| blob | bc28ace7165980faa544a7598c4bf90108f7b1f8 |
2 This is a summary of the named.conf options supported by
3 this version of BIND 9.
5 acl <string> { <address_match_element>; ... };
7 controls {
8 inet ( <ipv4_address> | <ipv6_address> | * ) [ port ( <integer> | *
9 ) ] allow { <address_match_element>; ... } [ keys { <string>;
10 ... } ];
11 unix <quoted_string> perm <integer> owner <integer> group <integer>
12 [ keys { <string>; ... } ];
13 };
15 dlz <string> {
16 database <string>;
17 };
19 key <string> {
20 algorithm <string>;
21 secret <string>;
22 };
24 logging {
25 category <string> { <string>; ... };
26 channel <string> {
27 file <quoted_string> [ versions ( "unlimited" | <integer> )
28 ] [ size <size> ];
29 null;
30 print-category <boolean>;
31 print-severity <boolean>;
32 print-time <boolean>;
33 severity <log_severity>;
34 stderr;
35 syslog <optional_facility>;
36 };
37 };
39 lwres {
40 listen-on [ port <integer> ] { ( <ipv4_address> | <ipv6_address> )
41 [ port <integer> ]; ... };
42 ndots <integer>;
43 search { <string>; ... };
44 view <string> <optional_class>;
45 };
47 managed-keys { <string> <string> <integer> <integer> <integer>
48 <quoted_string>; ... };
50 masters <string> [ port <integer> ] { ( <masters> | <ipv4_address> [ port
51 <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ]; ... };
53 options {
54 acache-cleaning-interval <integer>;
55 acache-enable <boolean>;
56 additional-from-auth <boolean>;
57 additional-from-cache <boolean>;
58 allow-notify { <address_match_element>; ... };
59 allow-query { <address_match_element>; ... };
60 allow-query-cache { <address_match_element>; ... };
61 allow-query-cache-on { <address_match_element>; ... };
62 allow-query-on { <address_match_element>; ... };
63 allow-recursion { <address_match_element>; ... };
64 allow-recursion-on { <address_match_element>; ... };
65 allow-transfer { <address_match_element>; ... };
66 allow-update { <address_match_element>; ... };
67 allow-update-forwarding { <address_match_element>; ... };
68 allow-v6-synthesis { <address_match_element>; ... }; // obsolete
69 also-notify [ port <integer> ] { ( <ipv4_address> | <ipv6_address>
70 ) [ port <integer> ]; ... };
71 alt-transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
72 alt-transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> |
73 * ) ];
74 attach-cache <string>;
75 auth-nxdomain <boolean>; // default changed
76 avoid-v4-udp-ports { <portrange>; ... };
77 avoid-v6-udp-ports { <portrange>; ... };
78 bindkeys-file <quoted_string>;
79 blackhole { <address_match_element>; ... };
80 cache-file <quoted_string>;
81 check-dup-records ( fail | warn | ignore );
82 check-integrity <boolean>;
83 check-mx ( fail | warn | ignore );
84 check-mx-cname ( fail | warn | ignore );
85 check-names ( master | slave | response ) ( fail | warn | ignore );
86 check-sibling <boolean>;
87 check-srv-cname ( fail | warn | ignore );
88 check-wildcard <boolean>;
89 cleaning-interval <integer>;
90 clients-per-query <integer>;
91 coresize <size>;
92 datasize <size>;
93 deallocate-on-exit <boolean>; // obsolete
94 deny-answer-addresses { <address_match_element>; ... } [
95 except-from { <quoted_string>; ... } ];
96 deny-answer-aliases { <quoted_string>; ... } [ except-from {
97 <quoted_string>; ... } ];
98 dialup <dialuptype>;
99 directory <quoted_string>;
100 disable-algorithms <string> { <string>; ... };
101 disable-empty-zone <string>;
102 dnssec-accept-expired <boolean>;
103 dnssec-dnskey-kskonly <boolean>;
104 dnssec-enable <boolean>;
105 dnssec-lookaside <string> trust-anchor <string>;
106 dnssec-must-be-secure <string> <boolean>;
107 dnssec-secure-to-insecure <boolean>;
108 dnssec-validation <boolean>;
109 dual-stack-servers [ port <integer> ] { ( <quoted_string> [ port
110 <integer> ] | <ipv4_address> [ port <integer> ] |
111 <ipv6_address> [ port <integer> ] ); ... };
112 dump-file <quoted_string>;
113 edns-udp-size <integer>;
114 empty-contact <string>;
115 empty-server <string>;
116 empty-zones-enable <boolean>;
117 fake-iquery <boolean>; // obsolete
