named.conf(5) - Linux man page

Name

named.conf - configuration file for named

Synopsis

named.conf

Description

named.conf is the configuration file for named. Statements are enclosed in braces and terminated with a semi-colon. Clauses in the statements are also semi-colon terminated. The usual comment styles are supported:

C style: /* */

C++ style: // to end of line

Unix style: # to end of line

Acl

acl string { address_match_element; ... };

Key

key domain_name {

algorithm string;

secret string;

};

Masters

masters string [ port integer ] {

( masters | ipv4_address [port integer] |

ipv6_address [port integer] ) [ key string ]; ...

};

Server

server ( ipv4_address | ipv6_address ) {

bogus boolean;

edns boolean;

provide-ixfr boolean;

request-ixfr boolean;

keys server_key;

transfers integer;

transfer-format ( many-answers | one-answer );

transfer-source ( ipv4_address | * )

[ port ( integer | * ) ];

transfer-source-v6 ( ipv6_address | * )

[ port ( integer | * ) ];

support-ixfr boolean; // obsolete

};

Trusted-keys

trusted-keys {

domain_name flags protocol algorithm key; ...

};

Controls

controls {

inet ( ipv4_address | ipv6_address | * )

[ port ( integer | * ) ]

allow { address_match_element; ... }

[ keys { string; ... } ];

unix unsupported; // not implemented

};

Logging

logging {

channel string {

file log_file;

syslog optional_facility;

null;

stderr;

severity log_severity;

print-time boolean;

print-severity boolean;

print-category boolean;

};

category string { string; ... };

};

Lwres

lwres {

listen-on [ port integer ] {

( ipv4_address | ipv6_address ) [ port integer ]; ...

};

view string optional_class;

search { string; ... };

ndots integer;

};

Options

options {

avoid-v4-udp-ports { port; ... };

avoid-v6-udp-ports { port; ... };

blackhole { address_match_element; ... };

coresize size;

datasize size;

directory quoted_string;

dump-file quoted_string;

files size;

heartbeat-interval integer;

host-statistics boolean; // not implemented

host-statistics-max number; // not implemented

hostname ( quoted_string | none );

interface-interval integer;

listen-on [ port integer ] { address_match_element; ... };

listen-on-v6 [ port integer ] { address_match_element; ... };

match-mapped-addresses boolean;

memstatistics-file quoted_string;

pid-file ( quoted_string | none );

port integer;

querylog boolean;

recursing-file quoted_string;

random-device quoted_string;

recursive-clients integer;

serial-query-rate integer;

server-id ( quoted_string | none |;

stacksize size;

statistics-file quoted_string;

statistics-interval integer; // not yet implemented

tcp-clients integer;

tcp-listen-queue integer;

tkey-dhkey quoted_string integer;

tkey-gssapi-credential quoted_string;

tkey-domain quoted_string;

transfers-per-ns integer;

transfers-in integer;

transfers-out integer;

use-ixfr boolean;

version ( quoted_string | none );

allow-recursion { address_match_element; ... };

sortlist { address_match_element; ... };

topology { address_match_element; ... }; // not implemented

auth-nxdomain boolean; // default changed

minimal-responses boolean;

recursion boolean;

rrset-order {

[ class string ] [ type string ]

[ name quoted_string ] string string; ...

};

provide-ixfr boolean;

request-ixfr boolean;

rfc2308-type1 boolean; // not yet implemented

additional-from-auth boolean;

additional-from-cache boolean;

query-source [ address ( ipv4_address | * ) ] [ port ( integer | * ) ];

query-source-v6 [ address ( ipv6_address | * ) ] [ port ( integer | * ) ];

cleaning-interval integer;

min-roots integer; // not implemented

lame-ttl integer;

max-ncache-ttl integer;

max-cache-ttl integer;

transfer-format ( many-answers | one-answer );

max-cache-size size_no_default;

check-names ( master | slave | response )

( fail | warn | ignore );

cache-file quoted_string;

suppress-initial-notify boolean; // not yet implemented

preferred-glue string;

dual-stack-servers [ port integer ] {

( quoted_string [port integer] |

ipv4_address [port integer] |

ipv6_address [port integer] ); ...

