NAMED\&.CONF

Section: BIND9 (5)
Updated: 2018-06-21
Return to Main Contents
 

NAME

named.conf - configuration file for named  

SYNOPSIS

named.conf
 

DESCRIPTION

named.conf is the configuration file for named. Statements are enclosed in braces and terminated with a semi-colon. Clauses in the statements are also semi-colon terminated. The usual comment styles are supported:

C style: /* */

C++ style: // to end of line

Unix style: # to end of line  

ACL

acl string { address_match_element; ... };
 

CONTROLS

controls {
        inet ( ipv4_address | ipv6_address |
            * ) [ port ( integer | * ) ] allow
            { address_match_element; ... } [
            keys { string; ... } ] [ read-only
            boolean ];
        unix quoted_string perm integer
            owner integer group integer [
            keys { string; ... } ] [ read-only
            boolean ];
};
 

DLZ

dlz string {
        database string;
        search boolean;
};
 

DYNDB

dyndb string quoted_string {
    unspecified-text };
 

KEY

key string {
        algorithm string;
        secret string;
};
 

LOGGING

logging {
        category string { string; ... };
        channel string {
                buffered boolean;
                file quoted_string [ versions ( "unlimited" | integer )
                    ] [ size size ];
                null;
                print-category boolean;
                print-severity boolean;
                print-time boolean;
                severity log_severity;
                stderr;
                syslog [ syslog_facility ];
        };
};
 

LWRES

lwres {
        listen-on [ port integer ] [ dscp integer ] { ( ipv4_address
            | ipv6_address ) [ port integer ] [ dscp integer ]; ... };
        lwres-clients integer;
        lwres-tasks integer;
        ndots integer;
        search { string; ... };
        view string [ class ];
};
 

MANAGED-KEYS

managed-keys { string string integer
    integer integer quoted_string; ... };
 

MASTERS

masters string [ port integer ] [ dscp
    integer ] { ( masters | ipv4_address [
    port integer ] | ipv6_address [ port
    integer ] ) [ key string ]; ... };
 

