
dyndb string quoted_string {
unspecified-text };
key string {
algorithm string; |
|
secret string; |
};
logging {
category string { string; ... }; |
|||
channel string { |
|||
buffered boolean; |
|||
file quoted_string [ versions ( "unlimited" | integer ) |
|||
] [ size size ]; |
|||
null; |
|||
print-category boolean; |
|||
print-severity boolean; |
|||
print-time boolean; |
|||
severity log_severity; |
|||
stderr; |
|||
syslog [ syslog_facility ]; |
|||
}; |
};
lwres {
listen-on [ port integer ] [ dscp integer ] { ( ipv4_address |
|
| ipv6_address ) [ port integer ] [ dscp integer ]; ... }; |
|
lwres-clients integer; |
|
lwres-tasks integer; |
|
ndots integer; |
|
search { string; ... }; |
|
view string [ class ]; |
};
managed-keys { string string integer
integer integer quoted_string; ... };
masters string [ port integer ] [ dscp
integer ] { ( masters | ipv4_address [
port integer ] | ipv6_address [ port
integer ] ) [ key string ]; ... };
options {
acache-cleaning-interval integer; |
|||
acache-enable boolean; |
|||
additional-from-auth boolean; |
|||
additional-from-cache boolean; |
|||
allow-new-zones boolean; |
|||
allow-notify { address_match_element; ... }; |
|||
allow-query { address_match_element; ... }; |
|||
allow-query-cache { address_match_element; ... }; |
|||
allow-query-cache-on { address_match_element; ... }; |
|||
allow-query-on { address_match_element; ... }; |
|||
allow-recursion { address_match_element; ... }; |
|||
allow-recursion-on { address_match_element; ... }; |
|||
allow-transfer { address_match_element; ... }; |
|||
allow-update { address_match_element; ... }; |
|||
allow-update-forwarding { address_match_element; ... }; |
|||
also-notify [ port integer ] [ dscp integer ] { ( masters | |
|||
ipv4_address [ port integer ] | ipv6_address [ port |
|||
integer ] ) [ key string ]; ... }; |
|||
alt-transfer-source ( ipv4_address | * ) [ port ( integer | * ) |
|||
] [ dscp integer ]; |
|||
alt-transfer-source-v6 ( ipv6_address | * ) [ port ( integer | |
|||
* ) ] [ dscp integer ]; |
|||
answer-cookie boolean; |
|||
attach-cache string; |
|||
auth-nxdomain boolean; // default changed |
|||
auto-dnssec ( allow | maintain | off ); |
|||
automatic-interface-scan boolean; |
|||
avoid-v4-udp-ports { portrange; ... }; |
|||
avoid-v6-udp-ports { portrange; ... }; |
|||
bindkeys-file quoted_string; |
|||
blackhole { address_match_element; ... }; |
|||
cache-file quoted_string; |
|||
catalog-zones { zone string [ default-masters [ port integer ] |
|||
[ dscp integer ] { ( masters | ipv4_address [ port |
|||
integer ] | ipv6_address [ port integer ] ) [ key |
|||
string ]; ... } ] [ zone-directory quoted_string ] [ |
|||
in-memory boolean ] [ min-update-interval integer ]; ... }; |
|||
check-dup-records ( fail | warn | ignore ); |
|||
check-integrity boolean; |
|||
check-mx ( fail | warn | ignore ); |
|||
check-mx-cname ( fail | warn | ignore ); |
|||
check-names ( master | slave | response |
|||
) ( fail | warn | ignore ); |
|||
check-sibling boolean; |
|||
check-spf ( warn | ignore ); |
|||
check-srv-cname ( fail | warn | ignore ); |
|||
check-wildcard boolean; |
|||
cleaning-interval integer; |
|||
clients-per-query integer; |
|||
cookie-algorithm ( aes | sha1 | sha256 | siphash24 ); |
|||
cookie-secret string; |
|||
coresize ( default | unlimited | sizeval ); |
|||
datasize ( default | unlimited | sizeval ); |
|||
deny-answer-addresses { address_match_element; ... } [ |
|||
except-from { quoted_string; ... } ]; |
|||
deny-answer-aliases { quoted_string; ... } [ except-from { |
|||
quoted_string; ... } ]; |
|||
dialup ( notify | notify-passive | passive | refresh | boolean ); |
|||
directory quoted_string; |
|||
disable-algorithms string { string; |
|||
... }; |
|||
disable-ds-digests string { string; |
|||
... }; |
|||
disable-empty-zone string; |
|||
dns64 netprefix { |
|||
break-dnssec boolean; |
|||