}

edns-udp-size integer;

root-delegation-only [ exclude { quoted_string; ... } ];

disable-algorithms string { string; ... };

dnssec-enable boolean;

dnssec-lookaside string trust-anchor string;

dnssec-must-be-secure string boolean;

dialup dialuptype;

ixfr-from-differences ixfrdiff;

allow-query { address_match_element; ... };

allow-transfer { address_match_element; ... };

allow-update-forwarding { address_match_element; ... };

notify notifytype;

notify-source ( ipv4_address | * ) [ port ( integer | * ) ];

notify-source-v6 ( ipv6_address | * ) [ port ( integer | * ) ];

also-notify [ port integer ] { ( ipv4_address | ipv6_address )

[ port integer ]; ... };

allow-notify { address_match_element; ... };

forward ( first | only );

forwarders [ port integer ] {

( ipv4_address | ipv6_address ) [ port integer ]; ...

};

max-journal-size size_no_default;

max-transfer-time-in integer;

max-transfer-time-out integer;

max-transfer-idle-in integer;

max-transfer-idle-out integer;

max-retry-time integer;

min-retry-time integer;

max-refresh-time integer;

min-refresh-time integer;

multi-master boolean;

sig-validity-interval integer;

transfer-source ( ipv4_address | * )

[ port ( integer | * ) ];

transfer-source-v6 ( ipv6_address | * )

[ port ( integer | * ) ];

alt-transfer-source ( ipv4_address | * )

[ port ( integer | * ) ];

alt-transfer-source-v6 ( ipv6_address | * )

[ port ( integer | * ) ];

use-alt-transfer-source boolean;

zone-statistics boolean;

key-directory quoted_string;

allow-v6-synthesis { address_match_element; ... }; // obsolete

deallocate-on-exit boolean; // obsolete

fake-iquery boolean; // obsolete

fetch-glue boolean; // obsolete

has-old-clients boolean; // obsolete

maintain-ixfr-base boolean; // obsolete

max-ixfr-log-size size; // obsolete

multiple-cnames boolean; // obsolete

named-xfer quoted_string; // obsolete

serial-queries integer; // obsolete

treat-cr-as-space boolean; // obsolete

use-id-pool boolean; // obsolete

};

View

view string optional_class {

match-clients { address_match_element; ... };

match-destinations { address_match_element; ... };

match-recursive-only boolean;

key string {

algorithm string;

secret string;

};

zone string optional_class {

...

};

server ( ipv4_address | ipv6_address ) {

...

};

trusted-keys {

string integer integer integer quoted_string; ...

};

allow-recursion { address_match_element; ... };

sortlist { address_match_element; ... };

topology { address_match_element; ... }; // not implemented

auth-nxdomain boolean; // default changed

minimal-responses boolean;

recursion boolean;

rrset-order {

[ class string ] [ type string ]

[ name quoted_string ] string string; ...

};

provide-ixfr boolean;

request-ixfr boolean;

rfc2308-type1 boolean; // not yet implemented

additional-from-auth boolean;

additional-from-cache boolean;

query-source [ address ( ipv4_address | * ) ] [ port ( integer | * ) ];

query-source-v6 [ address ( ipv6_address | * ) ] [ port ( integer | * ) ];

cleaning-interval integer;

min-roots integer; // not implemented

lame-ttl integer;

max-ncache-ttl integer;

max-cache-ttl integer;

transfer-format ( many-answers | one-answer );

max-cache-size size_no_default;

check-names ( master | slave | response )

( fail | warn | ignore );

cache-file quoted_string;

suppress-initial-notify boolean; // not yet implemented

preferred-glue string;

dual-stack-servers [ port integer ] {

( quoted_string [port integer] |

ipv4_address [port integer] |

ipv6_address [port integer] ); ...