OPTIONS

options {
        acache-cleaning-interval integer;
        acache-enable boolean;
        additional-from-auth boolean;
        additional-from-cache boolean;
        allow-new-zones boolean;
        allow-notify { address_match_element; ... };
        allow-query { address_match_element; ... };
        allow-query-cache { address_match_element; ... };
        allow-query-cache-on { address_match_element; ... };
        allow-query-on { address_match_element; ... };
        allow-recursion { address_match_element; ... };
        allow-recursion-on { address_match_element; ... };
        allow-transfer { address_match_element; ... };
        allow-update { address_match_element; ... };
        allow-update-forwarding { address_match_element; ... };
        also-notify [ port integer ] [ dscp integer ] { ( masters |
            ipv4_address [ port integer ] | ipv6_address [ port
            integer ] ) [ key string ]; ... };
        alt-transfer-source ( ipv4_address | * ) [ port ( integer | * )
            ] [ dscp integer ];
        alt-transfer-source-v6 ( ipv6_address | * ) [ port ( integer |
            * ) ] [ dscp integer ];
        answer-cookie boolean;
        attach-cache string;
        auth-nxdomain boolean; // default changed
        auto-dnssec ( allow | maintain | off );
        automatic-interface-scan boolean;
        avoid-v4-udp-ports { portrange; ... };
        avoid-v6-udp-ports { portrange; ... };
        bindkeys-file quoted_string;
        blackhole { address_match_element; ... };
        cache-file quoted_string;
        catalog-zones { zone quoted_string [ default-masters [ port
            integer ] [ dscp integer ] { ( masters | ipv4_address [
            port integer ] | ipv6_address [ port integer ] ) [ key
            string ]; ... } ] [ zone-directory quoted_string ] [
            in-memory boolean ] [ min-update-interval integer ]; ... };
        check-dup-records ( fail | warn | ignore );
        check-integrity boolean;
        check-mx ( fail | warn | ignore );
        check-mx-cname ( fail | warn | ignore );
        check-names ( master | slave | response
            ) ( fail | warn | ignore );
        check-sibling boolean;
        check-spf ( warn | ignore );
        check-srv-cname ( fail | warn | ignore );
        check-wildcard boolean;
        cleaning-interval integer;
        clients-per-query integer;
        cookie-algorithm ( aes | sha1 | sha256 );
        cookie-secret string;
        coresize ( default | unlimited | sizeval );
        datasize ( default | unlimited | sizeval );
        deny-answer-addresses { address_match_element; ... } [
            except-from { quoted_string; ... } ];
        deny-answer-aliases { quoted_string; ... } [ except-from {
            quoted_string; ... } ];
        dialup ( notify | notify-passive | passive | refresh | boolean );
        directory quoted_string;
        disable-algorithms string { string;
            ... };
        disable-ds-digests string { string;
            ... };
        disable-empty-zone string;
        dns64 netprefix {
                break-dnssec boolean;
                clients { address_match_element; ... };
                exclude { address_match_element; ... };
                mapped { address_match_element; ... };
                recursive-only boolean;
                suffix ipv6_address;
        };
        dns64-contact string;
        dns64-server string;
        dnssec-accept-expired boolean;
        dnssec-dnskey-kskonly boolean;
        dnssec-enable boolean;
        dnssec-loadkeys-interval integer;
        dnssec-lookaside ( string trust-anchor
            string | auto | no );
        dnssec-must-be-secure string boolean;
        dnssec-secure-to-insecure boolean;
        dnssec-update-mode ( maintain | no-resign );
        dnssec-validation ( yes | no | auto );
        dnstap { ( all | auth | client | forwarder |
            resolver ) [ ( query | response ) ]; ... };
        dnstap-identity ( quoted_string | none |
            hostname );
        dnstap-output ( file | unix ) quoted_string;
        dnstap-version ( quoted_string | none );
        dscp integer;
        dual-stack-servers [ port integer ] { ( quoted_string [ port
            integer ] [ dscp integer ] | ipv4_address [ port
            integer ] [ dscp integer ] | ipv6_address [ port
            integer ] [ dscp integer ] ); ... };
        dump-file quoted_string;
        edns-udp-size integer;
        empty-contact string;
        empty-server string;
        empty-zones-enable boolean;
        fetch-quota-params integer fixedpoint fixedpoint fixedpoint;
        fetches-per-server integer [ ( drop | fail ) ];
        fetches-per-zone integer [ ( drop | fail ) ];
        files ( default | unlimited | sizeval );
        filter-aaaa { address_match_element; ... };
        filter-aaaa-on-v4 ( break-dnssec | boolean );
        filter-aaaa-on-v6 ( break-dnssec | boolean );
        flush-zones-on-shutdown boolean;
        forward ( first | only );
        forwarders [ port integer ] [ dscp integer ] { ( ipv4_address
            | ipv6_address ) [ port integer ] [ dscp integer ]; ... };
        fstrm-set-buffer-hint integer;
        fstrm-set-flush-timeout integer;
        fstrm-set-input-queue-size integer;
        fstrm-set-output-notify-threshold integer;
        fstrm-set-output-queue-model ( mpsc | spsc );
        fstrm-set-output-queue-size integer;
        fstrm-set-reopen-interval integer;
        geoip-directory ( quoted_string | none );
        geoip-use-ecs boolean;
        heartbeat-interval integer;
        hostname ( quoted_string | none );
        inline-signing boolean;
        interface-interval integer;
        ixfr-from-differences ( master | slave | boolean );
        keep-response-order { address_match_element; ... };
        key-directory quoted_string;
        lame-ttl ttlval;
        listen-on [ port integer ] [ dscp
            integer ] {
