1
<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN"
2
"http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd"
1
<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
2
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
3
3
[<!ENTITY mdash "—">]>
5
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
5
- Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC")
7
- Permission to use, copy, modify, and distribute this software for any
7
- Permission to use, copy, modify, and/or distribute this software for any
8
8
- purpose with or without fee is hereby granted, provided that the above
9
9
- copyright notice and this permission notice appear in all copies.
53
55
<title>DESCRIPTION</title>
55
<filename>named.conf</filename> is the configuration file for
56
<command>named</command>. Statements are enclosed
57
in braces and terminated with a semi-colon. Clauses in
58
the statements are also semi-colon terminated. The usual
59
comment styles are supported:
65
C++ style: // to end of line
68
Unix style: # to end of line
56
<para><filename>named.conf</filename> is the configuration file
58
<command>named</command>. Statements are enclosed
59
in braces and terminated with a semi-colon. Clauses in
60
the statements are also semi-colon terminated. The usual
61
comment styles are supported:
67
C++ style: // to end of line
70
Unix style: # to end of line
75
77
acl <replaceable>string</replaceable> { <replaceable>address_match_element</replaceable>; ... };
83
85
key <replaceable>domain_name</replaceable> {
84
86
algorithm <replaceable>string</replaceable>;
85
87
secret <replaceable>string</replaceable>;
91
<title>MASTERS</title>
93
<title>MASTERS</title>
93
95
masters <replaceable>string</replaceable> <optional> port <replaceable>integer</replaceable> </optional> {
94
96
( <replaceable>masters</replaceable> | <replaceable>ipv4_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> |
95
97
<replaceable>ipv6_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> ) <optional> key <replaceable>string</replaceable> </optional>; ...
101
<title>SERVER</title>
103
server ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> ) {
103
<title>SERVER</title>
105
server ( <replaceable>ipv4_address<optional>/prefixlen</optional></replaceable> | <replaceable>ipv6_address<optional>/prefixlen</optional></replaceable> ) {
104
106
bogus <replaceable>boolean</replaceable>;
105
107
edns <replaceable>boolean</replaceable>;
108
edns-udp-size <replaceable>integer</replaceable>;
109
max-udp-size <replaceable>integer</replaceable>;
106
110
provide-ixfr <replaceable>boolean</replaceable>;
107
111
request-ixfr <replaceable>boolean</replaceable>;
108
112
keys <replaceable>server_key</replaceable>;
230
236
rfc2308-type1 <replaceable>boolean</replaceable>; // not yet implemented
231
237
additional-from-auth <replaceable>boolean</replaceable>;
232
238
additional-from-cache <replaceable>boolean</replaceable>;
233
query-source <replaceable>querysource4</replaceable>;
234
query-source-v6 <replaceable>querysource6</replaceable>;
239
query-source ( ( <replaceable>ipv4_address</replaceable> | * ) | <optional> address ( <replaceable>ipv4_address</replaceable> | * ) </optional> ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
240
query-source-v6 ( ( <replaceable>ipv6_address</replaceable> | * ) | <optional> address ( <replaceable>ipv6_address</replaceable> | * ) </optional> ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
241
use-queryport-pool <replaceable>boolean</replaceable>;
242
queryport-pool-ports <replaceable>integer</replaceable>;
243
queryport-pool-updateinterval <replaceable>integer</replaceable>;
235
244
cleaning-interval <replaceable>integer</replaceable>;
236
245
min-roots <replaceable>integer</replaceable>; // not implemented
237
246
lame-ttl <replaceable>integer</replaceable>;
238
247
max-ncache-ttl <replaceable>integer</replaceable>;
239
248
max-cache-ttl <replaceable>integer</replaceable>;
240
249
transfer-format ( many-answers | one-answer );
241
max-cache-size <replaceable>size_no_default</replaceable>;
250
max-cache-size <replaceable>size</replaceable>;
251
max-acache-size <replaceable>size</replaceable>;
252
clients-per-query <replaceable>number</replaceable>;
253
max-clients-per-query <replaceable>number</replaceable>;
242
254
check-names ( master | slave | response )
243
255
( fail | warn | ignore );
244
cache-file <replaceable>quoted_string</replaceable>;
256
check-mx ( fail | warn | ignore );
257
check-integrity <replaceable>boolean</replaceable>;
258
check-mx-cname ( fail | warn | ignore );
259
check-srv-cname ( fail | warn | ignore );
260
cache-file <replaceable>quoted_string</replaceable>; // test option
245
261
suppress-initial-notify <replaceable>boolean</replaceable>; // not yet implemented
246
262
preferred-glue <replaceable>string</replaceable>;
247
263
dual-stack-servers <optional> port <replaceable>integer</replaceable> </optional> {
248
264
( <replaceable>quoted_string</replaceable> <optional>port <replaceable>integer</replaceable></optional> |
249
265
<replaceable>ipv4_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> |
250
266
<replaceable>ipv6_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> ); ...