clients { address_match_element; ... }; |
|||
exclude { address_match_element; ... }; |
|||
mapped { address_match_element; ... }; |
|||
recursive-only boolean; |
|||
suffix ipv6_address; |
|||
}; |
|||
dns64-contact string; |
|||
dns64-server string; |
|||
dnssec-accept-expired boolean; |
|||
dnssec-dnskey-kskonly boolean; |
|||
dnssec-enable boolean; |
|||
dnssec-loadkeys-interval integer; |
|||
dnssec-lookaside ( string trust-anchor |
|||
string | auto | no ); |
|||
dnssec-must-be-secure string boolean; |
|||
dnssec-secure-to-insecure boolean; |
|||
dnssec-update-mode ( maintain | no-resign ); |
|||
dnssec-validation ( yes | no | auto ); |
|||
dnstap { ( all | auth | client | forwarder | |
|||
resolver ) [ ( query | response ) ]; ... }; |
|||
dnstap-identity ( quoted_string | none | |
|||
hostname ); |
|||
dnstap-output ( file | unix ) quoted_string; |
|||
dnstap-version ( quoted_string | none ); |
|||
dscp integer; |
|||
dual-stack-servers [ port integer ] { ( quoted_string [ port |
|||
integer ] [ dscp integer ] | ipv4_address [ port |
|||
integer ] [ dscp integer ] | ipv6_address [ port |
|||
integer ] [ dscp integer ] ); ... }; |
|||
dump-file quoted_string; |
|||
edns-udp-size integer; |
|||
empty-contact string; |
|||
empty-server string; |
|||
empty-zones-enable boolean; |
|||
fetch-quota-params integer fixedpoint fixedpoint fixedpoint; |
|||
fetches-per-server integer [ ( drop | fail ) ]; |
|||
fetches-per-zone integer [ ( drop | fail ) ]; |
|||
files ( default | unlimited | sizeval ); |
|||
filter-aaaa { address_match_element; ... }; |
|||
filter-aaaa-on-v4 ( break-dnssec | boolean ); |
|||
filter-aaaa-on-v6 ( break-dnssec | boolean ); |
|||
flush-zones-on-shutdown boolean; |
|||
forward ( first | only ); |
|||
forwarders [ port integer ] [ dscp integer ] { ( ipv4_address |
|||
| ipv6_address ) [ port integer ] [ dscp integer ]; ... }; |
|||
fstrm-set-buffer-hint integer; |
|||
fstrm-set-flush-timeout integer; |
|||
fstrm-set-input-queue-size integer; |
|||
fstrm-set-output-notify-threshold integer; |
|||
fstrm-set-output-queue-model ( mpsc | spsc ); |
|||
fstrm-set-output-queue-size integer; |
|||
fstrm-set-reopen-interval integer; |
|||
geoip-directory ( quoted_string | none ); |
|||
geoip-use-ecs boolean; |
|||
heartbeat-interval integer; |
|||
hostname ( quoted_string | none ); |
|||
inline-signing boolean; |
|||
interface-interval integer; |
|||
ixfr-from-differences ( master | slave | boolean ); |
|||
keep-response-order { address_match_element; ... }; |
|||
key-directory quoted_string; |
|||
lame-ttl ttlval; |
|||
listen-on [ port integer ] [ dscp |
|||
integer ] { |
|||
address_match_element; ... }; |
|||
listen-on-v6 [ port integer ] [ dscp |
|||
integer ] { |
|||
address_match_element; ... }; |
|||
lmdb-mapsize sizeval; |
|||
lock-file ( quoted_string | none ); |
|||
managed-keys-directory quoted_string; |
|||
masterfile-format ( map | raw | text ); |
|||
masterfile-style ( full | relative ); |
|||
match-mapped-addresses boolean; |
|||
max-acache-size ( unlimited | sizeval ); |
|||
max-cache-size ( default | unlimited | sizeval | percentage ); |
|||
max-cache-ttl integer; |
|||
max-clients-per-query integer; |
|||
max-journal-size ( unlimited | sizeval ); |
|||
max-ncache-ttl integer; |
|||
max-records integer; |
|||
max-recursion-depth integer; |
|||
max-recursion-queries integer; |
|||
max-refresh-time integer; |
|||
max-retry-time integer; |
|||
max-rsa-exponent-size integer; |
|||
max-transfer-idle-in integer; |
|||
max-transfer-idle-out integer; |
|||
max-transfer-time-in integer; |
|||
max-transfer-time-out integer; |
|||
max-udp-size integer; |
|||
max-zone-ttl ( unlimited | ttlval ); |
|||
memstatistics boolean; |
|||
memstatistics-file quoted_string; |
|||
message-compression boolean; |
|||
min-refresh-time integer; |
|||
min-retry-time integer; |
|||
minimal-any boolean; |
|||
minimal-responses ( no-auth | no-auth-recursive | boolean ); |
