1 .\" $NetBSD: named.conf.5,v 1.13 2014/12/10 04:37:51 christos Exp $
3 .\" Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC")
5 .\" Permission to use, copy, modify, and/or distribute this software for any
6 .\" purpose with or without fee is hereby granted, provided that the above
7 .\" copyright notice and this permission notice appear in all copies.
9 .\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
10 .\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
11 .\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
12 .\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
13 .\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14 .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
15 .\" PERFORMANCE OF THIS SOFTWARE.
21 .\" Title: \fInamed.conf\fR
23 .\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/>
24 .\" Date: January 08, 2014
28 .TH "\fINAMED.CONF\fR" "5" "January 08, 2014" "BIND9" "BIND9"
29 .\" disable hyphenation
31 .\" disable justification (adjust text to left margin only)
34 named.conf \- configuration file for named
41 is the configuration file for
42 \fBnamed\fR. Statements are enclosed in braces and terminated with a semi\-colon. Clauses in the statements are also semi\-colon terminated. The usual comment styles are supported:
46 C++ style: // to end of line
48 Unix style: # to end of line
53 acl \fIstring\fR { \fIaddress_match_element\fR; ... };
60 key \fIdomain_name\fR {
61 algorithm \fIstring\fR;
70 masters \fIstring\fR [ port \fIinteger\fR ] {
71 ( \fImasters\fR | \fIipv4_address\fR [port \fIinteger\fR] |
72 \fIipv6_address\fR [port \fIinteger\fR] ) [ key \fIstring\fR ]; ...
80 server ( \fIipv4_address\fR\fI[/prefixlen]\fR | \fIipv6_address\fR\fI[/prefixlen]\fR ) {
83 edns\-udp\-size \fIinteger\fR;
84 max\-udp\-size \fIinteger\fR;
85 provide\-ixfr \fIboolean\fR;
86 request\-ixfr \fIboolean\fR;
87 keys \fIserver_key\fR;
88 transfers \fIinteger\fR;
89 transfer\-format ( many\-answers | one\-answer );
90 transfer\-source ( \fIipv4_address\fR | * )
91 [ port ( \fIinteger\fR | * ) ];
92 transfer\-source\-v6 ( \fIipv6_address\fR | * )
93 [ port ( \fIinteger\fR | * ) ];
94 support\-ixfr \fIboolean\fR; // obsolete
103 \fIdomain_name\fR \fIflags\fR \fIprotocol\fR \fIalgorithm\fR \fIkey\fR; ...
112 \fIdomain_name\fR \fBinitial\-key\fR \fIflags\fR \fIprotocol\fR \fIalgorithm\fR \fIkey\fR; ...
121 inet ( \fIipv4_address\fR | \fIipv6_address\fR | * )
122 [ port ( \fIinteger\fR | * ) ]
123 allow { \fIaddress_match_element\fR; ... }
124 [ keys { \fIstring\fR; ... } ];
125 unix \fIunsupported\fR; // not implemented
134 channel \fIstring\fR {
136 syslog \fIoptional_facility\fR;
139 severity \fIlog_severity\fR;
140 print\-time \fIboolean\fR;
141 print\-severity \fIboolean\fR;
142 print\-category \fIboolean\fR;
144 category \fIstring\fR { \fIstring\fR; ... };
153 listen\-on [ port \fIinteger\fR ] {
154 ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ...