252
268
edns-udp-size <replaceable>integer</replaceable>;
269
max-udp-size <replaceable>integer</replaceable>;
253
270
root-delegation-only <optional> exclude { <replaceable>quoted_string</replaceable>; ... } </optional>;
254
271
disable-algorithms <replaceable>string</replaceable> { <replaceable>string</replaceable>; ... };
255
272
dnssec-enable <replaceable>boolean</replaceable>;
273
dnssec-validation <replaceable>boolean</replaceable>;
256
274
dnssec-lookaside <replaceable>string</replaceable> trust-anchor <replaceable>string</replaceable>;
257
275
dnssec-must-be-secure <replaceable>string</replaceable> <replaceable>boolean</replaceable>;
276
dnssec-accept-expired <replaceable>boolean</replaceable>;
278
empty-server <replaceable>string</replaceable>;
279
empty-contact <replaceable>string</replaceable>;
280
empty-zones-enable <replaceable>boolean</replaceable>;
281
disable-empty-zone <replaceable>string</replaceable>;
259
283
dialup <replaceable>dialuptype</replaceable>;
260
284
ixfr-from-differences <replaceable>ixfrdiff</replaceable>;
262
286
allow-query { <replaceable>address_match_element</replaceable>; ... };
287
allow-query-on { <replaceable>address_match_element</replaceable>; ... };
288
allow-query-cache { <replaceable>address_match_element</replaceable>; ... };
289
allow-query-cache-on { <replaceable>address_match_element</replaceable>; ... };
263
290
allow-transfer { <replaceable>address_match_element</replaceable>; ... };
291
allow-update { <replaceable>address_match_element</replaceable>; ... };
264
292
allow-update-forwarding { <replaceable>address_match_element</replaceable>; ... };
293
update-check-ksk <replaceable>boolean</replaceable>;
295
masterfile-format ( text | raw );
266
296
notify <replaceable>notifytype</replaceable>;
267
297
notify-source ( <replaceable>ipv4_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
268
298
notify-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
299
notify-delay <replaceable>seconds</replaceable>;
300
notify-to-soa <replaceable>boolean</replaceable>;
269
301
also-notify <optional> port <replaceable>integer</replaceable> </optional> { ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> )
270
302
<optional> port <replaceable>integer</replaceable> </optional>; ... };
271
303
allow-notify { <replaceable>address_match_element</replaceable>; ... };
357
393
rfc2308-type1 <replaceable>boolean</replaceable>; // not yet implemented
358
394
additional-from-auth <replaceable>boolean</replaceable>;
359
395
additional-from-cache <replaceable>boolean</replaceable>;
360
query-source <replaceable>querysource4</replaceable>;
361
query-source-v6 <replaceable>querysource6</replaceable>;
396
query-source ( ( <replaceable>ipv4_address</replaceable> | * ) | <optional> address ( <replaceable>ipv4_address</replaceable> | * ) </optional> ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
397
query-source-v6 ( ( <replaceable>ipv6_address</replaceable> | * ) | <optional> address ( <replaceable>ipv6_address</replaceable> | * ) </optional> ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
398
use-queryport-pool <replaceable>boolean</replaceable>;
399
queryport-pool-ports <replaceable>integer</replaceable>;
400
queryport-pool-updateinterval <replaceable>integer</replaceable>;
362
401
cleaning-interval <replaceable>integer</replaceable>;
363
402
min-roots <replaceable>integer</replaceable>; // not implemented
364
403
lame-ttl <replaceable>integer</replaceable>;
365
404
max-ncache-ttl <replaceable>integer</replaceable>;
366
405
max-cache-ttl <replaceable>integer</replaceable>;
367
406
transfer-format ( many-answers | one-answer );
368
max-cache-size <replaceable>size_no_default</replaceable>;
407
max-cache-size <replaceable>size</replaceable>;
408
max-acache-size <replaceable>size</replaceable>;
409
clients-per-query <replaceable>number</replaceable>;
410
max-clients-per-query <replaceable>number</replaceable>;
369
411
check-names ( master | slave | response )
370
412
( fail | warn | ignore );
371
cache-file <replaceable>quoted_string</replaceable>;
413
check-mx ( fail | warn | ignore );
414
check-integrity <replaceable>boolean</replaceable>;
415
check-mx-cname ( fail | warn | ignore );
416
check-srv-cname ( fail | warn | ignore );
417
cache-file <replaceable>quoted_string</replaceable>; // test option
372
418
suppress-initial-notify <replaceable>boolean</replaceable>; // not yet implemented
373
419
preferred-glue <replaceable>string</replaceable>;
374
420
dual-stack-servers <optional> port <replaceable>integer</replaceable> </optional> {
377
423
<replaceable>ipv6_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> ); ...