|||
multi-master boolean; |
|||
no-case-compress { address_match_element; ... }; |
|||
nocookie-udp-size integer; |
|||
notify ( explicit | master-only | boolean ); |
|||
notify-delay integer; |
|||
notify-rate integer; |
|||
notify-source ( ipv4_address | * ) [ port ( integer | * ) ] [ |
|||
dscp integer ]; |
|||
notify-source-v6 ( ipv6_address | * ) [ port ( integer | * ) ] |
|||
[ dscp integer ]; |
|||
notify-to-soa boolean; |
|||
nta-lifetime ttlval; |
|||
nta-recheck ttlval; |
|||
nxdomain-redirect string; |
|||
pid-file ( quoted_string | none ); |
|||
port integer; |
|||
preferred-glue string; |
|||
prefetch integer [ integer ]; |
|||
provide-ixfr boolean; |
|||
query-source ( ( [ address ] ( ipv4_address | * ) [ port ( |
|||
integer | * ) ] ) | ( [ [ address ] ( ipv4_address | * ) ] |
|||
port ( integer | * ) ) ) [ dscp integer ]; |
|||
query-source-v6 ( ( [ address ] ( ipv6_address | * ) [ port ( |
|||
integer | * ) ] ) | ( [ [ address ] ( ipv6_address | * ) ] |
|||
port ( integer | * ) ) ) [ dscp integer ]; |
|||
querylog boolean; |
|||
random-device quoted_string; |
|||
rate-limit { |
|||
all-per-second integer; |
|||
errors-per-second integer; |
|||
exempt-clients { address_match_element; ... }; |
|||
ipv4-prefix-length integer; |
|||
ipv6-prefix-length integer; |
|||
log-only boolean; |
|||
max-table-size integer; |
|||
min-table-size integer; |
|||
nodata-per-second integer; |
|||
nxdomains-per-second integer; |
|||
qps-scale integer; |
|||
referrals-per-second integer; |
|||
responses-per-second integer; |
|||
slip integer; |
|||
window integer; |
|||
}; |
|||
recursing-file quoted_string; |
|||
recursion boolean; |
|||
recursive-clients integer; |
|||
request-expire boolean; |
|||
request-ixfr boolean; |
|||
request-nsid boolean; |
|||
require-server-cookie boolean; |
|||
reserved-sockets integer; |
|||
resolver-query-timeout integer; |
|||
response-policy { zone string [ log boolean ] [ max-policy-ttl |
|||
integer ] [ policy ( cname | disabled | drop | given | no-op |
|||
| nodata | nxdomain | passthru | tcp-only quoted_string ) ] [ |
|||
recursive-only boolean ]; ... } [ break-dnssec boolean ] [ |
|||
max-policy-ttl integer ] [ min-ns-dots integer ] [ |
|||
nsip-wait-recurse boolean ] [ qname-wait-recurse boolean ] |
|||
[ recursive-only boolean ]; |
|||
root-delegation-only [ exclude { quoted_string; ... } ]; |
|||
root-key-sentinel boolean; |
|||
rrset-order { [ class string ] [ type string ] [ name |
|||
quoted_string ] string string; ... }; |
|||
secroots-file quoted_string; |
|||
send-cookie boolean; |
|||
serial-query-rate integer; |
|||
serial-update-method ( date | increment | unixtime ); |
|||
server-id ( quoted_string | none | hostname ); |
|||
servfail-ttl ttlval; |
|||
session-keyalg string; |
|||
session-keyfile ( quoted_string | none ); |
|||
session-keyname string; |
|||
sig-signing-nodes integer; |
|||
sig-signing-signatures integer; |
|||
sig-signing-type integer; |
|||
sig-validity-interval integer [ integer ]; |
|||
sortlist { address_match_element; ... }; |
|||
stacksize ( default | unlimited | sizeval ); |
|||
startup-notify-rate integer; |
|||
statistics-file quoted_string; |
|||
tcp-clients integer; |
|||
tcp-listen-queue integer; |
|||
tkey-dhkey quoted_string integer; |
|||
tkey-domain quoted_string; |
|||
tkey-gssapi-credential quoted_string; |
|||
tkey-gssapi-keytab quoted_string; |
|||
transfer-format ( many-answers | one-answer ); |
|||
transfer-message-size integer; |
|||
transfer-source ( ipv4_address | * ) [ port ( integer | * ) ] [ |
|||
dscp integer ]; |
|||
transfer-source-v6 ( ipv6_address | * ) [ port ( integer | * ) |
|||
] [ dscp integer ]; |
|||
transfers-in integer; |
|||
transfers-out integer; |
|||
transfers-per-ns integer; |
|||
trust-anchor-telemetry boolean; // experimental |
|||
try-tcp-refresh boolean; |
|||
update-check-ksk boolean; |
|||