            address_match_element; ... };
        listen-on-v6 [ port integer ] [ dscp
            integer ] {
            address_match_element; ... };
        lmdb-mapsize sizeval;
        lock-file ( quoted_string | none );
        managed-keys-directory quoted_string;
        masterfile-format ( map | raw | text );
        masterfile-style ( full | relative );
        match-mapped-addresses boolean;
        max-acache-size ( unlimited | sizeval );
        max-cache-size ( default | unlimited | sizeval | percentage );
        max-cache-ttl integer;
        max-clients-per-query integer;
        max-journal-size ( unlimited | sizeval );
        max-ncache-ttl integer;
        max-records integer;
        max-recursion-depth integer;
        max-recursion-queries integer;
        max-refresh-time integer;
        max-retry-time integer;
        max-rsa-exponent-size integer;
        max-transfer-idle-in integer;
        max-transfer-idle-out integer;
        max-transfer-time-in integer;
        max-transfer-time-out integer;
        max-udp-size integer;
        max-zone-ttl ( unlimited | ttlval );
        memstatistics boolean;
        memstatistics-file quoted_string;
        message-compression boolean;
        min-refresh-time integer;
        min-retry-time integer;
        minimal-any boolean;
        minimal-responses ( no-auth | no-auth-recursive | boolean );
        multi-master boolean;
        no-case-compress { address_match_element; ... };
        nocookie-udp-size integer;
        notify ( explicit | master-only | boolean );
        notify-delay integer;
        notify-rate integer;
        notify-source ( ipv4_address | * ) [ port ( integer | * ) ] [
            dscp integer ];
        notify-source-v6 ( ipv6_address | * ) [ port ( integer | * ) ]
            [ dscp integer ];
        notify-to-soa boolean;
        nta-lifetime ttlval;
        nta-recheck ttlval;
        nxdomain-redirect string;
        pid-file ( quoted_string | none );
        port integer;
        preferred-glue string;
        prefetch integer [ integer ];
        provide-ixfr boolean;
        query-source ( ( [ address ] ( ipv4_address | * ) [ port (
            integer | * ) ] ) | ( [ [ address ] ( ipv4_address | * ) ]
            port ( integer | * ) ) ) [ dscp integer ];
        query-source-v6 ( ( [ address ] ( ipv6_address | * ) [ port (
            integer | * ) ] ) | ( [ [ address ] ( ipv6_address | * ) ]
            port ( integer | * ) ) ) [ dscp integer ];
        querylog boolean;
        random-device quoted_string;
        rate-limit {
                all-per-second integer;
                errors-per-second integer;
                exempt-clients { address_match_element; ... };
                ipv4-prefix-length integer;
                ipv6-prefix-length integer;
                log-only boolean;
                max-table-size integer;
                min-table-size integer;
                nodata-per-second integer;
                nxdomains-per-second integer;
                qps-scale integer;
                referrals-per-second integer;
                responses-per-second integer;
                slip integer;
                window integer;
        };
        recursing-file quoted_string;
        recursion boolean;
        recursive-clients integer;
        request-expire boolean;
        request-ixfr boolean;
        request-nsid boolean;
        require-server-cookie boolean;
        reserved-sockets integer;
        resolver-query-timeout integer;
        response-policy { zone quoted_string [ log boolean ] [
            max-policy-ttl integer ] [ policy ( cname | disabled | drop |
            given | no-op | nodata | nxdomain | passthru | tcp-only
            quoted_string ) ] [ recursive-only boolean ]; ... } [
            break-dnssec boolean ] [ max-policy-ttl integer ] [
            min-ns-dots integer ] [ nsip-wait-recurse boolean ] [
            qname-wait-recurse boolean ] [ recursive-only boolean ];
        root-delegation-only [ exclude { quoted_string; ... } ];
        root-key-sentinel boolean;
        rrset-order { [ class string ] [ type string ] [ name
            quoted_string ] string string; ... };
        secroots-file quoted_string;
        send-cookie boolean;
        serial-query-rate integer;
        serial-update-method ( date | increment | unixtime );
        server-id ( quoted_string | none | hostname );
        servfail-ttl ttlval;
        session-keyalg string;
        session-keyfile ( quoted_string | none );
        session-keyname string;
        sig-signing-nodes integer;
        sig-signing-signatures integer;
        sig-signing-type integer;
        sig-validity-interval integer [ integer ];
        sortlist { address_match_element; ... };
        stacksize ( default | unlimited | sizeval );
        startup-notify-rate integer;
        statistics-file quoted_string;
        tcp-clients integer;
        tcp-listen-queue integer;
        tkey-dhkey quoted_string integer;
        tkey-domain quoted_string;
        tkey-gssapi-credential quoted_string;
        tkey-gssapi-keytab quoted_string;
        transfer-format ( many-answers | one-answer );
        transfer-message-size integer;
        transfer-source ( ipv4_address | * ) [ port ( integer | * ) ] [
            dscp integer ];
        transfer-source-v6 ( ipv6_address | * ) [ port ( integer | * )
            ] [ dscp integer ];
        transfers-in integer;
        transfers-out integer;
        transfers-per-ns integer;
        trust-anchor-telemetry boolean; // experimental
        try-tcp-refresh boolean;
        update-check-ksk boolean;
        use-alt-transfer-source boolean;
        use-v4-udp-ports { portrange; ... };
        use-v6-udp-ports { portrange; ... };
        v6-bias integer;
        version ( quoted_string | none );
        zero-no-soa-ttl boolean;
        zero-no-soa-ttl-cache boolean;
        zone-statistics ( full | terse | none | boolean );
};
 