156 view \fIstring\fR \fIoptional_class\fR;
157 search { \fIstring\fR; ... };
167 avoid\-v4\-udp\-ports { \fIport\fR; ... };
168 avoid\-v6\-udp\-ports { \fIport\fR; ... };
169 blackhole { \fIaddress_match_element\fR; ... };
172 directory \fIquoted_string\fR;
173 dump\-file \fIquoted_string\fR;
175 heartbeat\-interval \fIinteger\fR;
176 host\-statistics \fIboolean\fR; // not implemented
177 host\-statistics\-max \fInumber\fR; // not implemented
178 hostname ( \fIquoted_string\fR | none );
179 interface\-interval \fIinteger\fR;
180 listen\-on [ port \fIinteger\fR ] { \fIaddress_match_element\fR; ... };
181 listen\-on\-v6 [ port \fIinteger\fR ] { \fIaddress_match_element\fR; ... };
182 match\-mapped\-addresses \fIboolean\fR;
183 memstatistics\-file \fIquoted_string\fR;
184 pid\-file ( \fIquoted_string\fR | none );
186 querylog \fIboolean\fR;
187 recursing\-file \fIquoted_string\fR;
188 reserved\-sockets \fIinteger\fR;
189 random\-device \fIquoted_string\fR;
190 recursive\-clients \fIinteger\fR;
191 serial\-query\-rate \fIinteger\fR;
192 server\-id ( \fIquoted_string\fR | hostname | none );
193 stacksize \fIsize\fR;
194 statistics\-file \fIquoted_string\fR;
195 statistics\-interval \fIinteger\fR; // not yet implemented
196 tcp\-clients \fIinteger\fR;
197 tcp\-listen\-queue \fIinteger\fR;
198 tkey\-dhkey \fIquoted_string\fR \fIinteger\fR;
199 tkey\-gssapi\-credential \fIquoted_string\fR;
200 tkey\-gssapi\-keytab \fIquoted_string\fR;
201 tkey\-domain \fIquoted_string\fR;
202 transfers\-per\-ns \fIinteger\fR;
203 transfers\-in \fIinteger\fR;
204 transfers\-out \fIinteger\fR;
205 use\-ixfr \fIboolean\fR;
206 version ( \fIquoted_string\fR | none );
207 allow\-recursion { \fIaddress_match_element\fR; ... };
208 allow\-recursion\-on { \fIaddress_match_element\fR; ... };
209 sortlist { \fIaddress_match_element\fR; ... };
210 topology { \fIaddress_match_element\fR; ... }; // not implemented
211 auth\-nxdomain \fIboolean\fR; // default changed
212 minimal\-responses \fIboolean\fR;
213 recursion \fIboolean\fR;
215 [ class \fIstring\fR ] [ type \fIstring\fR ]
216 [ name \fIquoted_string\fR ] \fIstring\fR \fIstring\fR; ...
218 provide\-ixfr \fIboolean\fR;
219 request\-ixfr \fIboolean\fR;
220 rfc2308\-type1 \fIboolean\fR; // not yet implemented
221 additional\-from\-auth \fIboolean\fR;
222 additional\-from\-cache \fIboolean\fR;
223 query\-source ( ( \fIipv4_address\fR | * ) | [ address ( \fIipv4_address\fR | * ) ] ) [ port ( \fIinteger\fR | * ) ];
224 query\-source\-v6 ( ( \fIipv6_address\fR | * ) | [ address ( \fIipv6_address\fR | * ) ] ) [ port ( \fIinteger\fR | * ) ];
225 use\-queryport\-pool \fIboolean\fR;
226 queryport\-pool\-ports \fIinteger\fR;
227 queryport\-pool\-updateinterval \fIinteger\fR;
228 cleaning\-interval \fIinteger\fR;
229 resolver\-query\-timeout \fIinteger\fR;
230 min\-roots \fIinteger\fR; // not implemented
231 lame\-ttl \fIinteger\fR;
232 max\-ncache\-ttl \fIinteger\fR;
233 max\-cache\-ttl \fIinteger\fR;
234 transfer\-format ( many\-answers | one\-answer );
235 max\-cache\-size \fIsize\fR;
236 max\-acache\-size \fIsize\fR;
237 clients\-per\-query \fInumber\fR;
238 max\-clients\-per\-query \fInumber\fR;
239 check\-names ( master | slave | response )
240 ( fail | warn | ignore );
241 check\-mx ( fail | warn | ignore );
242 check\-integrity \fIboolean\fR;
243 check\-mx\-cname ( fail | warn | ignore );
244 check\-srv\-cname ( fail | warn | ignore );
245 cache\-file \fIquoted_string\fR; // test option
246 suppress\-initial\-notify \fIboolean\fR; // not yet implemented
247 preferred\-glue \fIstring\fR;
248 dual\-stack\-servers [ port \fIinteger\fR ] {
249 ( \fIquoted_string\fR [port \fIinteger\fR] |
250 \fIipv4_address\fR [port \fIinteger\fR] |
251 \fIipv6_address\fR [port \fIinteger\fR] ); ...