use-alt-transfer-source boolean; |
|||
use-v4-udp-ports { portrange; ... }; |
|||
use-v6-udp-ports { portrange; ... }; |
|||
v6-bias integer; |
|||
version ( quoted_string | none ); |
|||
zero-no-soa-ttl boolean; |
|||
zero-no-soa-ttl-cache boolean; |
|||
zone-statistics ( full | terse | none | boolean ); |
};
server netprefix {
bogus boolean; |
|
edns boolean; |
|
edns-udp-size integer; |
|
edns-version integer; |
|
keys server_key; |
|
max-udp-size integer; |
|
notify-source ( ipv4_address | * ) [ port ( integer | * ) ] [ |
|
dscp integer ]; |
|
notify-source-v6 ( ipv6_address | * ) [ port ( integer | * ) ] |
|
[ dscp integer ]; |
|
provide-ixfr boolean; |
|
query-source ( ( [ address ] ( ipv4_address | * ) [ port ( |
|
integer | * ) ] ) | ( [ [ address ] ( ipv4_address | * ) ] |
|
port ( integer | * ) ) ) [ dscp integer ]; |
|
query-source-v6 ( ( [ address ] ( ipv6_address | * ) [ port ( |
|
integer | * ) ] ) | ( [ [ address ] ( ipv6_address | * ) ] |
|
port ( integer | * ) ) ) [ dscp integer ]; |
|
request-expire boolean; |
|
request-ixfr boolean; |
|
request-nsid boolean; |
|
send-cookie boolean; |
|
tcp-only boolean; |
|
transfer-format ( many-answers | one-answer ); |
|
transfer-source ( ipv4_address | * ) [ port ( integer | * ) ] [ |
|
dscp integer ]; |
|
transfer-source-v6 ( ipv6_address | * ) [ port ( integer | * ) |
|
] [ dscp integer ]; |
|
transfers integer; |
};
statistics-channels {
inet ( ipv4_address | ipv6_address | |
|
* ) [ port ( integer | * ) ] [ |
|
allow { address_match_element; ... |
|
} ]; |
};
trusted-keys { string integer integer
integer quoted_string; ... };
view string [ class ] {
acache-cleaning-interval integer; |
|||
acache-enable boolean; |
|||
additional-from-auth boolean; |
|||
additional-from-cache boolean; |
|||
allow-new-zones boolean; |
|||
allow-notify { address_match_element; ... }; |
|||
allow-query { address_match_element; ... }; |
|||
allow-query-cache { address_match_element; ... }; |
|||
allow-query-cache-on { address_match_element; ... }; |
|||
allow-query-on { address_match_element; ... }; |
|||
allow-recursion { address_match_element; ... }; |
|||
allow-recursion-on { address_match_element; ... }; |
|||
allow-transfer { address_match_element; ... }; |
|||
allow-update { address_match_element; ... }; |
|||
allow-update-forwarding { address_match_element; ... }; |
|||
also-notify [ port integer ] [ dscp integer ] { ( masters | |
|||
ipv4_address [ port integer ] | ipv6_address [ port |
|||
integer ] ) [ key string ]; ... }; |
|||
alt-transfer-source ( ipv4_address | * ) [ port ( integer | * ) |
|||
] [ dscp integer ]; |
|||
alt-transfer-source-v6 ( ipv6_address | * ) [ port ( integer | |
|||
* ) ] [ dscp integer ]; |
|||
attach-cache string; |
|||
auth-nxdomain boolean; // default changed |
|||
auto-dnssec ( allow | maintain | off ); |
|||
cache-file quoted_string; |
|||
catalog-zones { zone string [ default-masters [ port integer ] |
|||
[ dscp integer ] { ( masters | ipv4_address [ port |
|||
integer ] | ipv6_address [ port integer ] ) [ key |
|||
string ]; ... } ] [ zone-directory quoted_string ] [ |
|||
in-memory boolean ] [ min-update-interval integer ]; ... }; |
|||
check-dup-records ( fail | warn | ignore ); |
|||
check-integrity boolean; |
|||
check-mx ( fail | warn | ignore ); |
|||
check-mx-cname ( fail | warn | ignore ); |
|||
check-names ( master | slave | response |
|||
) ( fail | warn | ignore ); |
|||
check-sibling boolean; |
|||
check-spf ( warn | ignore ); |
|||
check-srv-cname ( fail | warn | ignore ); |
|||
check-wildcard boolean; |
|||
cleaning-interval integer; |
|||
clients-per-query integer; |
|||
deny-answer-addresses { address_match_element; ... } [ |
|||
except-from { quoted_string; ... } ]; |
|||
deny-answer-aliases { quoted_string; ... } [ except-from { |
|||
quoted_string; ... } ]; |
|||
dialup ( notify | notify-passive | passive | refresh | boolean ); |
|||