SERVER

server netprefix {
        bogus boolean;
        edns boolean;
        edns-udp-size integer;
        edns-version integer;
        keys server_key;
        max-udp-size integer;
        notify-source ( ipv4_address | * ) [ port ( integer | * ) ] [
            dscp integer ];
        notify-source-v6 ( ipv6_address | * ) [ port ( integer | * ) ]
            [ dscp integer ];
        provide-ixfr boolean;
        query-source ( ( [ address ] ( ipv4_address | * ) [ port (
            integer | * ) ] ) | ( [ [ address ] ( ipv4_address | * ) ]
            port ( integer | * ) ) ) [ dscp integer ];
        query-source-v6 ( ( [ address ] ( ipv6_address | * ) [ port (
            integer | * ) ] ) | ( [ [ address ] ( ipv6_address | * ) ]
            port ( integer | * ) ) ) [ dscp integer ];
        request-expire boolean;
        request-ixfr boolean;
        request-nsid boolean;
        send-cookie boolean;
        tcp-only boolean;
        transfer-format ( many-answers | one-answer );
        transfer-source ( ipv4_address | * ) [ port ( integer | * ) ] [
            dscp integer ];
        transfer-source-v6 ( ipv6_address | * ) [ port ( integer | * )
            ] [ dscp integer ];
        transfers integer;
};
 

STATISTICS-CHANNELS

statistics-channels {
        inet ( ipv4_address | ipv6_address |
            * ) [ port ( integer | * ) ] [
            allow { address_match_element; ...
            } ];
};
 

TRUSTED-KEYS

trusted-keys { string integer integer
    integer quoted_string; ... };
 