253 edns\-udp\-size \fIinteger\fR;
254 max\-udp\-size \fIinteger\fR;
255 root\-delegation\-only [ exclude { \fIquoted_string\fR; ... } ];
256 disable\-algorithms \fIstring\fR { \fIstring\fR; ... };
257 disable\-ds\-digests \fIstring\fR { \fIstring\fR; ... };
258 dnssec\-enable \fIboolean\fR;
259 dnssec\-validation \fIboolean\fR;
260 dnssec\-lookaside ( \fIauto\fR | \fIno\fR | \fIdomain\fR trust\-anchor \fIdomain\fR );
261 dnssec\-must\-be\-secure \fIstring\fR \fIboolean\fR;
262 dnssec\-accept\-expired \fIboolean\fR;
263 dns64\-server \fIstring\fR;
264 dns64\-contact \fIstring\fR;
266 clients { <replacable>acl</replacable>; };
267 exclude { <replacable>acl</replacable>; };
268 mapped { <replacable>acl</replacable>; };
269 break\-dnssec \fIboolean\fR;
270 recursive\-only \fIboolean\fR;
271 suffix \fIipv6_address\fR;
273 empty\-server \fIstring\fR;
274 empty\-contact \fIstring\fR;
275 empty\-zones\-enable \fIboolean\fR;
276 disable\-empty\-zone \fIstring\fR;
277 dialup \fIdialuptype\fR;
278 ixfr\-from\-differences \fIixfrdiff\fR;
279 allow\-query { \fIaddress_match_element\fR; ... };
280 allow\-query\-on { \fIaddress_match_element\fR; ... };
281 allow\-query\-cache { \fIaddress_match_element\fR; ... };
282 allow\-query\-cache\-on { \fIaddress_match_element\fR; ... };
283 allow\-transfer { \fIaddress_match_element\fR; ... };
284 allow\-update { \fIaddress_match_element\fR; ... };
285 allow\-update\-forwarding { \fIaddress_match_element\fR; ... };
286 update\-check\-ksk \fIboolean\fR;
287 dnssec\-dnskey\-kskonly \fIboolean\fR;
288 masterfile\-format ( text | raw | map );
289 notify \fInotifytype\fR;
290 notify\-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
291 notify\-source\-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
292 notify\-delay \fIseconds\fR;
293 notify\-to\-soa \fIboolean\fR;
294 also\-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \fIipv6_address\fR )
295 [ port \fIinteger\fR ]; ...
296 [ key \fIkeyname\fR ] ... };
297 allow\-notify { \fIaddress_match_element\fR; ... };
298 forward ( first | only );
299 forwarders [ port \fIinteger\fR ] {
300 ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ...
