1 .\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
3 .\" Permission to use, copy, modify, and distribute this software for any
4 .\" purpose with or without fee is hereby granted, provided that the above
5 .\" copyright notice and this permission notice appear in all copies.
7 .\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
8 .\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
9 .\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
10 .\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
11 .\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
12 .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
13 .\" PERFORMANCE OF THIS SOFTWARE.
15 .\" $Id: named.conf.5,v 1.1.4.6 2005/10/13 02:33:47 marka Exp $
19 .\" ** You probably do not want to edit this file directly **
20 .\" It was generated using the DocBook XSL Stylesheets (version 1.69.1).
21 .\" Instead of manually editing it, you probably should edit the DocBook XML
22 .\" source for it and then use the DocBook XSL Stylesheets to regenerate it.
23 .TH "\\FINAMED.CONF\\FR" "5" "Aug 13, 2004" "BIND9" "BIND9"
24 .\" disable hyphenation
26 .\" disable justification (adjust text to left margin only)
29 named.conf \- configuration file for named
36 is the configuration file for
37 \fBnamed\fR. Statements are enclosed in braces and terminated with a semi\-colon. Clauses in the statements are also semi\-colon terminated. The usual comment styles are supported:
41 C++ style: // to end of line
43 Unix style: # to end of line
47 acl \fIstring\fR { \fIaddress_match_element\fR; ... };
52 key \fIdomain_name\fR {
53 algorithm \fIstring\fR;
60 masters \fIstring\fR [ port \fIinteger\fR ] {
61 ( \fImasters\fR | \fIipv4_address\fR [port \fIinteger\fR] |
62 \fIipv6_address\fR [port \fIinteger\fR] ) [ key \fIstring\fR ]; ...
68 server ( \fIipv4_address\fR | \fIipv6_address\fR ) {
71 provide\-ixfr \fIboolean\fR;
72 request\-ixfr \fIboolean\fR;
73 keys \fIserver_key\fR;
74 transfers \fIinteger\fR;
75 transfer\-format ( many\-answers | one\-answer );
76 transfer\-source ( \fIipv4_address\fR | * )
77 [ port ( \fIinteger\fR | * ) ];
78 transfer\-source\-v6 ( \fIipv6_address\fR | * )
79 [ port ( \fIinteger\fR | * ) ];
80 support\-ixfr \fIboolean\fR; // obsolete
87 \fIdomain_name\fR \fIflags\fR \fIprotocol\fR \fIalgorithm\fR \fIkey\fR; ...
94 inet ( \fIipv4_address\fR | \fIipv6_address\fR | * )
95 [ port ( \fIinteger\fR | * ) ]
96 allow { \fIaddress_match_element\fR; ... }
97 [ keys { \fIstring\fR; ... } ];
98 unix \fIunsupported\fR; // not implemented
105 channel \fIstring\fR {
107 syslog \fIoptional_facility\fR;
110 severity \fIlog_severity\fR;
111 print\-time \fIboolean\fR;
112 print\-severity \fIboolean\fR;
113 print\-category \fIboolean\fR;
115 category \fIstring\fR { \fIstring\fR; ... };
122 listen\-on [ port \fIinteger\fR ] {
123 ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ...
125 view \fIstring\fR \fIoptional_class\fR;
126 search { \fIstring\fR; ... };
134 avoid\-v4\-udp\-ports { \fIport\fR; ... };
135 avoid\-v6\-udp\-ports { \fIport\fR; ... };
136 blackhole { \fIaddress_match_element\fR; ... };
139 directory \fIquoted_string\fR;
140 dump\-file \fIquoted_string\fR;
142 heartbeat\-interval \fIinteger\fR;
143 host\-statistics \fIboolean\fR; // not implemented
144 host\-statistics\-max \fInumber\fR; // not implemented
145 hostname ( \fIquoted_string\fR | none );
146 interface\-interval \fIinteger\fR;
147 listen\-on [ port \fIinteger\fR ] { \fIaddress_match_element\fR; ... };
148 listen\-on\-v6 [ port \fIinteger\fR ] { \fIaddress_match_element\fR; ... };
149 match\-mapped\-addresses \fIboolean\fR;
150 memstatistics\-file \fIquoted_string\fR;
151 pid\-file ( \fIquoted_string\fR | none );
153 querylog \fIboolean\fR;
154 recursing\-file \fIquoted_string\fR;
155 random\-device \fIquoted_string\fR;
156 recursive\-clients \fIinteger\fR;
157 serial\-query\-rate \fIinteger\fR;
158 server\-id ( \fIquoted_string\fR | none |;
159 stacksize \fIsize\fR;
160 statistics\-file \fIquoted_string\fR;
161 statistics\-interval \fIinteger\fR; // not yet implemented
162 tcp\-clients \fIinteger\fR;
163 tcp\-listen\-queue \fIinteger\fR;
164 tkey\-dhkey \fIquoted_string\fR \fIinteger\fR;
165 tkey\-gssapi\-credential \fIquoted_string\fR;
166 tkey\-domain \fIquoted_string\fR;
167 transfers\-per\-ns \fIinteger\fR;
168 transfers\-in \fIinteger\fR;
169 transfers\-out \fIinteger\fR;
170 use\-ixfr \fIboolean\fR;
171 version ( \fIquoted_string\fR | none );
172 allow\-recursion { \fIaddress_match_element\fR; ... };
173 sortlist { \fIaddress_match_element\fR; ... };
174 topology { \fIaddress_match_element\fR; ... }; // not implemented
175 auth\-nxdomain \fIboolean\fR; // default changed
176 minimal\-responses \fIboolean\fR;
177 recursion \fIboolean\fR;
179 [ class \fIstring\fR ] [ type \fIstring\fR ]
180 [ name \fIquoted_string\fR ] \fIstring\fR \fIstring\fR; ...