379
425
edns-udp-size <replaceable>integer</replaceable>;
426
max-udp-size <replaceable>integer</replaceable>;
380
427
root-delegation-only <optional> exclude { <replaceable>quoted_string</replaceable>; ... } </optional>;
381
428
disable-algorithms <replaceable>string</replaceable> { <replaceable>string</replaceable>; ... };
382
429
dnssec-enable <replaceable>boolean</replaceable>;
430
dnssec-validation <replaceable>boolean</replaceable>;
383
431
dnssec-lookaside <replaceable>string</replaceable> trust-anchor <replaceable>string</replaceable>;
385
432
dnssec-must-be-secure <replaceable>string</replaceable> <replaceable>boolean</replaceable>;
433
dnssec-accept-expired <replaceable>boolean</replaceable>;
435
empty-server <replaceable>string</replaceable>;
436
empty-contact <replaceable>string</replaceable>;
437
empty-zones-enable <replaceable>boolean</replaceable>;
438
disable-empty-zone <replaceable>string</replaceable>;
386
440
dialup <replaceable>dialuptype</replaceable>;
387
441
ixfr-from-differences <replaceable>ixfrdiff</replaceable>;
389
443
allow-query { <replaceable>address_match_element</replaceable>; ... };
444
allow-query-on { <replaceable>address_match_element</replaceable>; ... };
445
allow-query-cache { <replaceable>address_match_element</replaceable>; ... };
446
allow-query-cache-on { <replaceable>address_match_element</replaceable>; ... };
390
447
allow-transfer { <replaceable>address_match_element</replaceable>; ... };
448
allow-update { <replaceable>address_match_element</replaceable>; ... };
391
449
allow-update-forwarding { <replaceable>address_match_element</replaceable>; ... };
450
update-check-ksk <replaceable>boolean</replaceable>;
452
masterfile-format ( text | raw );
393
453
notify <replaceable>notifytype</replaceable>;
394
454
notify-source ( <replaceable>ipv4_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
395
455
notify-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
456
notify-delay <replaceable>seconds</replaceable>;
457
notify-to-soa <replaceable>boolean</replaceable>;
396
458
also-notify <optional> port <replaceable>integer</replaceable> </optional> { ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> )
397
459
<optional> port <replaceable>integer</replaceable> </optional>; ... };
398
460
allow-notify { <replaceable>address_match_element</replaceable>; ... };
453
518
database <replaceable>string</replaceable>;
454
519
delegation-only <replaceable>boolean</replaceable>;
455
520
check-names ( fail | warn | ignore );
521
check-mx ( fail | warn | ignore );
522
check-integrity <replaceable>boolean</replaceable>;
523
check-mx-cname ( fail | warn | ignore );
524
check-srv-cname ( fail | warn | ignore );
456
525
dialup <replaceable>dialuptype</replaceable>;
457
526
ixfr-from-differences <replaceable>boolean</replaceable>;
527
journal <replaceable>quoted_string</replaceable>;
528
zero-no-soa-ttl <replaceable>boolean</replaceable>;
459
530
allow-query { <replaceable>address_match_element</replaceable>; ... };
531
allow-query-on { <replaceable>address_match_element</replaceable>; ... };
460
532
allow-transfer { <replaceable>address_match_element</replaceable>; ... };
461
533
allow-update { <replaceable>address_match_element</replaceable>; ... };
462
534
allow-update-forwarding { <replaceable>address_match_element</replaceable>; ... };
465
537
( name | subdomain | wildcard | self ) <replaceable>string</replaceable>
466
538
<replaceable>rrtypelist</replaceable>; ...
540
update-check-ksk <replaceable>boolean</replaceable>;
542
masterfile-format ( text | raw );
469
543
notify <replaceable>notifytype</replaceable>;
470
544
notify-source ( <replaceable>ipv4_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
471
545
notify-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
546
notify-delay <replaceable>seconds</replaceable>;
547
notify-to-soa <replaceable>boolean</replaceable>;
472
548
also-notify <optional> port <replaceable>integer</replaceable> </optional> { ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> )
473
549
<optional> port <replaceable>integer</replaceable> </optional>; ... };
474
550
allow-notify { <replaceable>address_match_element</replaceable>; ... };