2005-12-29 04:22:58 +00:00

387 lines
17 KiB
Plaintext

This is a summary of the named.conf options supported by
this version of BIND 9.
options {
avoid-v4-udp-ports { <port>; ... };
avoid-v6-udp-ports { <port>; ... };
blackhole { <address_match_element>; ... };
coresize <size>;
datasize <size>;
deallocate-on-exit <boolean>; // obsolete
directory <quoted_string>;
dump-file <quoted_string>;
fake-iquery <boolean>; // obsolete
files <size>;
has-old-clients <boolean>; // obsolete
heartbeat-interval <integer>;
host-statistics <boolean>; // not implemented
host-statistics-max <integer>; // not implemented
hostname ( <quoted_string> | none );
interface-interval <integer>;
listen-on [ port <integer> ] { <address_match_element>; ... };
listen-on-v6 [ port <integer> ] { <address_match_element>; ... };
match-mapped-addresses <boolean>;
memstatistics-file <quoted_string>;
multiple-cnames <boolean>; // obsolete
named-xfer <quoted_string>; // obsolete
pid-file ( <quoted_string> | none );
port <integer>;
querylog <boolean>;
recursing-file <quoted_string>;
random-device <quoted_string>;
recursive-clients <integer>;
serial-queries <integer>; // obsolete
serial-query-rate <integer>;
server-id ( <quoted_string> | none |;
stacksize <size>;
statistics-file <quoted_string>;
statistics-interval <integer>; // not yet implemented
tcp-clients <integer>;
tcp-listen-queue <integer>;
tkey-dhkey <quoted_string> <integer>;
tkey-gssapi-credential <quoted_string>;
tkey-domain <quoted_string>;
transfers-per-ns <integer>;
transfers-in <integer>;
transfers-out <integer>;
treat-cr-as-space <boolean>; // obsolete
use-id-pool <boolean>; // obsolete
use-ixfr <boolean>;
version ( <quoted_string> | none );
flush-zones-on-shutdown <boolean>;
allow-recursion { <address_match_element>; ... };
allow-v6-synthesis { <address_match_element>; ... }; // obsolete
sortlist { <address_match_element>; ... };
topology { <address_match_element>; ... }; // not implemented
auth-nxdomain <boolean>; // default changed
minimal-responses <boolean>;
recursion <boolean>;
rrset-order { [ class <string> ] [ type <string> ] [ name
<quoted_string> ] <string> <string>; ... };
provide-ixfr <boolean>;
request-ixfr <boolean>;
fetch-glue <boolean>; // obsolete
rfc2308-type1 <boolean>; // not yet implemented
additional-from-auth <boolean>;
additional-from-cache <boolean>;
query-source <querysource4>;
query-source-v6 <querysource6>;
cleaning-interval <integer>;
min-roots <integer>; // not implemented
lame-ttl <integer>;
max-ncache-ttl <integer>;
max-cache-ttl <integer>;
transfer-format ( many-answers | one-answer );
max-cache-size <size_no_default>;
check-names ( master | slave | response ) ( fail | warn | ignore );
cache-file <quoted_string>;
suppress-initial-notify <boolean>; // not yet implemented
preferred-glue <string>;
dual-stack-servers [ port <integer> ] { ( <quoted_string> [port
<integer>] | <ipv4_address> [port <integer>] | <ipv6_address> [port <integer>] ); ... };
edns-udp-size <integer>;
root-delegation-only [ exclude { <quoted_string>; ... } ];
disable-algorithms <string> { <string>; ... };
dnssec-enable <boolean>;
dnssec-lookaside <string> trust-anchor <string>;
dnssec-must-be-secure <string> <boolean>;
allow-query { <address_match_element>; ... };
allow-transfer { <address_match_element>; ... };
allow-update-forwarding { <address_match_element>; ... };
allow-notify { <address_match_element>; ... };
notify <notifytype>;
notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
also-notify [ port <integer> ] { ( <ipv4_address> | <ipv6_address>
) [ port <integer> ]; ... };
dialup <dialuptype>;
forward ( first | only );
forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> )
[ port <integer> ]; ... };
ixfr-from-differences <boolean>;
maintain-ixfr-base <boolean>; // obsolete
max-ixfr-log-size <size>; // obsolete
max-journal-size <size_no_default>;
max-transfer-time-in <integer>;
max-transfer-time-out <integer>;
max-transfer-idle-in <integer>;
max-transfer-idle-out <integer>;
max-retry-time <integer>;
min-retry-time <integer>;
max-refresh-time <integer>;
min-refresh-time <integer>;
multi-master <boolean>;
sig-validity-interval <integer>;
transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
alt-transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * )
];
alt-transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> |