118 fetch-glue <boolean>; // obsolete
119 files <size>;
120 flush-zones-on-shutdown <boolean>;
121 forward ( first | only );
122 forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> )
123 [ port <integer> ]; ... };
124 has-old-clients <boolean>; // obsolete
125 heartbeat-interval <integer>;
126 host-statistics <boolean>; // not implemented
127 host-statistics-max <integer>; // not implemented
128 hostname ( <quoted_string> | none );
129 interface-interval <integer>;
130 ixfr-from-differences <ixfrdiff>;
131 key-directory <quoted_string>;
132 lame-ttl <integer>;
133 listen-on [ port <integer> ] { <address_match_element>; ... };
134 listen-on-v6 [ port <integer> ] { <address_match_element>; ... };
135 maintain-ixfr-base <boolean>; // obsolete
136 masterfile-format ( text | raw );
137 match-mapped-addresses <boolean>;
138 max-acache-size <size_no_default>;
139 max-cache-size <size_no_default>;
140 max-cache-ttl <integer>;
141 max-clients-per-query <integer>;
142 max-ixfr-log-size <size>; // obsolete
143 max-journal-size <size_no_default>;
144 max-ncache-ttl <integer>;
145 max-refresh-time <integer>;
146 max-retry-time <integer>;
147 max-transfer-idle-in <integer>;
148 max-transfer-idle-out <integer>;
149 max-transfer-time-in <integer>;
150 max-transfer-time-out <integer>;
151 max-udp-size <integer>;
152 memstatistics <boolean>;
153 memstatistics-file <quoted_string>;
154 min-refresh-time <integer>;
155 min-retry-time <integer>;
156 min-roots <integer>; // not implemented
157 minimal-responses <boolean>;
158 multi-master <boolean>;
159 multiple-cnames <boolean>; // obsolete
160 named-xfer <quoted_string>; // obsolete
161 notify <notifytype>;
162 notify-delay <integer>;
163 notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
164 notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
165 notify-to-soa <boolean>;
166 nsec3-test-zone <boolean>; // test only
167 pid-file ( <quoted_string> | none );
168 port <integer>;
169 preferred-glue <string>;
170 provide-ixfr <boolean>;
171 query-source <querysource4>;
172 query-source-v6 <querysource6>;
173 querylog <boolean>;
174 queryport-pool-ports <integer>; // obsolete
175 queryport-pool-updateinterval <integer>; // obsolete
176 random-device <quoted_string>;
177 recursing-file <quoted_string>;
178 recursion <boolean>;
179 recursive-clients <integer>;
180 request-ixfr <boolean>;
181 request-nsid <boolean>;
182 reserved-sockets <integer>;
183 rfc2308-type1 <boolean>; // not yet implemented
184 root-delegation-only [ exclude { <quoted_string>; ... } ];
185 rrset-order { [ class <string> ] [ type <string> ] [ name
186 <quoted_string> ] <string> <string>; ... };
187 serial-queries <integer>; // obsolete
188 serial-query-rate <integer>;
189 server-id ( <quoted_string> | none |;
190 session-keyalg <string>;
191 session-keyfile ( <quoted_string> | none );
192 session-keyname <string>;
193 sig-signing-nodes <integer>;
194 sig-signing-signatures <integer>;
195 sig-signing-type <integer>;
196 sig-validity-interval <integer> [ <integer> ];
197 sortlist { <address_match_element>; ... };
198 stacksize <size>;
199 statistics-file <quoted_string>;
200 statistics-interval <integer>; // not yet implemented
201 suppress-initial-notify <boolean>; // not yet implemented
202 tcp-clients <integer>;
203 tcp-listen-queue <integer>;
204 tkey-dhkey <quoted_string> <integer>;
205 tkey-domain <quoted_string>;
206 tkey-gssapi-credential <quoted_string>;
207 topology { <address_match_element>; ... }; // not implemented
208 transfer-format ( many-answers | one-answer );
209 transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
210 transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
211 transfers-in <integer>;
212 transfers-out <integer>;
213 transfers-per-ns <integer>;
214 treat-cr-as-space <boolean>; // obsolete
215 try-tcp-refresh <boolean>;
216 update-check-ksk <boolean>;
217 use-alt-transfer-source <boolean>;
218 use-id-pool <boolean>; // obsolete
219 use-ixfr <boolean>;
220 use-queryport-pool <boolean>; // obsolete
221 use-v4-udp-ports { <portrange>; ... };