VIEW

view string [ class ] {
        acache-cleaning-interval integer;
        acache-enable boolean;
        additional-from-auth boolean;
        additional-from-cache boolean;
        allow-new-zones boolean;
        allow-notify { address_match_element; ... };
        allow-query { address_match_element; ... };
        allow-query-cache { address_match_element; ... };
        allow-query-cache-on { address_match_element; ... };
        allow-query-on { address_match_element; ... };
        allow-recursion { address_match_element; ... };
        allow-recursion-on { address_match_element; ... };
        allow-transfer { address_match_element; ... };
        allow-update { address_match_element; ... };
        allow-update-forwarding { address_match_element; ... };
        also-notify [ port integer ] [ dscp integer ] { ( masters |
            ipv4_address [ port integer ] | ipv6_address [ port
            integer ] ) [ key string ]; ... };
        alt-transfer-source ( ipv4_address | * ) [ port ( integer | * )
            ] [ dscp integer ];
        alt-transfer-source-v6 ( ipv6_address | * ) [ port ( integer |
            * ) ] [ dscp integer ];
        attach-cache string;
        auth-nxdomain boolean; // default changed
        auto-dnssec ( allow | maintain | off );
        cache-file quoted_string;
        catalog-zones { zone quoted_string [ default-masters [ port
            integer ] [ dscp integer ] { ( masters | ipv4_address [
            port integer ] | ipv6_address [ port integer ] ) [ key
            string ]; ... } ] [ zone-directory quoted_string ] [
            in-memory boolean ] [ min-update-interval integer ]; ... };
        check-dup-records ( fail | warn | ignore );
        check-integrity boolean;
        check-mx ( fail | warn | ignore );
        check-mx-cname ( fail | warn | ignore );
        check-names ( master | slave | response
            ) ( fail | warn | ignore );
        check-sibling boolean;
        check-spf ( warn | ignore );
        check-srv-cname ( fail | warn | ignore );
        check-wildcard boolean;
        cleaning-interval integer;
        clients-per-query integer;
        deny-answer-addresses { address_match_element; ... } [
            except-from { quoted_string; ... } ];
        deny-answer-aliases { quoted_string; ... } [ except-from {
            quoted_string; ... } ];
        dialup ( notify | notify-passive | passive | refresh | boolean );
        disable-algorithms string { string;
            ... };
        disable-ds-digests string { string;
            ... };
        disable-empty-zone string;
        dlz string {
                database string;
                search boolean;
        };
        dns64 netprefix {
                break-dnssec boolean;
                clients { address_match_element; ... };
                exclude { address_match_element; ... };
                mapped { address_match_element; ... };
                recursive-only boolean;
                suffix ipv6_address;
        };
        dns64-contact string;
        dns64-server string;
        dnssec-accept-expired boolean;
        dnssec-dnskey-kskonly boolean;
        dnssec-enable boolean;
        dnssec-loadkeys-interval integer;
        dnssec-lookaside ( string trust-anchor
            string | auto | no );
        dnssec-must-be-secure string boolean;
        dnssec-secure-to-insecure boolean;
        dnssec-update-mode ( maintain | no-resign );
        dnssec-validation ( yes | no | auto );
        dnstap { ( all | auth | client | forwarder |
            resolver ) [ ( query | response ) ]; ... };
        dual-stack-servers [ port integer ] { ( quoted_string [ port
            integer ] [ dscp integer ] | ipv4_address [ port
            integer ] [ dscp integer ] | ipv6_address [ port
            integer ] [ dscp integer ] ); ... };
        dyndb string quoted_string {
            unspecified-text };
        edns-udp-size integer;
        empty-contact string;
        empty-server string;
        empty-zones-enable boolean;
        fetch-quota-params integer fixedpoint fixedpoint fixedpoint;
        fetches-per-server integer [ ( drop | fail ) ];
        fetches-per-zone integer [ ( drop | fail ) ];
        filter-aaaa { address_match_element; ... };
        filter-aaaa-on-v4 ( break-dnssec | boolean );
        filter-aaaa-on-v6 ( break-dnssec | boolean );
        forward ( first | only );
        forwarders [ port integer ] [ dscp integer ] { ( ipv4_address
            | ipv6_address ) [ port integer ] [ dscp integer ]; ... };
        inline-signing boolean;
        ixfr-from-differences ( master | slave | boolean );
        key string {
                algorithm string;
                secret string;
        };
        key-directory quoted_string;
        lame-ttl ttlval;
        lmdb-mapsize sizeval;
        managed-keys { string string
            integer integer integer
            quoted_string; ... };
        masterfile-format ( map | raw | text );
        masterfile-style ( full | relative );
        match-clients { address_match_element; ... };
        match-destinations { address_match_element; ... };
        match-recursive-only boolean;
        max-acache-size ( unlimited | sizeval );
        max-cache-size ( default | unlimited | sizeval | percentage );
        max-cache-ttl integer;
        max-clients-per-query integer;
        max-journal-size ( unlimited | sizeval );