302 max\-journal\-size \fIsize_no_default\fR;
303 max\-transfer\-time\-in \fIinteger\fR;
304 max\-transfer\-time\-out \fIinteger\fR;
305 max\-transfer\-idle\-in \fIinteger\fR;
306 max\-transfer\-idle\-out \fIinteger\fR;
307 max\-retry\-time \fIinteger\fR;
308 min\-retry\-time \fIinteger\fR;
309 max\-refresh\-time \fIinteger\fR;
310 min\-refresh\-time \fIinteger\fR;
311 multi\-master \fIboolean\fR;
312 sig\-validity\-interval \fIinteger\fR;
313 sig\-re\-signing\-interval \fIinteger\fR;
314 sig\-signing\-nodes \fIinteger\fR;
315 sig\-signing\-signatures \fIinteger\fR;
316 sig\-signing\-type \fIinteger\fR;
317 transfer\-source ( \fIipv4_address\fR | * )
318 [ port ( \fIinteger\fR | * ) ];
319 transfer\-source\-v6 ( \fIipv6_address\fR | * )
320 [ port ( \fIinteger\fR | * ) ];
321 alt\-transfer\-source ( \fIipv4_address\fR | * )
322 [ port ( \fIinteger\fR | * ) ];
323 alt\-transfer\-source\-v6 ( \fIipv6_address\fR | * )
324 [ port ( \fIinteger\fR | * ) ];
325 use\-alt\-transfer\-source \fIboolean\fR;
326 zone\-statistics \fIboolean\fR;
327 key\-directory \fIquoted_string\fR;
328 managed\-keys\-directory \fIquoted_string\fR;
329 auto\-dnssec \fBallow\fR|\fBmaintain\fR|\fBoff\fR;
330 try\-tcp\-refresh \fIboolean\fR;
331 zero\-no\-soa\-ttl \fIboolean\fR;
332 zero\-no\-soa\-ttl\-cache \fIboolean\fR;
333 dnssec\-secure\-to\-insecure \fIboolean\fR;
334 deny\-answer\-addresses {
335 \fIaddress_match_list\fR
336 } [ except\-from { \fInamelist\fR } ];
337 deny\-answer\-aliases {
339 } [ except\-from { \fInamelist\fR } ];
340 nsec3\-test\-zone \fIboolean\fR; // testing only
341 allow\-v6\-synthesis { \fIaddress_match_element\fR; ... }; // obsolete
342 deallocate\-on\-exit \fIboolean\fR; // obsolete
343 fake\-iquery \fIboolean\fR; // obsolete
344 fetch\-glue \fIboolean\fR; // obsolete
345 has\-old\-clients \fIboolean\fR; // obsolete
346 maintain\-ixfr\-base \fIboolean\fR; // obsolete
347 max\-ixfr\-log\-size \fIsize\fR; // obsolete
348 multiple\-cnames \fIboolean\fR; // obsolete
349 named\-xfer \fIquoted_string\fR; // obsolete
350 serial\-queries \fIinteger\fR; // obsolete
351 treat\-cr\-as\-space \fIboolean\fR; // obsolete
352 use\-id\-pool \fIboolean\fR; // obsolete
360 view \fIstring\fR \fIoptional_class\fR {
361 match\-clients { \fIaddress_match_element\fR; ... };
362 match\-destinations { \fIaddress_match_element\fR; ... };
363 match\-recursive\-only \fIboolean\fR;
365 algorithm \fIstring\fR;
368 zone \fIstring\fR \fIoptional_class\fR {
371 server ( \fIipv4_address\fR\fI[/prefixlen]\fR | \fIipv6_address\fR\fI[/prefixlen]\fR ) {
375 \fIstring\fR \fIinteger\fR \fIinteger\fR \fIinteger\fR \fIquoted_string\fR;
378 allow\-recursion { \fIaddress_match_element\fR; ... };
379 allow\-recursion\-on { \fIaddress_match_element\fR; ... };
380 sortlist { \fIaddress_match_element\fR; ... };
381 topology { \fIaddress_match_element\fR; ... }; // not implemented
382 auth\-nxdomain \fIboolean\fR; // default changed
383 minimal\-responses \fIboolean\fR;
384 recursion \fIboolean\fR;
386 [ class \fIstring\fR ] [ type \fIstring\fR ]
387 [ name \fIquoted_string\fR ] \fIstring\fR \fIstring\fR; ...