222 use-v6-udp-ports { <portrange>; ... };
223 version ( <quoted_string> | none );
224 zero-no-soa-ttl <boolean>;
225 zero-no-soa-ttl-cache <boolean>;
226 zone-statistics <boolean>;
227 };
229 server <netprefix> {
230 bogus <boolean>;
231 edns <boolean>;
232 edns-udp-size <integer>;
233 keys <server_key>;
234 max-udp-size <integer>;
235 notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
236 notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
237 provide-ixfr <boolean>;
238 query-source <querysource4>;
239 query-source-v6 <querysource6>;
240 request-ixfr <boolean>;
241 support-ixfr <boolean>; // obsolete
242 transfer-format ( many-answers | one-answer );
243 transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
244 transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
245 transfers <integer>;
246 };
248 statistics-channels {
249 inet ( <ipv4_address> | <ipv6_address> | * ) [ port ( <integer> | *
250 ) ] [ allow { <address_match_element>; ... } ];
251 };
253 trusted-keys { <string> <integer> <integer> <integer> <quoted_string>; ... };
255 view <string> <optional_class> {
256 acache-cleaning-interval <integer>;
257 acache-enable <boolean>;
258 additional-from-auth <boolean>;
259 additional-from-cache <boolean>;
260 allow-notify { <address_match_element>; ... };
261 allow-query { <address_match_element>; ... };
262 allow-query-cache { <address_match_element>; ... };
263 allow-query-cache-on { <address_match_element>; ... };
264 allow-query-on { <address_match_element>; ... };
265 allow-recursion { <address_match_element>; ... };
266 allow-recursion-on { <address_match_element>; ... };
267 allow-transfer { <address_match_element>; ... };
268 allow-update { <address_match_element>; ... };
269 allow-update-forwarding { <address_match_element>; ... };
270 allow-v6-synthesis { <address_match_element>; ... }; // obsolete
271 also-notify [ port <integer> ] { ( <ipv4_address> | <ipv6_address>
272 ) [ port <integer> ]; ... };
273 alt-transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
274 alt-transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> |
275 * ) ];
276 attach-cache <string>;
277 auth-nxdomain <boolean>; // default changed
278 cache-file <quoted_string>;
279 check-dup-records ( fail | warn | ignore );
280 check-integrity <boolean>;
281 check-mx ( fail | warn | ignore );
282 check-mx-cname ( fail | warn | ignore );
283 check-names ( master | slave | response ) ( fail | warn | ignore );
284 check-sibling <boolean>;
285 check-srv-cname ( fail | warn | ignore );
286 check-wildcard <boolean>;
287 cleaning-interval <integer>;
288 clients-per-query <integer>;
289 database <string>;
290 deny-answer-addresses { <address_match_element>; ... } [
291 except-from { <quoted_string>; ... } ];
292 deny-answer-aliases { <quoted_string>; ... } [ except-from {
293 <quoted_string>; ... } ];
294 dialup <dialuptype>;
295 disable-algorithms <string> { <string>; ... };
296 disable-empty-zone <string>;
297 dlz <string> {
298 database <string>;
299 };
300 dnssec-accept-expired <boolean>;
301 dnssec-dnskey-kskonly <boolean>;
302 dnssec-enable <boolean>;
303 dnssec-lookaside <string> trust-anchor <string>;
304 dnssec-must-be-secure <string> <boolean>;
305 dnssec-secure-to-insecure <boolean>;
306 dnssec-validation <boolean>;
307 dual-stack-servers [ port <integer> ] { ( <quoted_string> [ port
308 <integer> ] | <ipv4_address> [ port <integer> ] |
309 <ipv6_address> [ port <integer> ] ); ... };
310 edns-udp-size <integer>;
311 empty-contact <string>;
312 empty-server <string>;
313 empty-zones-enable <boolean>;
314 fetch-glue <boolean>; // obsolete
315 forward ( first | only );
316 forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> )
317 [ port <integer> ]; ... };
318 ixfr-from-differences <ixfrdiff>;
319 key <string> {
320 algorithm <string>;
321 secret <string>;
322 };
323 key-directory <quoted_string>;
324 lame-ttl <integer>;
325 maintain-ixfr-base <boolean>; // obsolete
326 managed-keys { <string> <string> <integer> <integer> <integer>
327 <quoted_string>; ... };