disable-algorithms string { string; |
|||
... }; |
|||
disable-ds-digests string { string; |
|||
... }; |
|||
disable-empty-zone string; |
|||
dlz string { |
|||
database string; |
|||
search boolean; |
|||
}; |
|||
dns64 netprefix { |
|||
break-dnssec boolean; |
|||
clients { address_match_element; ... }; |
|||
exclude { address_match_element; ... }; |
|||
mapped { address_match_element; ... }; |
|||
recursive-only boolean; |
|||
suffix ipv6_address; |
|||
}; |
|||
dns64-contact string; |
|||
dns64-server string; |
|||
dnssec-accept-expired boolean; |
|||
dnssec-dnskey-kskonly boolean; |
|||
dnssec-enable boolean; |
|||
dnssec-loadkeys-interval integer; |
|||
dnssec-lookaside ( string trust-anchor |
|||
string | auto | no ); |
|||
dnssec-must-be-secure string boolean; |
|||
dnssec-secure-to-insecure boolean; |
|||
dnssec-update-mode ( maintain | no-resign ); |
|||
dnssec-validation ( yes | no | auto ); |
|||
dnstap { ( all | auth | client | forwarder | |
|||
resolver ) [ ( query | response ) ]; ... }; |
|||
dual-stack-servers [ port integer ] { ( quoted_string [ port |
|||
integer ] [ dscp integer ] | ipv4_address [ port |
|||
integer ] [ dscp integer ] | ipv6_address [ port |
|||
integer ] [ dscp integer ] ); ... }; |
|||
dyndb string quoted_string { |
|||
unspecified-text }; |
|||
edns-udp-size integer; |
|||
empty-contact string; |
|||
empty-server string; |
|||
empty-zones-enable boolean; |
|||
fetch-quota-params integer fixedpoint fixedpoint fixedpoint; |
|||
fetches-per-server integer [ ( drop | fail ) ]; |
|||
fetches-per-zone integer [ ( drop | fail ) ]; |
|||
filter-aaaa { address_match_element; ... }; |
|||
filter-aaaa-on-v4 ( break-dnssec | boolean ); |
|||
filter-aaaa-on-v6 ( break-dnssec | boolean ); |
|||
forward ( first | only ); |
|||
forwarders [ port integer ] [ dscp integer ] { ( ipv4_address |
|||
| ipv6_address ) [ port integer ] [ dscp integer ]; ... }; |
|||
inline-signing boolean; |
|||
ixfr-from-differences ( master | slave | boolean ); |
|||
key string { |
|||
algorithm string; |
|||
secret string; |
|||
}; |
|||
key-directory quoted_string; |
|||
lame-ttl ttlval; |
|||
lmdb-mapsize sizeval; |
|||
managed-keys { string string |
|||
integer integer integer |
|||
quoted_string; ... }; |
|||
masterfile-format ( map | raw | text ); |
|||
masterfile-style ( full | relative ); |
|||
match-clients { address_match_element; ... }; |
|||
match-destinations { address_match_element; ... }; |
|||
match-recursive-only boolean; |
|||
max-acache-size ( unlimited | sizeval ); |
|||
max-cache-size ( default | unlimited | sizeval | percentage ); |
|||
max-cache-ttl integer; |
|||
max-clients-per-query integer; |
|||
max-journal-size ( unlimited | sizeval ); |
|||
max-ncache-ttl integer; |
|||
max-records integer; |
|||
max-recursion-depth integer; |
|||
max-recursion-queries integer; |
|||
max-refresh-time integer; |
|||
max-retry-time integer; |
|||
max-transfer-idle-in integer; |
|||
max-transfer-idle-out integer; |
|||
max-transfer-time-in integer; |
|||
max-transfer-time-out integer; |
|||
max-udp-size integer; |
|||
max-zone-ttl ( unlimited | ttlval ); |
|||
message-compression boolean; |
|||
min-refresh-time integer; |
|||
min-retry-time integer; |
|||
minimal-any boolean; |
|||
minimal-responses ( no-auth | no-auth-recursive | boolean ); |
|||
multi-master boolean; |
|||
no-case-compress { address_match_element; ... }; |
|||
nocookie-udp-size integer; |
|||
notify ( explicit | master-only | boolean ); |
|||
notify-delay integer; |
|||
notify-source ( ipv4_address | * ) [ port ( integer | * ) ] [ |
|||
dscp integer ]; |
|||
notify-source-v6 ( ipv6_address | * ) [ port ( integer | * ) ] |
|||
[ dscp integer ]; |
|||
notify-to-soa boolean; |
|||
nta-lifetime ttlval; |
|||
nta-recheck ttlval; |
|||
nxdomain-redirect string; |
|||
preferred-glue string; |
|||
prefetch integer [ integer ]; |
|||
provide-ixfr boolean; |
|||