389 provide\-ixfr \fIboolean\fR;
390 request\-ixfr \fIboolean\fR;
391 rfc2308\-type1 \fIboolean\fR; // not yet implemented
392 additional\-from\-auth \fIboolean\fR;
393 additional\-from\-cache \fIboolean\fR;
394 query\-source ( ( \fIipv4_address\fR | * ) | [ address ( \fIipv4_address\fR | * ) ] ) [ port ( \fIinteger\fR | * ) ];
395 query\-source\-v6 ( ( \fIipv6_address\fR | * ) | [ address ( \fIipv6_address\fR | * ) ] ) [ port ( \fIinteger\fR | * ) ];
396 use\-queryport\-pool \fIboolean\fR;
397 queryport\-pool\-ports \fIinteger\fR;
398 queryport\-pool\-updateinterval \fIinteger\fR;
399 cleaning\-interval \fIinteger\fR;
400 resolver\-query\-timeout \fIinteger\fR;
401 min\-roots \fIinteger\fR; // not implemented
402 lame\-ttl \fIinteger\fR;
403 max\-ncache\-ttl \fIinteger\fR;
404 max\-cache\-ttl \fIinteger\fR;
405 transfer\-format ( many\-answers | one\-answer );
406 max\-cache\-size \fIsize\fR;
407 max\-acache\-size \fIsize\fR;
408 clients\-per\-query \fInumber\fR;
409 max\-clients\-per\-query \fInumber\fR;
410 check\-names ( master | slave | response )
411 ( fail | warn | ignore );
412 check\-mx ( fail | warn | ignore );
413 check\-integrity \fIboolean\fR;
414 check\-mx\-cname ( fail | warn | ignore );
415 check\-srv\-cname ( fail | warn | ignore );
416 cache\-file \fIquoted_string\fR; // test option
417 suppress\-initial\-notify \fIboolean\fR; // not yet implemented
418 preferred\-glue \fIstring\fR;
419 dual\-stack\-servers [ port \fIinteger\fR ] {
420 ( \fIquoted_string\fR [port \fIinteger\fR] |
421 \fIipv4_address\fR [port \fIinteger\fR] |
422 \fIipv6_address\fR [port \fIinteger\fR] ); ...
424 edns\-udp\-size \fIinteger\fR;
425 max\-udp\-size \fIinteger\fR;
426 root\-delegation\-only [ exclude { \fIquoted_string\fR; ... } ];
427 disable\-algorithms \fIstring\fR { \fIstring\fR; ... };
428 disable\-ds\-digests \fIstring\fR { \fIstring\fR; ... };
429 dnssec\-enable \fIboolean\fR;
430 dnssec\-validation \fIboolean\fR;
431 dnssec\-lookaside ( \fIauto\fR | \fIno\fR | \fIdomain\fR trust\-anchor \fIdomain\fR );
432 dnssec\-must\-be\-secure \fIstring\fR \fIboolean\fR;
433 dnssec\-accept\-expired \fIboolean\fR;
434 dns64\-server \fIstring\fR;
435 dns64\-contact \fIstring\fR;
437 clients { <replacable>acl</replacable>; };
438 exclude { <replacable>acl</replacable>; };
439 mapped { <replacable>acl</replacable>; };
440 break\-dnssec \fIboolean\fR;
441 recursive\-only \fIboolean\fR;
442 suffix \fIipv6_address\fR;
444 empty\-server \fIstring\fR;
445 empty\-contact \fIstring\fR;
446 empty\-zones\-enable \fIboolean\fR;
447 disable\-empty\-zone \fIstring\fR;
448 dialup \fIdialuptype\fR;
449 ixfr\-from\-differences \fIixfrdiff\fR;
450 allow\-query { \fIaddress_match_element\fR; ... };
451 allow\-query\-on { \fIaddress_match_element\fR; ... };
452 allow\-query\-cache { \fIaddress_match_element\fR; ... };
453 allow\-query\-cache\-on { \fIaddress_match_element\fR; ... };
454 allow\-transfer { \fIaddress_match_element\fR; ... };
455 allow\-update { \fIaddress_match_element\fR; ... };
456 allow\-update\-forwarding { \fIaddress_match_element\fR; ... };
457 update\-check\-ksk \fIboolean\fR;
458 dnssec\-dnskey\-kskonly \fIboolean\fR;
459 masterfile\-format ( text | raw | map );
460 notify \fInotifytype\fR;
461 notify\-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
462 notify\-source\-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
463 notify\-delay \fIseconds\fR;
464 notify\-to\-soa \fIboolean\fR;
465 also\-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \fIipv6_address\fR )
466 [ port \fIinteger\fR ]; ...