328 masterfile-format ( text | raw );
329 match-clients { <address_match_element>; ... };
330 match-destinations { <address_match_element>; ... };
331 match-recursive-only <boolean>;
332 max-acache-size <size_no_default>;
333 max-cache-size <size_no_default>;
334 max-cache-ttl <integer>;
335 max-clients-per-query <integer>;
336 max-ixfr-log-size <size>; // obsolete
337 max-journal-size <size_no_default>;
338 max-ncache-ttl <integer>;
339 max-refresh-time <integer>;
340 max-retry-time <integer>;
341 max-transfer-idle-in <integer>;
342 max-transfer-idle-out <integer>;
343 max-transfer-time-in <integer>;
344 max-transfer-time-out <integer>;
345 max-udp-size <integer>;
346 min-refresh-time <integer>;
347 min-retry-time <integer>;
348 min-roots <integer>; // not implemented
349 minimal-responses <boolean>;
350 multi-master <boolean>;
351 notify <notifytype>;
352 notify-delay <integer>;
353 notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
354 notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
355 notify-to-soa <boolean>;
356 nsec3-test-zone <boolean>; // test only
357 preferred-glue <string>;
358 provide-ixfr <boolean>;
359 query-source <querysource4>;
360 query-source-v6 <querysource6>;
361 queryport-pool-ports <integer>; // obsolete
362 queryport-pool-updateinterval <integer>; // obsolete
363 recursion <boolean>;
364 request-ixfr <boolean>;
365 request-nsid <boolean>;
366 rfc2308-type1 <boolean>; // not yet implemented
367 root-delegation-only [ exclude { <quoted_string>; ... } ];
368 rrset-order { [ class <string> ] [ type <string> ] [ name
369 <quoted_string> ] <string> <string>; ... };
370 server <netprefix> {
371 bogus <boolean>;
372 edns <boolean>;
373 edns-udp-size <integer>;
374 keys <server_key>;
375 max-udp-size <integer>;
376 notify-source ( <ipv4_address> | * ) [ port ( <integer> | *
377 ) ];
378 notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer>
379 | * ) ];
380 provide-ixfr <boolean>;
381 query-source <querysource4>;
382 query-source-v6 <querysource6>;
383 request-ixfr <boolean>;
384 support-ixfr <boolean>; // obsolete
385 transfer-format ( many-answers | one-answer );
386 transfer-source ( <ipv4_address> | * ) [ port ( <integer> |
387 * ) ];
388 transfer-source-v6 ( <ipv6_address> | * ) [ port (
389 <integer> | * ) ];
390 transfers <integer>;
391 };
392 sig-signing-nodes <integer>;
393 sig-signing-signatures <integer>;
394 sig-signing-type <integer>;
395 sig-validity-interval <integer> [ <integer> ];
396 sortlist { <address_match_element>; ... };
397 suppress-initial-notify <boolean>; // not yet implemented
398 topology { <address_match_element>; ... }; // not implemented
399 transfer-format ( many-answers | one-answer );
400 transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
401 transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
402 trusted-keys { <string> <integer> <integer> <integer>
403 <quoted_string>; ... };
404 try-tcp-refresh <boolean>;
405 update-check-ksk <boolean>;
406 use-alt-transfer-source <boolean>;
407 use-queryport-pool <boolean>; // obsolete
408 zero-no-soa-ttl <boolean>;
409 zero-no-soa-ttl-cache <boolean>;
410 zone <string> <optional_class> {
411 allow-notify { <address_match_element>; ... };
412 allow-query { <address_match_element>; ... };
413 allow-query-on { <address_match_element>; ... };
414 allow-transfer { <address_match_element>; ... };
415 allow-update { <address_match_element>; ... };
416 allow-update-forwarding { <address_match_element>; ... };
417 also-notify [ port <integer> ] { ( <ipv4_address> |
418 <ipv6_address> ) [ port <integer> ]; ... };
419 alt-transfer-source ( <ipv4_address> | * ) [ port (
420 <integer> | * ) ];
421 alt-transfer-source-v6 ( <ipv6_address> | * ) [ port (
422 <integer> | * ) ];
423 auto-dnssec ( allow | maintain | create | off );
424 check-dup-records ( fail | warn | ignore );
425 check-integrity <boolean>;
426 check-mx ( fail | warn | ignore );
427 check-mx-cname ( fail | warn | ignore );
428 check-names ( fail | warn | ignore );
429 check-sibling <boolean>;