182 provide\-ixfr \fIboolean\fR;
183 request\-ixfr \fIboolean\fR;
184 rfc2308\-type1 \fIboolean\fR; // not yet implemented
185 additional\-from\-auth \fIboolean\fR;
186 additional\-from\-cache \fIboolean\fR;
187 query\-source \fIquerysource4\fR;
188 query\-source\-v6 \fIquerysource6\fR;
189 cleaning\-interval \fIinteger\fR;
190 min\-roots \fIinteger\fR; // not implemented
191 lame\-ttl \fIinteger\fR;
192 max\-ncache\-ttl \fIinteger\fR;
193 max\-cache\-ttl \fIinteger\fR;
194 transfer\-format ( many\-answers | one\-answer );
195 max\-cache\-size \fIsize_no_default\fR;
196 check\-names ( master | slave | response )
197 ( fail | warn | ignore );
198 cache\-file \fIquoted_string\fR;
199 suppress\-initial\-notify \fIboolean\fR; // not yet implemented
200 preferred\-glue \fIstring\fR;
201 dual\-stack\-servers [ port \fIinteger\fR ] {
202 ( \fIquoted_string\fR [port \fIinteger\fR] |
203 \fIipv4_address\fR [port \fIinteger\fR] |
204 \fIipv6_address\fR [port \fIinteger\fR] ); ...
206 edns\-udp\-size \fIinteger\fR;
207 root\-delegation\-only [ exclude { \fIquoted_string\fR; ... } ];
208 disable\-algorithms \fIstring\fR { \fIstring\fR; ... };
209 dnssec\-enable \fIboolean\fR;
210 dnssec\-lookaside \fIstring\fR trust\-anchor \fIstring\fR;
211 dnssec\-must\-be\-secure \fIstring\fR \fIboolean\fR;
212 dialup \fIdialuptype\fR;
213 ixfr\-from\-differences \fIixfrdiff\fR;
214 allow\-query { \fIaddress_match_element\fR; ... };
215 allow\-transfer { \fIaddress_match_element\fR; ... };
216 allow\-update\-forwarding { \fIaddress_match_element\fR; ... };
217 notify \fInotifytype\fR;
218 notify\-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
219 notify\-source\-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
220 also\-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \fIipv6_address\fR )
221 [ port \fIinteger\fR ]; ... };
222 allow\-notify { \fIaddress_match_element\fR; ... };
223 forward ( first | only );
224 forwarders [ port \fIinteger\fR ] {
225 ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ...