query-source ( ( [ address ] ( ipv4_address | * ) [ port ( |
|||
integer | * ) ] ) | ( [ [ address ] ( ipv4_address | * ) ] |
|||
port ( integer | * ) ) ) [ dscp integer ]; |
|||
query-source-v6 ( ( [ address ] ( ipv6_address | * ) [ port ( |
|||
integer | * ) ] ) | ( [ [ address ] ( ipv6_address | * ) ] |
|||
port ( integer | * ) ) ) [ dscp integer ]; |
|||
rate-limit { |
|||
all-per-second integer; |
|||
errors-per-second integer; |
|||
exempt-clients { address_match_element; ... }; |
|||
ipv4-prefix-length integer; |
|||
ipv6-prefix-length integer; |
|||
log-only boolean; |
|||
max-table-size integer; |
|||
min-table-size integer; |
|||
nodata-per-second integer; |
|||
nxdomains-per-second integer; |
|||
qps-scale integer; |
|||
referrals-per-second integer; |
|||
responses-per-second integer; |
|||
slip integer; |
|||
window integer; |
|||
}; |
|||
recursion boolean; |
|||
request-expire boolean; |
|||
request-ixfr boolean; |
|||
request-nsid boolean; |
|||
require-server-cookie boolean; |
|||
resolver-query-timeout integer; |
|||
response-policy { zone string [ log boolean ] [ max-policy-ttl |
|||
integer ] [ policy ( cname | disabled | drop | given | no-op |
|||
| nodata | nxdomain | passthru | tcp-only quoted_string ) ] [ |
|||
recursive-only boolean ]; ... } [ break-dnssec boolean ] [ |
|||
max-policy-ttl integer ] [ min-ns-dots integer ] [ |
|||
nsip-wait-recurse boolean ] [ qname-wait-recurse boolean ] |
|||
[ recursive-only boolean ]; |
|||
root-delegation-only [ exclude { quoted_string; ... } ]; |
|||
root-key-sentinel boolean; |
|||
rrset-order { [ class string ] [ type string ] [ name |
|||
quoted_string ] string string; ... }; |
|||
send-cookie boolean; |
|||
serial-update-method ( date | increment | unixtime ); |
|||
server netprefix { |
|||
bogus boolean; |
|||
edns boolean; |
|||
edns-udp-size integer; |
|||
edns-version integer; |
|||
keys server_key; |
|||
max-udp-size integer; |
|||
notify-source ( ipv4_address | * ) [ port ( integer | * |
|||
) ] [ dscp integer ]; |
|||
notify-source-v6 ( ipv6_address | * ) [ port ( integer |
|||
| * ) ] [ dscp integer ]; |
|||
provide-ixfr boolean; |
|||
query-source ( ( [ address ] ( ipv4_address | * ) [ port |
|||
( integer | * ) ] ) | ( [ [ address ] ( |
|||
ipv4_address | * ) ] port ( integer | * ) ) ) [ |
|||
dscp integer ]; |
|||
query-source-v6 ( ( [ address ] ( ipv6_address | * ) [ |
|||
port ( integer | * ) ] ) | ( [ [ address ] ( |
|||
ipv6_address | * ) ] port ( integer | * ) ) ) [ |
|||
dscp integer ]; |
|||
request-expire boolean; |
|||
request-ixfr boolean; |
|||
request-nsid boolean; |
|||
send-cookie boolean; |
|||
tcp-only boolean; |
|||
transfer-format ( many-answers | one-answer ); |
|||
transfer-source ( ipv4_address | * ) [ port ( integer | |
|||
* ) ] [ dscp integer ]; |
|||
transfer-source-v6 ( ipv6_address | * ) [ port ( |
|||
integer | * ) ] [ dscp integer ]; |
|||
transfers integer; |
|||
}; |
|||
servfail-ttl ttlval; |
|||
sig-signing-nodes integer; |
|||
sig-signing-signatures integer; |
|||
sig-signing-type integer; |
|||
sig-validity-interval integer [ integer ]; |
|||
sortlist { address_match_element; ... }; |
|||
transfer-format ( many-answers | one-answer ); |
|||
transfer-source ( ipv4_address | * ) [ port ( integer | * ) ] [ |
|||
dscp integer ]; |
|||
transfer-source-v6 ( ipv6_address | * ) [ port ( integer | * ) |
|||
] [ dscp integer ]; |
|||
trust-anchor-telemetry boolean; // experimental |
|||
trusted-keys { string integer |
|||
integer integer quoted_string; |
|||
... }; |
|||
try-tcp-refresh boolean; |
|||
update-check-ksk boolean; |
|||
use-alt-transfer-source boolean; |
|||
v6-bias integer; |
|||
zero-no-soa-ttl boolean; |
|||
zero-no-soa-ttl-cache boolean; |
|||
zone string [ class ] { |
|||
allow-notify { address_match_element; ... }; |
|||
allow-query { address_match_element; ... }; |
|||
allow-query-on { address_match_element; ... }; |
|||