};

edns-udp-size integer;

root-delegation-only [ exclude { quoted_string; ... } ];

disable-algorithms string { string; ... };

dnssec-enable boolean;

dnssec-lookaside string trust-anchor string;

dnssec-must-be-secure string boolean;

dialup dialuptype;

ixfr-from-differences ixfrdiff;

allow-query { address_match_element; ... };

allow-transfer { address_match_element; ... };

allow-update-forwarding { address_match_element; ... };

notify notifytype;

notify-source ( ipv4_address | * ) [ port ( integer | * ) ];

notify-source-v6 ( ipv6_address | * ) [ port ( integer | * ) ];

also-notify [ port integer ] { ( ipv4_address | ipv6_address )

[ port integer ]; ... };

allow-notify { address_match_element; ... };

forward ( first | only );

forwarders [ port integer ] {

( ipv4_address | ipv6_address ) [ port integer ]; ...

};

max-journal-size size_no_default;

max-transfer-time-in integer;

max-transfer-time-out integer;

max-transfer-idle-in integer;

max-transfer-idle-out integer;

max-retry-time integer;

min-retry-time integer;

max-refresh-time integer;

min-refresh-time integer;

multi-master boolean;

sig-validity-interval integer;

transfer-source ( ipv4_address | * )

[ port ( integer | * ) ];

transfer-source-v6 ( ipv6_address | * )

[ port ( integer | * ) ];

alt-transfer-source ( ipv4_address | * )

[ port ( integer | * ) ];

alt-transfer-source-v6 ( ipv6_address | * )

[ port ( integer | * ) ];

use-alt-transfer-source boolean;

zone-statistics boolean;

key-directory quoted_string;

allow-v6-synthesis { address_match_element; ... }; // obsolete

fetch-glue boolean; // obsolete

maintain-ixfr-base boolean; // obsolete

max-ixfr-log-size size; // obsolete

};

Zone

zone string optional_class {

type ( master | slave | stub | hint |

forward | delegation-only );

file quoted_string;

masters [ port integer ] {

( masters |

ipv4_address [port integer] |

ipv6_address [ port integer ] ) [ key string ]; ...

};

database string;

delegation-only boolean;

check-names ( fail | warn | ignore );

dialup dialuptype;

ixfr-from-differences boolean;

allow-query { address_match_element; ... };

allow-transfer { address_match_element; ... };

allow-update { address_match_element; ... };

allow-update-forwarding { address_match_element; ... };

update-policy {

( grant | deny ) string

( name | subdomain | wildcard | self ) string

rrtypelist; ...

};

notify notifytype;

notify-source ( ipv4_address | * ) [ port ( integer | * ) ];

notify-source-v6 ( ipv6_address | * ) [ port ( integer | * ) ];

also-notify [ port integer ] { ( ipv4_address | ipv6_address )

[ port integer ]; ... };

allow-notify { address_match_element; ... };

forward ( first | only );

forwarders [ port integer ] {

( ipv4_address | ipv6_address ) [ port integer ]; ...

};

max-journal-size size_no_default;

max-transfer-time-in integer;

max-transfer-time-out integer;

max-transfer-idle-in integer;

max-transfer-idle-out integer;

max-retry-time integer;

min-retry-time integer;

max-refresh-time integer;

min-refresh-time integer;

multi-master boolean;

sig-validity-interval integer;

transfer-source ( ipv4_address | * )

[ port ( integer | * ) ];

transfer-source-v6 ( ipv6_address | * )

[ port ( integer | * ) ];

alt-transfer-source ( ipv4_address | * )

[ port ( integer | * ) ];

alt-transfer-source-v6 ( ipv6_address | * )

[ port ( integer | * ) ];

use-alt-transfer-source boolean;

zone-statistics boolean;

key-directory quoted_string;

ixfr-base quoted_string; // obsolete

ixfr-tmp-file quoted_string; // obsolete

maintain-ixfr-base boolean; // obsolete

max-ixfr-log-size size; // obsolete

pubkey integer integer integer quoted_string; // obsolete

};

Files

/etc/named.conf

See Also

named(8), rndc(8), BIND 9 Administrator Reference Manual().

Copyright

Copyright © 2004-2006 Internet Systems Consortium, Inc. ("ISC")

Referenced By

ipsec_pluto(8), nsd.conf(5)

site search Google Custom Search

Library

online dictionary

linux docs

linux man pages

page load time

Toys

world sunlight

moon phase

trace explorer