227 max\-journal\-size \fIsize_no_default\fR;
228 max\-transfer\-time\-in \fIinteger\fR;
229 max\-transfer\-time\-out \fIinteger\fR;
230 max\-transfer\-idle\-in \fIinteger\fR;
231 max\-transfer\-idle\-out \fIinteger\fR;
232 max\-retry\-time \fIinteger\fR;
233 min\-retry\-time \fIinteger\fR;
234 max\-refresh\-time \fIinteger\fR;
235 min\-refresh\-time \fIinteger\fR;
236 multi\-master \fIboolean\fR;
237 sig\-validity\-interval \fIinteger\fR;
238 transfer\-source ( \fIipv4_address\fR | * )
239 [ port ( \fIinteger\fR | * ) ];
240 transfer\-source\-v6 ( \fIipv6_address\fR | * )
241 [ port ( \fIinteger\fR | * ) ];
242 alt\-transfer\-source ( \fIipv4_address\fR | * )
243 [ port ( \fIinteger\fR | * ) ];
244 alt\-transfer\-source\-v6 ( \fIipv6_address\fR | * )
245 [ port ( \fIinteger\fR | * ) ];
246 use\-alt\-transfer\-source \fIboolean\fR;
247 zone\-statistics \fIboolean\fR;
248 key\-directory \fIquoted_string\fR;
249 allow\-v6\-synthesis { \fIaddress_match_element\fR; ... }; // obsolete
250 deallocate\-on\-exit \fIboolean\fR; // obsolete
251 fake\-iquery \fIboolean\fR; // obsolete
252 fetch\-glue \fIboolean\fR; // obsolete
253 has\-old\-clients \fIboolean\fR; // obsolete
254 maintain\-ixfr\-base \fIboolean\fR; // obsolete
255 max\-ixfr\-log\-size \fIsize\fR; // obsolete
256 multiple\-cnames \fIboolean\fR; // obsolete
257 named\-xfer \fIquoted_string\fR; // obsolete
258 serial\-queries \fIinteger\fR; // obsolete
259 treat\-cr\-as\-space \fIboolean\fR; // obsolete
260 use\-id\-pool \fIboolean\fR; // obsolete
266 view \fIstring\fR \fIoptional_class\fR {
267 match\-clients { \fIaddress_match_element\fR; ... };
268 match\-destinations { \fIaddress_match_element\fR; ... };
269 match\-recursive\-only \fIboolean\fR;
271 algorithm \fIstring\fR;
274 zone \fIstring\fR \fIoptional_class\fR {
277 server ( \fIipv4_address\fR | \fIipv6_address\fR ) {
281 \fIstring\fR \fIinteger\fR \fIinteger\fR \fIinteger\fR \fIquoted_string\fR; ...
283 allow\-recursion { \fIaddress_match_element\fR; ... };
284 sortlist { \fIaddress_match_element\fR; ... };
285 topology { \fIaddress_match_element\fR; ... }; // not implemented
286 auth\-nxdomain \fIboolean\fR; // default changed
287 minimal\-responses \fIboolean\fR;
288 recursion \fIboolean\fR;
290 [ class \fIstring\fR ] [ type \fIstring\fR ]
291 [ name \fIquoted_string\fR ] \fIstring\fR \fIstring\fR; ...
293 provide\-ixfr \fIboolean\fR;
294 request\-ixfr \fIboolean\fR;
295 rfc2308\-type1 \fIboolean\fR; // not yet implemented
296 additional\-from\-auth \fIboolean\fR;
297 additional\-from\-cache \fIboolean\fR;
298 query\-source \fIquerysource4\fR;
299 query\-source\-v6 \fIquerysource6\fR;
300 cleaning\-interval \fIinteger\fR;
301 min\-roots \fIinteger\fR; // not implemented
302 lame\-ttl \fIinteger\fR;
303 max\-ncache\-ttl \fIinteger\fR;
304 max\-cache\-ttl \fIinteger\fR;
305 transfer\-format ( many\-answers | one\-answer );
306 max\-cache\-size \fIsize_no_default\fR;
307 check\-names ( master | slave | response )
308 ( fail | warn | ignore );
309 cache\-file \fIquoted_string\fR;
310 suppress\-initial\-notify \fIboolean\fR; // not yet implemented
311 preferred\-glue \fIstring\fR;
312 dual\-stack\-servers [ port \fIinteger\fR ] {
313 ( \fIquoted_string\fR [port \fIinteger\fR] |
314 \fIipv4_address\fR [port \fIinteger\fR] |
315 \fIipv6_address\fR [port \fIinteger\fR] ); ...
317 edns\-udp\-size \fIinteger\fR;
318 root\-delegation\-only [ exclude { \fIquoted_string\fR; ... } ];
319 disable\-algorithms \fIstring\fR { \fIstring\fR; ... };
320 dnssec\-enable \fIboolean\fR;
321 dnssec\-lookaside \fIstring\fR trust\-anchor \fIstring\fR;
322 dnssec\-must\-be\-secure \fIstring\fR \fIboolean\fR;
323 dialup \fIdialuptype\fR;
324 ixfr\-from\-differences \fIixfrdiff\fR;
325 allow\-query { \fIaddress_match_element\fR; ... };
326 allow\-transfer { \fIaddress_match_element\fR; ... };
327 allow\-update\-forwarding { \fIaddress_match_element\fR; ... };
328 notify \fInotifytype\fR;
329 notify\-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
330 notify\-source\-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
331 also\-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \fIipv6_address\fR )
332 [ port \fIinteger\fR ]; ... };
333 allow\-notify { \fIaddress_match_element\fR; ... };
334 forward ( first | only );
335 forwarders [ port \fIinteger\fR ] {
336 ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ...