        max-ncache-ttl integer;
        max-records integer;
        max-recursion-depth integer;
        max-recursion-queries integer;
        max-refresh-time integer;
        max-retry-time integer;
        max-transfer-idle-in integer;
        max-transfer-idle-out integer;
        max-transfer-time-in integer;
        max-transfer-time-out integer;
        max-udp-size integer;
        max-zone-ttl ( unlimited | ttlval );
        message-compression boolean;
        min-refresh-time integer;
        min-retry-time integer;
        minimal-any boolean;
        minimal-responses ( no-auth | no-auth-recursive | boolean );
        multi-master boolean;
        no-case-compress { address_match_element; ... };
        nocookie-udp-size integer;
        notify ( explicit | master-only | boolean );
        notify-delay integer;
        notify-source ( ipv4_address | * ) [ port ( integer | * ) ] [
            dscp integer ];
        notify-source-v6 ( ipv6_address | * ) [ port ( integer | * ) ]
            [ dscp integer ];
        notify-to-soa boolean;
        nta-lifetime ttlval;
        nta-recheck ttlval;
        nxdomain-redirect string;
        preferred-glue string;
        prefetch integer [ integer ];
        provide-ixfr boolean;
        query-source ( ( [ address ] ( ipv4_address | * ) [ port (
            integer | * ) ] ) | ( [ [ address ] ( ipv4_address | * ) ]
            port ( integer | * ) ) ) [ dscp integer ];
        query-source-v6 ( ( [ address ] ( ipv6_address | * ) [ port (
            integer | * ) ] ) | ( [ [ address ] ( ipv6_address | * ) ]
            port ( integer | * ) ) ) [ dscp integer ];
        rate-limit {
                all-per-second integer;
                errors-per-second integer;
                exempt-clients { address_match_element; ... };
                ipv4-prefix-length integer;
                ipv6-prefix-length integer;
                log-only boolean;
                max-table-size integer;
                min-table-size integer;
                nodata-per-second integer;
                nxdomains-per-second integer;
                qps-scale integer;
                referrals-per-second integer;
                responses-per-second integer;
                slip integer;
                window integer;
        };
        recursion boolean;
        request-expire boolean;
        request-ixfr boolean;
        request-nsid boolean;
        require-server-cookie boolean;
        resolver-query-timeout integer;
        response-policy { zone quoted_string [ log boolean ] [
            max-policy-ttl integer ] [ policy ( cname | disabled | drop |
            given | no-op | nodata | nxdomain | passthru | tcp-only
            quoted_string ) ] [ recursive-only boolean ]; ... } [
            break-dnssec boolean ] [ max-policy-ttl integer ] [
            min-ns-dots integer ] [ nsip-wait-recurse boolean ] [
            qname-wait-recurse boolean ] [ recursive-only boolean ];
        root-delegation-only [ exclude { quoted_string; ... } ];
        root-key-sentinel boolean;
        rrset-order { [ class string ] [ type string ] [ name
            quoted_string ] string string; ... };
        send-cookie boolean;
        serial-update-method ( date | increment | unixtime );
        server netprefix {
                bogus boolean;
                edns boolean;
                edns-udp-size integer;
                edns-version integer;
                keys server_key;
                max-udp-size integer;
                notify-source ( ipv4_address | * ) [ port ( integer | *
                    ) ] [ dscp integer ];
                notify-source-v6 ( ipv6_address | * ) [ port ( integer
                    | * ) ] [ dscp integer ];
                provide-ixfr boolean;
                query-source ( ( [ address ] ( ipv4_address | * ) [ port
                    ( integer | * ) ] ) | ( [ [ address ] (
                    ipv4_address | * ) ] port ( integer | * ) ) ) [
                    dscp integer ];
                query-source-v6 ( ( [ address ] ( ipv6_address | * ) [
                    port ( integer | * ) ] ) | ( [ [ address ] (
                    ipv6_address | * ) ] port ( integer | * ) ) ) [
                    dscp integer ];
                request-expire boolean;
                request-ixfr boolean;
                request-nsid boolean;
                send-cookie boolean;
                tcp-only boolean;
                transfer-format ( many-answers | one-answer );
                transfer-source ( ipv4_address | * ) [ port ( integer |
                    * ) ] [ dscp integer ];
                transfer-source-v6 ( ipv6_address | * ) [ port (
                    integer | * ) ] [ dscp integer ];
                transfers integer;
        };
        servfail-ttl ttlval;
        sig-signing-nodes integer;
        sig-signing-signatures integer;
        sig-signing-type integer;
        sig-validity-interval integer [ integer ];
        sortlist { address_match_element; ... };
        transfer-format ( many-answers | one-answer );
        transfer-source ( ipv4_address | * ) [ port ( integer | * ) ] [
            dscp integer ];
        transfer-source-v6 ( ipv6_address | * ) [ port ( integer | * )
            ] [ dscp integer ];
        trust-anchor-telemetry boolean; // experimental
        trusted-keys { string integer