* ) ];
use-alt-transfer-source <boolean>;
zone-statistics <boolean>;
key-directory <quoted_string>;
};
controls {
inet ( <ipv4_address> | <ipv6_address> | * ) [ port ( <integer> | *
) ] allow { <address_match_element>; ... } [ keys { <string>; ... } ];
unix <unsupported>; // not implemented
};
acl <string> { <address_match_element>; ... };
masters <string> [ port <integer> ] { ( <masters> | <ipv4_address> [port
<integer>] | <ipv6_address> [port <integer>] ) [ key <string> ]; ... };
logging {
channel <string> {
file <log_file>;
syslog <optional_facility>;
null;
stderr;
severity <log_severity>;
print-time <boolean>;
print-severity <boolean>;
print-category <boolean>;
};
category <string> { <string>; ... };
};
view <string> <optional_class> {
match-clients { <address_match_element>; ... };
match-destinations { <address_match_element>; ... };
match-recursive-only <boolean>;
key <string> {
algorithm <string>;
secret <string>;
};
zone <string> <optional_class> {
type ( master | slave | stub | hint | forward |
delegation-only );
allow-update { <address_match_element>; ... };
file <quoted_string>;
ixfr-base <quoted_string>; // obsolete
ixfr-tmp-file <quoted_string>; // obsolete
masters [ port <integer> ] { ( <masters> | <ipv4_address>
[port <integer>] | <ipv6_address> [port <integer>] ) [ key <string> ]; ... };
pubkey <integer> <integer> <integer> <quoted_string>; //
obsolete
update-policy { ( grant | deny ) <string> ( name |
subdomain | wildcard | self ) <string> <rrtypelist>; ... };
database <string>;
delegation-only <boolean>;
check-names ( fail | warn | ignore );
allow-query { <address_match_element>; ... };
allow-transfer { <address_match_element>; ... };
allow-update-forwarding { <address_match_element>; ... };
allow-notify { <address_match_element>; ... };
notify <notifytype>;
notify-source ( <ipv4_address> | * ) [ port ( <integer> | *
) ];
notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer>
| * ) ];
also-notify [ port <integer> ] { ( <ipv4_address> |
<ipv6_address> ) [ port <integer> ]; ... };
dialup <dialuptype>;
forward ( first | only );
forwarders [ port <integer> ] { ( <ipv4_address> |
<ipv6_address> ) [ port <integer> ]; ... };
ixfr-from-differences <boolean>;
maintain-ixfr-base <boolean>; // obsolete
max-ixfr-log-size <size>; // obsolete
max-journal-size <size_no_default>;
max-transfer-time-in <integer>;
max-transfer-time-out <integer>;
max-transfer-idle-in <integer>;
max-transfer-idle-out <integer>;
max-retry-time <integer>;
min-retry-time <integer>;
max-refresh-time <integer>;
min-refresh-time <integer>;
multi-master <boolean>;
sig-validity-interval <integer>;
transfer-source ( <ipv4_address> | * ) [ port ( <integer> |
* ) ];
transfer-source-v6 ( <ipv6_address> | * ) [ port (
<integer> | * ) ];
alt-transfer-source ( <ipv4_address> | * ) [ port (
<integer> | * ) ];
alt-transfer-source-v6 ( <ipv6_address> | * ) [ port (
<integer> | * ) ];
use-alt-transfer-source <boolean>;
zone-statistics <boolean>;
key-directory <quoted_string>;
};
server <netaddr> {
bogus <boolean>;
provide-ixfr <boolean>;
request-ixfr <boolean>;
support-ixfr <boolean>; // obsolete
transfers <integer>;
transfer-format ( many-answers | one-answer );
keys <server_key>;
edns <boolean>;
transfer-source ( <ipv4_address> | * ) [ port ( <integer> |
* ) ];
transfer-source-v6 ( <ipv6_address> | * ) [ port (
<integer> | * ) ];
};
trusted-keys { <string> <integer> <integer> <integer>
<quoted_string>; ... };
allow-recursion { <address_match_element>; ... };
allow-v6-synthesis { <address_match_element>; ... }; // obsolete
sortlist { <address_match_element>; ... };
topology { <address_match_element>; ... }; // not implemented
auth-nxdomain <boolean>; // default changed
minimal-responses <boolean>;
recursion <boolean>;
rrset-order { [ class <string> ] [ type <string> ] [ name
<quoted_string> ] <string> <string>; ... };
provide-ixfr <boolean>;
request-ixfr <boolean>;
fetch-glue <boolean>; // obsolete
rfc2308-type1 <boolean>; // not yet implemented
additional-from-auth <boolean>;
additional-from-cache <boolean>;
query-source <querysource4>;
query-source-v6 <querysource6>;
cleaning-interval <integer>;
min-roots <integer>; // not implemented
lame-ttl <integer>;
max-ncache-ttl <integer>;
max-cache-ttl <integer>;
transfer-format ( many-answers | one-answer );
max-cache-size <size_no_default>;