338 max\-journal\-size \fIsize_no_default\fR;
339 max\-transfer\-time\-in \fIinteger\fR;
340 max\-transfer\-time\-out \fIinteger\fR;
341 max\-transfer\-idle\-in \fIinteger\fR;
342 max\-transfer\-idle\-out \fIinteger\fR;
343 max\-retry\-time \fIinteger\fR;
344 min\-retry\-time \fIinteger\fR;
345 max\-refresh\-time \fIinteger\fR;
346 min\-refresh\-time \fIinteger\fR;
347 multi\-master \fIboolean\fR;
348 sig\-validity\-interval \fIinteger\fR;
349 transfer\-source ( \fIipv4_address\fR | * )
350 [ port ( \fIinteger\fR | * ) ];
351 transfer\-source\-v6 ( \fIipv6_address\fR | * )
352 [ port ( \fIinteger\fR | * ) ];
353 alt\-transfer\-source ( \fIipv4_address\fR | * )
354 [ port ( \fIinteger\fR | * ) ];
355 alt\-transfer\-source\-v6 ( \fIipv6_address\fR | * )
356 [ port ( \fIinteger\fR | * ) ];
357 use\-alt\-transfer\-source \fIboolean\fR;
358 zone\-statistics \fIboolean\fR;
359 key\-directory \fIquoted_string\fR;
360 allow\-v6\-synthesis { \fIaddress_match_element\fR; ... }; // obsolete
361 fetch\-glue \fIboolean\fR; // obsolete
362 maintain\-ixfr\-base \fIboolean\fR; // obsolete
363 max\-ixfr\-log\-size \fIsize\fR; // obsolete
369 zone \fIstring\fR \fIoptional_class\fR {
370 type ( master | slave | stub | hint |
371 forward | delegation\-only );
372 file \fIquoted_string\fR;
373 masters [ port \fIinteger\fR ] {
375 \fIipv4_address\fR [port \fIinteger\fR] |
376 \fIipv6_address\fR [ port \fIinteger\fR ] ) [ key \fIstring\fR ]; ...
378 database \fIstring\fR;
379 delegation\-only \fIboolean\fR;
380 check\-names ( fail | warn | ignore );
381 dialup \fIdialuptype\fR;
382 ixfr\-from\-differences \fIboolean\fR;
383 allow\-query { \fIaddress_match_element\fR; ... };
384 allow\-transfer { \fIaddress_match_element\fR; ... };
385 allow\-update { \fIaddress_match_element\fR; ... };
386 allow\-update\-forwarding { \fIaddress_match_element\fR; ... };
388 ( grant | deny ) \fIstring\fR
389 ( name | subdomain | wildcard | self ) \fIstring\fR
390 \fIrrtypelist\fR; ...
392 notify \fInotifytype\fR;
393 notify\-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
394 notify\-source\-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
395 also\-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \fIipv6_address\fR )
396 [ port \fIinteger\fR ]; ... };
397 allow\-notify { \fIaddress_match_element\fR; ... };
398 forward ( first | only );
399 forwarders [ port \fIinteger\fR ] {
400 ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ...
402 max\-journal\-size \fIsize_no_default\fR;
403 max\-transfer\-time\-in \fIinteger\fR;
404 max\-transfer\-time\-out \fIinteger\fR;
405 max\-transfer\-idle\-in \fIinteger\fR;
406 max\-transfer\-idle\-out \fIinteger\fR;
407 max\-retry\-time \fIinteger\fR;
408 min\-retry\-time \fIinteger\fR;
409 max\-refresh\-time \fIinteger\fR;
410 min\-refresh\-time \fIinteger\fR;
411 multi\-master \fIboolean\fR;
412 sig\-validity\-interval \fIinteger\fR;
413 transfer\-source ( \fIipv4_address\fR | * )
414 [ port ( \fIinteger\fR | * ) ];
415 transfer\-source\-v6 ( \fIipv6_address\fR | * )
416 [ port ( \fIinteger\fR | * ) ];
417 alt\-transfer\-source ( \fIipv4_address\fR | * )
418 [ port ( \fIinteger\fR | * ) ];
419 alt\-transfer\-source\-v6 ( \fIipv6_address\fR | * )
420 [ port ( \fIinteger\fR | * ) ];
421 use\-alt\-transfer\-source \fIboolean\fR;
422 zone\-statistics \fIboolean\fR;
423 key\-directory \fIquoted_string\fR;
424 ixfr\-base \fIquoted_string\fR; // obsolete
425 ixfr\-tmp\-file \fIquoted_string\fR; // obsolete
426 maintain\-ixfr\-base \fIboolean\fR; // obsolete
427 max\-ixfr\-log\-size \fIsize\fR; // obsolete
428 pubkey \fIinteger\fR \fIinteger\fR \fIinteger\fR \fIquoted_string\fR; // obsolete
433 \fI/etc/named.conf\fR
438 \fBBIND 9 Adminstrators Reference Manual\fR().