            integer integer quoted_string;
            ... };
        try-tcp-refresh boolean;
        update-check-ksk boolean;
        use-alt-transfer-source boolean;
        v6-bias integer;
        zero-no-soa-ttl boolean;
        zero-no-soa-ttl-cache boolean;
        zone string [ class ] {
                allow-notify { address_match_element; ... };
                allow-query { address_match_element; ... };
                allow-query-on { address_match_element; ... };
                allow-transfer { address_match_element; ... };
                allow-update { address_match_element; ... };
                allow-update-forwarding { address_match_element; ... };
                also-notify [ port integer ] [ dscp integer ] { (
                    masters | ipv4_address [ port integer ] |
                    ipv6_address [ port integer ] ) [ key string ];
                    ... };
                alt-transfer-source ( ipv4_address | * ) [ port (
                    integer | * ) ] [ dscp integer ];
                alt-transfer-source-v6 ( ipv6_address | * ) [ port (
                    integer | * ) ] [ dscp integer ];
                auto-dnssec ( allow | maintain | off );
                check-dup-records ( fail | warn | ignore );
                check-integrity boolean;
                check-mx ( fail | warn | ignore );
                check-mx-cname ( fail | warn | ignore );
                check-names ( fail | warn | ignore );
                check-sibling boolean;
                check-spf ( warn | ignore );
                check-srv-cname ( fail | warn | ignore );
                check-wildcard boolean;
                database string;
                delegation-only boolean;
                dialup ( notify | notify-passive | passive | refresh |
                    boolean );
                dlz string;
                dnssec-dnskey-kskonly boolean;
                dnssec-loadkeys-interval integer;
                dnssec-secure-to-insecure boolean;
                dnssec-update-mode ( maintain | no-resign );
                file quoted_string;
                forward ( first | only );
                forwarders [ port integer ] [ dscp integer ] { (
                    ipv4_address | ipv6_address ) [ port integer ] [
                    dscp integer ]; ... };
                in-view string;
                inline-signing boolean;
                ixfr-from-differences boolean;
                journal quoted_string;
                key-directory quoted_string;
                masterfile-format ( map | raw | text );
                masterfile-style ( full | relative );
                masters [ port integer ] [ dscp integer ] { ( masters
                    | ipv4_address [ port integer ] | ipv6_address [
                    port integer ] ) [ key string ]; ... };
                max-ixfr-log-size ( default | unlimited |
                max-journal-size ( unlimited | sizeval );
                max-records integer;
                max-refresh-time integer;
                max-retry-time integer;
                max-transfer-idle-in integer;
                max-transfer-idle-out integer;
                max-transfer-time-in integer;
                max-transfer-time-out integer;
                max-zone-ttl ( unlimited | ttlval );
                min-refresh-time integer;
                min-retry-time integer;
                multi-master boolean;
                notify ( explicit | master-only | boolean );
                notify-delay integer;
                notify-source ( ipv4_address | * ) [ port ( integer | *
                    ) ] [ dscp integer ];
                notify-source-v6 ( ipv6_address | * ) [ port ( integer
                    | * ) ] [ dscp integer ];
                notify-to-soa boolean;
                pubkey integer
                    integer
                    integer
                request-expire boolean;
                request-ixfr boolean;
                serial-update-method ( date | increment | unixtime );
                server-addresses { ( ipv4_address | ipv6_address ) [
                    port integer ]; ... };
                server-names { quoted_string; ... };
                sig-signing-nodes integer;
                sig-signing-signatures integer;
                sig-signing-type integer;
                sig-validity-interval integer [ integer ];
                transfer-source ( ipv4_address | * ) [ port ( integer |
                    * ) ] [ dscp integer ];
                transfer-source-v6 ( ipv6_address | * ) [ port (
                    integer | * ) ] [ dscp integer ];
                try-tcp-refresh boolean;
                type ( delegation-only | forward | hint | master | redirect
                    | slave | static-stub | stub );
                update-check-ksk boolean;
                update-policy ( local | { ( deny | grant ) string (
                    6to4-self | external | krb5-self | krb5-selfsub |
                    krb5-subdomain | ms-self | ms-selfsub | ms-subdomain |
                    name | self | selfsub | selfwild | subdomain | tcp-self
                    | wildcard | zonesub ) [ string ] rrtypelist; ... };
                use-alt-transfer-source boolean;
                zero-no-soa-ttl boolean;
                zone-statistics ( full | terse | none | boolean );
        };
        zone-statistics ( full | terse | none | boolean );
};
 