467 [ key \fIkeyname\fR ] ... };
468 allow\-notify { \fIaddress_match_element\fR; ... };
469 forward ( first | only );
470 forwarders [ port \fIinteger\fR ] {
471 ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ...
473 max\-journal\-size \fIsize_no_default\fR;
474 max\-transfer\-time\-in \fIinteger\fR;
475 max\-transfer\-time\-out \fIinteger\fR;
476 max\-transfer\-idle\-in \fIinteger\fR;
477 max\-transfer\-idle\-out \fIinteger\fR;
478 max\-retry\-time \fIinteger\fR;
479 min\-retry\-time \fIinteger\fR;
480 max\-refresh\-time \fIinteger\fR;
481 min\-refresh\-time \fIinteger\fR;
482 multi\-master \fIboolean\fR;
483 sig\-validity\-interval \fIinteger\fR;
484 transfer\-source ( \fIipv4_address\fR | * )
485 [ port ( \fIinteger\fR | * ) ];
486 transfer\-source\-v6 ( \fIipv6_address\fR | * )
487 [ port ( \fIinteger\fR | * ) ];
488 alt\-transfer\-source ( \fIipv4_address\fR | * )
489 [ port ( \fIinteger\fR | * ) ];
490 alt\-transfer\-source\-v6 ( \fIipv6_address\fR | * )
491 [ port ( \fIinteger\fR | * ) ];
492 use\-alt\-transfer\-source \fIboolean\fR;
493 zone\-statistics \fIboolean\fR;
494 try\-tcp\-refresh \fIboolean\fR;
495 key\-directory \fIquoted_string\fR;
496 zero\-no\-soa\-ttl \fIboolean\fR;
497 zero\-no\-soa\-ttl\-cache \fIboolean\fR;
498 dnssec\-secure\-to\-insecure \fIboolean\fR;
499 allow\-v6\-synthesis { \fIaddress_match_element\fR; ... }; // obsolete
500 fetch\-glue \fIboolean\fR; // obsolete
501 maintain\-ixfr\-base \fIboolean\fR; // obsolete
502 max\-ixfr\-log\-size \fIsize\fR; // obsolete
510 zone \fIstring\fR \fIoptional_class\fR {
511 type ( master | slave | stub | hint | redirect |
512 forward | delegation\-only );
513 file \fIquoted_string\fR;
514 masters [ port \fIinteger\fR ] {
516 \fIipv4_address\fR [port \fIinteger\fR] |
517 \fIipv6_address\fR [ port \fIinteger\fR ] ) [ key \fIstring\fR ]; ...