check-names ( master | slave | response ) ( fail | warn | ignore );
cache-file <quoted_string>;
suppress-initial-notify <boolean>; // not yet implemented
preferred-glue <string>;
dual-stack-servers [ port <integer> ] { ( <quoted_string> [port
<integer>] | <ipv4_address> [port <integer>] | <ipv6_address> [port <integer>] ); ... };
edns-udp-size <integer>;
root-delegation-only [ exclude { <quoted_string>; ... } ];
disable-algorithms <string> { <string>; ... };
dnssec-enable <boolean>;
dnssec-lookaside <string> trust-anchor <string>;
dnssec-must-be-secure <string> <boolean>;
allow-query { <address_match_element>; ... };
allow-transfer { <address_match_element>; ... };
allow-update-forwarding { <address_match_element>; ... };
allow-notify { <address_match_element>; ... };
notify <notifytype>;
notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
also-notify [ port <integer> ] { ( <ipv4_address> | <ipv6_address>
) [ port <integer> ]; ... };
dialup <dialuptype>;
forward ( first | only );
forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> )
[ port <integer> ]; ... };
ixfr-from-differences <boolean>;
maintain-ixfr-base <boolean>; // obsolete
max-ixfr-log-size <size>; // obsolete
max-journal-size <size_no_default>;
max-transfer-time-in <integer>;
max-transfer-time-out <integer>;
max-transfer-idle-in <integer>;
max-transfer-idle-out <integer>;
max-retry-time <integer>;
min-retry-time <integer>;
max-refresh-time <integer>;
min-refresh-time <integer>;
multi-master <boolean>;
sig-validity-interval <integer>;
transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
alt-transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * )
];
alt-transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> |
* ) ];
use-alt-transfer-source <boolean>;
zone-statistics <boolean>;
key-directory <quoted_string>;
};
lwres {
listen-on [ port <integer> ] { ( <ipv4_address> | <ipv6_address> )
[ port <integer> ]; ... };
view <string> <optional_class>;
search { <string>; ... };
ndots <integer>;
};
key <string> {
algorithm <string>;
secret <string>;
};
zone <string> <optional_class> {
type ( master | slave | stub | hint | forward | delegation-only );
allow-update { <address_match_element>; ... };
file <quoted_string>;
ixfr-base <quoted_string>; // obsolete
ixfr-tmp-file <quoted_string>; // obsolete
masters [ port <integer> ] { ( <masters> | <ipv4_address> [port
<integer>] | <ipv6_address> [port <integer>] ) [ key <string> ]; ... };
pubkey <integer> <integer> <integer> <quoted_string>; // obsolete
update-policy { ( grant | deny ) <string> ( name | subdomain |
wildcard | self ) <string> <rrtypelist>; ... };
database <string>;
delegation-only <boolean>;
check-names ( fail | warn | ignore );
allow-query { <address_match_element>; ... };
allow-transfer { <address_match_element>; ... };
allow-update-forwarding { <address_match_element>; ... };
allow-notify { <address_match_element>; ... };
notify <notifytype>;
notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
also-notify [ port <integer> ] { ( <ipv4_address> | <ipv6_address>
) [ port <integer> ]; ... };
dialup <dialuptype>;
forward ( first | only );
forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> )
[ port <integer> ]; ... };
ixfr-from-differences <boolean>;
maintain-ixfr-base <boolean>; // obsolete
max-ixfr-log-size <size>; // obsolete
max-journal-size <size_no_default>;
max-transfer-time-in <integer>;
max-transfer-time-out <integer>;
max-transfer-idle-in <integer>;
max-transfer-idle-out <integer>;
max-retry-time <integer>;
min-retry-time <integer>;
max-refresh-time <integer>;
min-refresh-time <integer>;
multi-master <boolean>;
sig-validity-interval <integer>;
transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
alt-transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * )
];
alt-transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> |
* ) ];
use-alt-transfer-source <boolean>;
zone-statistics <boolean>;
key-directory <quoted_string>;
};
server <netaddr> {
bogus <boolean>;
provide-ixfr <boolean>;
request-ixfr <boolean>;
support-ixfr <boolean>; // obsolete
transfers <integer>;
transfer-format ( many-answers | one-answer );
keys <server_key>;
edns <boolean>;
transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
};
trusted-keys { <string> <integer> <integer> <integer> <quoted_string>; ... };