ZONE

zone string [ class ] {
        allow-notify { address_match_element; ... };
        allow-query { address_match_element; ... };
        allow-query-on { address_match_element; ... };
        allow-transfer { address_match_element; ... };
        allow-update { address_match_element; ... };
        allow-update-forwarding { address_match_element; ... };
        also-notify [ port integer ] [ dscp integer ] { ( masters |
            ipv4_address [ port integer ] | ipv6_address [ port
            integer ] ) [ key string ]; ... };
        alt-transfer-source ( ipv4_address | * ) [ port ( integer | * )
            ] [ dscp integer ];
        alt-transfer-source-v6 ( ipv6_address | * ) [ port ( integer |
            * ) ] [ dscp integer ];
        auto-dnssec ( allow | maintain | off );
        check-dup-records ( fail | warn | ignore );
        check-integrity boolean;
        check-mx ( fail | warn | ignore );
        check-mx-cname ( fail | warn | ignore );
        check-names ( fail | warn | ignore );
        check-sibling boolean;
        check-spf ( warn | ignore );
        check-srv-cname ( fail | warn | ignore );
        check-wildcard boolean;
        database string;
        delegation-only boolean;
        dialup ( notify | notify-passive | passive | refresh | boolean );
        dlz string;
        dnssec-dnskey-kskonly boolean;
        dnssec-loadkeys-interval integer;
        dnssec-secure-to-insecure boolean;
        dnssec-update-mode ( maintain | no-resign );
        file quoted_string;
        forward ( first | only );
        forwarders [ port integer ] [ dscp integer ] { ( ipv4_address
            | ipv6_address ) [ port integer ] [ dscp integer ]; ... };
        in-view string;
        inline-signing boolean;
        ixfr-from-differences boolean;
        journal quoted_string;
        key-directory quoted_string;
        masterfile-format ( map | raw | text );
        masterfile-style ( full | relative );
        masters [ port integer ] [ dscp integer ] { ( masters |
            ipv4_address [ port integer ] | ipv6_address [ port
            integer ] ) [ key string ]; ... };
        max-journal-size ( unlimited | sizeval );
        max-records integer;
        max-refresh-time integer;
        max-retry-time integer;
        max-transfer-idle-in integer;
        max-transfer-idle-out integer;
        max-transfer-time-in integer;
        max-transfer-time-out integer;
        max-zone-ttl ( unlimited | ttlval );
        min-refresh-time integer;
        min-retry-time integer;
        multi-master boolean;
        notify ( explicit | master-only | boolean );
        notify-delay integer;
        notify-source ( ipv4_address | * ) [ port ( integer | * ) ] [
            dscp integer ];
        notify-source-v6 ( ipv6_address | * ) [ port ( integer | * ) ]
            [ dscp integer ];
        notify-to-soa boolean;
        pubkey integer integer
        request-expire boolean;
        request-ixfr boolean;
        serial-update-method ( date | increment | unixtime );
        server-addresses { ( ipv4_address | ipv6_address ) [ port
            integer ]; ... };
        server-names { quoted_string; ... };
        sig-signing-nodes integer;
        sig-signing-signatures integer;
        sig-signing-type integer;
        sig-validity-interval integer [ integer ];
        transfer-source ( ipv4_address | * ) [ port ( integer | * ) ] [
            dscp integer ];
        transfer-source-v6 ( ipv6_address | * ) [ port ( integer | * )
            ] [ dscp integer ];
        try-tcp-refresh boolean;
        type ( delegation-only | forward | hint | master | redirect | slave
            | static-stub | stub );
        update-check-ksk boolean;
        update-policy ( local | { ( deny | grant ) string ( 6to4-self |
            external | krb5-self | krb5-selfsub | krb5-subdomain | ms-self
            | ms-selfsub | ms-subdomain | name | self | selfsub | selfwild
            | subdomain | tcp-self | wildcard | zonesub ) [ string ]
            rrtypelist; ... };
        use-alt-transfer-source boolean;
        zero-no-soa-ttl boolean;
        zone-statistics ( full | terse | none | boolean );
};
 

FILES

/etc/named.conf  

SEE ALSO

ddns-confgen(8), named(8), named-checkconf(8), rndc(8), rndc-confgen(8), BIND 9 Administrator Reference Manual.  

AUTHOR

Internet Systems Consortium, Inc.  

COPYRIGHT


Copyright © 2004-2019 Internet Systems Consortium, Inc. ("ISC")


 

Index

NAME
SYNOPSIS
DESCRIPTION
ACL
CONTROLS
DLZ
DYNDB
KEY
LOGGING
LWRES
MANAGED-KEYS
MASTERS
OPTIONS
SERVER
STATISTICS-CHANNELS
TRUSTED-KEYS
VIEW
ZONE
FILES
SEE ALSO
AUTHOR
COPYRIGHT
LinuxReviews : manual page archive