allow-transfer { address_match_element; ... }; |
|||
allow-update { address_match_element; ... }; |
|||
allow-update-forwarding { address_match_element; ... }; |
|||
also-notify [ port integer ] [ dscp integer ] { ( |
|||
masters | ipv4_address [ port integer ] | |
|||
ipv6_address [ port integer ] ) [ key string ]; |
|||
... }; |
|||
alt-transfer-source ( ipv4_address | * ) [ port ( |
|||
integer | * ) ] [ dscp integer ]; |
|||
alt-transfer-source-v6 ( ipv6_address | * ) [ port ( |
|||
integer | * ) ] [ dscp integer ]; |
|||
auto-dnssec ( allow | maintain | off ); |
|||
check-dup-records ( fail | warn | ignore ); |
|||
check-integrity boolean; |
|||
check-mx ( fail | warn | ignore ); |
|||
check-mx-cname ( fail | warn | ignore ); |
|||
check-names ( fail | warn | ignore ); |
|||
check-sibling boolean; |
|||
check-spf ( warn | ignore ); |
|||
check-srv-cname ( fail | warn | ignore ); |
|||
check-wildcard boolean; |
|||
database string; |
|||
delegation-only boolean; |
|||
dialup ( notify | notify-passive | passive | refresh | |
|||
boolean ); |
|||
dlz string; |
|||
dnssec-dnskey-kskonly boolean; |
|||
dnssec-loadkeys-interval integer; |
|||
dnssec-secure-to-insecure boolean; |
|||
dnssec-update-mode ( maintain | no-resign ); |
|||
file quoted_string; |
|||
forward ( first | only ); |
|||
forwarders [ port integer ] [ dscp integer ] { ( |
|||
ipv4_address | ipv6_address ) [ port integer ] [ |
|||
dscp integer ]; ... }; |
|||
in-view string; |
|||
inline-signing boolean; |
|||
ixfr-from-differences boolean; |
|||
journal quoted_string; |
|||
key-directory quoted_string; |
|||
masterfile-format ( map | raw | text ); |
|||
masterfile-style ( full | relative ); |
|||
masters [ port integer ] [ dscp integer ] { ( masters |
|||
| ipv4_address [ port integer ] | ipv6_address [ |
|||
port integer ] ) [ key string ]; ... }; |
|||
max-ixfr-log-size ( default | unlimited | |
|||
max-journal-size ( unlimited | sizeval ); |
|||
max-records integer; |
|||
max-refresh-time integer; |
|||
max-retry-time integer; |
|||
max-transfer-idle-in integer; |
|||
max-transfer-idle-out integer; |
|||
max-transfer-time-in integer; |
|||
max-transfer-time-out integer; |
|||
max-zone-ttl ( unlimited | ttlval ); |
|||
min-refresh-time integer; |
|||
min-retry-time integer; |
|||
multi-master boolean; |
|||
notify ( explicit | master-only | boolean ); |
|||
notify-delay integer; |
|||
notify-source ( ipv4_address | * ) [ port ( integer | * |
|||
) ] [ dscp integer ]; |
|||
notify-source-v6 ( ipv6_address | * ) [ port ( integer |
|||
| * ) ] [ dscp integer ]; |
|||
notify-to-soa boolean; |
|||
pubkey integer |
|||
integer |
|||
integer |
|||
request-expire boolean; |
|||
request-ixfr boolean; |
|||
serial-update-method ( date | increment | unixtime ); |
|||
server-addresses { ( ipv4_address | ipv6_address ); ... }; |
|||
server-names { quoted_string; ... }; |
|||
sig-signing-nodes integer; |
|||
sig-signing-signatures integer; |
|||
sig-signing-type integer; |
|||
sig-validity-interval integer [ integer ]; |
|||
transfer-source ( ipv4_address | * ) [ port ( integer | |
|||
* ) ] [ dscp integer ]; |
|||
transfer-source-v6 ( ipv6_address | * ) [ port ( |
|||
integer | * ) ] [ dscp integer ]; |
|||
try-tcp-refresh boolean; |
|||
type ( delegation-only | forward | hint | master | redirect |
|||
| slave | static-stub | stub ); |
|||
update-check-ksk boolean; |
|||
update-policy ( local | { ( deny | grant ) string ( |
|||
6to4-self | external | krb5-self | krb5-selfsub | |
|||
krb5-subdomain | ms-self | ms-selfsub | ms-subdomain | |
|||
name | self | selfsub | selfwild | subdomain | tcp-self |
|||
| wildcard | zonesub ) [ string ] rrtypelist; ... }; |
|||
use-alt-transfer-source boolean; |
|||
zero-no-soa-ttl boolean; |
|||
zone-statistics ( full | terse | none | boolean ); |
|||
}; |
|||
zone-statistics ( full | terse | none | boolean ); |
};
zone string [ class ] {