519 database \fIstring\fR;
520 delegation\-only \fIboolean\fR;
521 check\-names ( fail | warn | ignore );
522 check\-mx ( fail | warn | ignore );
523 check\-integrity \fIboolean\fR;
524 check\-mx\-cname ( fail | warn | ignore );
525 check\-srv\-cname ( fail | warn | ignore );
526 dialup \fIdialuptype\fR;
527 ixfr\-from\-differences \fIboolean\fR;
528 journal \fIquoted_string\fR;
529 zero\-no\-soa\-ttl \fIboolean\fR;
530 dnssec\-secure\-to\-insecure \fIboolean\fR;
531 allow\-query { \fIaddress_match_element\fR; ... };
532 allow\-query\-on { \fIaddress_match_element\fR; ... };
533 allow\-transfer { \fIaddress_match_element\fR; ... };
534 allow\-update { \fIaddress_match_element\fR; ... };
535 allow\-update\-forwarding { \fIaddress_match_element\fR; ... };
536 update\-policy \fIlocal\fR | \fI {
537 ( grant | deny ) \fR\fI\fIstring\fR\fR\fI
538 ( name | subdomain | wildcard | self | selfsub | selfwild |
539 krb5\-self | ms\-self | krb5\-subdomain | ms\-subdomain |
540 tcp\-self | zonesub | 6to4\-self ) \fR\fI\fIstring\fR\fR\fI
541 \fR\fI\fIrrtypelist\fR\fR\fI;
544 update\-check\-ksk \fIboolean\fR;
545 dnssec\-dnskey\-kskonly \fIboolean\fR;
546 masterfile\-format ( text | raw | map );
547 notify \fInotifytype\fR;
548 notify\-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
549 notify\-source\-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
550 notify\-delay \fIseconds\fR;
551 notify\-to\-soa \fIboolean\fR;
552 also\-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \fIipv6_address\fR )
553 [ port \fIinteger\fR ]; ...
554 [ key \fIkeyname\fR ] ... };
555 allow\-notify { \fIaddress_match_element\fR; ... };
556 forward ( first | only );
557 forwarders [ port \fIinteger\fR ] {
558 ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ...
560 max\-journal\-size \fIsize_no_default\fR;
561 max\-transfer\-time\-in \fIinteger\fR;
562 max\-transfer\-time\-out \fIinteger\fR;
563 max\-transfer\-idle\-in \fIinteger\fR;
564 max\-transfer\-idle\-out \fIinteger\fR;
565 max\-retry\-time \fIinteger\fR;
566 min\-retry\-time \fIinteger\fR;
567 max\-refresh\-time \fIinteger\fR;
568 min\-refresh\-time \fIinteger\fR;
569 multi\-master \fIboolean\fR;
570 request\-ixfr \fIboolean\fR;
571 sig\-validity\-interval \fIinteger\fR;
572 transfer\-source ( \fIipv4_address\fR | * )
573 [ port ( \fIinteger\fR | * ) ];
574 transfer\-source\-v6 ( \fIipv6_address\fR | * )
575 [ port ( \fIinteger\fR | * ) ];
576 alt\-transfer\-source ( \fIipv4_address\fR | * )
577 [ port ( \fIinteger\fR | * ) ];
578 alt\-transfer\-source\-v6 ( \fIipv6_address\fR | * )
579 [ port ( \fIinteger\fR | * ) ];
580 use\-alt\-transfer\-source \fIboolean\fR;
581 zone\-statistics \fIboolean\fR;
582 try\-tcp\-refresh \fIboolean\fR;
583 key\-directory \fIquoted_string\fR;
584 nsec3\-test\-zone \fIboolean\fR; // testing only
585 ixfr\-base \fIquoted_string\fR; // obsolete
586 ixfr\-tmp\-file \fIquoted_string\fR; // obsolete
587 maintain\-ixfr\-base \fIboolean\fR; // obsolete
588 max\-ixfr\-log\-size \fIsize\fR; // obsolete
589 pubkey \fIinteger\fR \fIinteger\fR \fIinteger\fR \fIquoted_string\fR; // obsolete
595 \fI/etc/named.conf\fR
599 \fBnamed\-checkconf\fR(8),
601 BIND 9 Administrator Reference Manual.
603 Copyright \(co 2004\-2014 Internet Systems Consortium, Inc. ("ISC")