allow-notify { address_match_element; ... }; |
|
allow-query { address_match_element; ... }; |
|
allow-query-on { address_match_element; ... }; |
|
allow-transfer { address_match_element; ... }; |
|
allow-update { address_match_element; ... }; |
|
allow-update-forwarding { address_match_element; ... }; |
|
also-notify [ port integer ] [ dscp integer ] { ( masters | |
|
ipv4_address [ port integer ] | ipv6_address [ port |
|
integer ] ) [ key string ]; ... }; |
|
alt-transfer-source ( ipv4_address | * ) [ port ( integer | * ) |
|
] [ dscp integer ]; |
|
alt-transfer-source-v6 ( ipv6_address | * ) [ port ( integer | |
|
* ) ] [ dscp integer ]; |
|
auto-dnssec ( allow | maintain | off ); |
|
check-dup-records ( fail | warn | ignore ); |
|
check-integrity boolean; |
|
check-mx ( fail | warn | ignore ); |
|
check-mx-cname ( fail | warn | ignore ); |
|
check-names ( fail | warn | ignore ); |
|
check-sibling boolean; |
|
check-spf ( warn | ignore ); |
|
check-srv-cname ( fail | warn | ignore ); |
|
check-wildcard boolean; |
|
database string; |
|
delegation-only boolean; |
|
dialup ( notify | notify-passive | passive | refresh | boolean ); |
|
dlz string; |
|
dnssec-dnskey-kskonly boolean; |
|
dnssec-loadkeys-interval integer; |
|
dnssec-secure-to-insecure boolean; |
|
dnssec-update-mode ( maintain | no-resign ); |
|
file quoted_string; |
|
forward ( first | only ); |
|
forwarders [ port integer ] [ dscp integer ] { ( ipv4_address |
|
| ipv6_address ) [ port integer ] [ dscp integer ]; ... }; |
|
in-view string; |
|
inline-signing boolean; |
|
ixfr-from-differences boolean; |
|
journal quoted_string; |
|
key-directory quoted_string; |
|
masterfile-format ( map | raw | text ); |
|
masterfile-style ( full | relative ); |
|
masters [ port integer ] [ dscp integer ] { ( masters | |
|
ipv4_address [ port integer ] | ipv6_address [ port |
|
integer ] ) [ key string ]; ... }; |
|
max-journal-size ( unlimited | sizeval ); |
|
max-records integer; |
|
max-refresh-time integer; |
|
max-retry-time integer; |
|
max-transfer-idle-in integer; |
|
max-transfer-idle-out integer; |
|
max-transfer-time-in integer; |
|
max-transfer-time-out integer; |
|
max-zone-ttl ( unlimited | ttlval ); |
|
min-refresh-time integer; |
|
min-retry-time integer; |
|
multi-master boolean; |
|
notify ( explicit | master-only | boolean ); |
|
notify-delay integer; |
|
notify-source ( ipv4_address | * ) [ port ( integer | * ) ] [ |
|
dscp integer ]; |
|
notify-source-v6 ( ipv6_address | * ) [ port ( integer | * ) ] |
|
[ dscp integer ]; |
|
notify-to-soa boolean; |
|
pubkey integer integer |
|
request-expire boolean; |
|
request-ixfr boolean; |
|
serial-update-method ( date | increment | unixtime ); |
|
server-addresses { ( ipv4_address | ipv6_address ); ... }; |
|
server-names { quoted_string; ... }; |
|
sig-signing-nodes integer; |
|
sig-signing-signatures integer; |
|
sig-signing-type integer; |
|
sig-validity-interval integer [ integer ]; |
|
transfer-source ( ipv4_address | * ) [ port ( integer | * ) ] [ |
|
dscp integer ]; |
|
transfer-source-v6 ( ipv6_address | * ) [ port ( integer | * ) |
|
] [ dscp integer ]; |
|
try-tcp-refresh boolean; |
|
type ( delegation-only | forward | hint | master | redirect | slave |
|
| static-stub | stub ); |
|
update-check-ksk boolean; |
|
update-policy ( local | { ( deny | grant ) string ( 6to4-self | |
|
external | krb5-self | krb5-selfsub | krb5-subdomain | ms-self |
|
| ms-selfsub | ms-subdomain | name | self | selfsub | selfwild |
|
| subdomain | tcp-self | wildcard | zonesub ) [ string ] |
|
rrtypelist; ... }; |
|
use-alt-transfer-source boolean; |
|
zero-no-soa-ttl boolean; |
|
zone-statistics ( full | terse | none | boolean ); |
};
/etc/named.conf
ddns-confgen(8), named(8), named-checkconf(8), rndc(8), rndc-confgen(8), BIND 9 Administrator Reference Manual.
Internet Systems Consortium, Inc.
Copyright © 2004-2022 Internet Systems Consortium, Inc. ("ISC")