430 check-srv-cname ( fail | warn | ignore );
431 check-wildcard <boolean>;
432 database <string>;
433 delegation-only <boolean>;
434 dialup <dialuptype>;
435 dnssec-dnskey-kskonly <boolean>;
436 dnssec-secure-to-insecure <boolean>;
437 file <quoted_string>;
438 forward ( first | only );
439 forwarders [ port <integer> ] { ( <ipv4_address> |
440 <ipv6_address> ) [ port <integer> ]; ... };
441 ixfr-base <quoted_string>; // obsolete
442 ixfr-from-differences <boolean>;
443 ixfr-tmp-file <quoted_string>; // obsolete
444 journal <quoted_string>;
445 key-directory <quoted_string>;
446 maintain-ixfr-base <boolean>; // obsolete
447 masterfile-format ( text | raw );
448 masters [ port <integer> ] { ( <masters> | <ipv4_address> [
449 port <integer> ] | <ipv6_address> [ port <integer> ] )
450 [ key <string> ]; ... };
451 max-ixfr-log-size <size>; // obsolete
452 max-journal-size <size_no_default>;
453 max-refresh-time <integer>;
454 max-retry-time <integer>;
455 max-transfer-idle-in <integer>;
456 max-transfer-idle-out <integer>;
457 max-transfer-time-in <integer>;
458 max-transfer-time-out <integer>;
459 min-refresh-time <integer>;
460 min-retry-time <integer>;
461 multi-master <boolean>;
462 notify <notifytype>;
463 notify-delay <integer>;
464 notify-source ( <ipv4_address> | * ) [ port ( <integer> | *
465 ) ];
466 notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer>
467 | * ) ];
468 notify-to-soa <boolean>;
469 nsec3-test-zone <boolean>; // test only
470 pubkey <integer> <integer> <integer>
471 <quoted_string>; // obsolete
472 sig-signing-nodes <integer>;
473 sig-signing-signatures <integer>;
474 sig-signing-type <integer>;
475 sig-validity-interval <integer> [ <integer> ];
476 transfer-source ( <ipv4_address> | * ) [ port ( <integer> |
477 * ) ];
478 transfer-source-v6 ( <ipv6_address> | * ) [ port (
479 <integer> | * ) ];
480 try-tcp-refresh <boolean>;
481 type ( master | slave | stub | hint | forward |
482 delegation-only );
483 update-check-ksk <boolean>;
484 update-policy ( local | { ( grant | deny ) <string> ( name
485 | subdomain | wildcard | self | selfsub | selfwild |
486 krb5-self | ms-self | krb5-subdomain | ms-subdomain |
487 tcp-self | 6to4-self | zonesub ) [ <string> ]
488 <rrtypelist>; ... };
489 use-alt-transfer-source <boolean>;
490 zero-no-soa-ttl <boolean>;
491 zone-statistics <boolean>;
492 };
493 zone-statistics <boolean>;
494 };
496 zone <string> <optional_class> {
497 allow-notify { <address_match_element>; ... };
498 allow-query { <address_match_element>; ... };
499 allow-query-on { <address_match_element>; ... };
500 allow-transfer { <address_match_element>; ... };
501 allow-update { <address_match_element>; ... };
502 allow-update-forwarding { <address_match_element>; ... };
503 also-notify [ port <integer> ] { ( <ipv4_address> | <ipv6_address>
504 ) [ port <integer> ]; ... };
505 alt-transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
506 alt-transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> |
507 * ) ];
508 auto-dnssec ( allow | maintain | create | off );
509 check-dup-records ( fail | warn | ignore );
510 check-integrity <boolean>;
511 check-mx ( fail | warn | ignore );
512 check-mx-cname ( fail | warn | ignore );
513 check-names ( fail | warn | ignore );
514 check-sibling <boolean>;
515 check-srv-cname ( fail | warn | ignore );
516 check-wildcard <boolean>;
517 database <string>;
518 delegation-only <boolean>;
519 dialup <dialuptype>;
520 dnssec-dnskey-kskonly <boolean>;
521 dnssec-secure-to-insecure <boolean>;
522 file <quoted_string>;
523 forward ( first | only );
524 forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> )
525 [ port <integer> ]; ... };
526 ixfr-base <quoted_string>; // obsolete
527 ixfr-from-differences <boolean>;
528 ixfr-tmp-file <quoted_string>; // obsolete
529 journal <quoted_string>;
530 key-directory <quoted_string>;
531 maintain-ixfr-base <boolean>; // obsolete
532 masterfile-format ( text | raw );
533 masters [ port <integer> ] { ( <masters> | <ipv4_address> [ port
534 <integer> ] | <ipv6_address> [ port <integer> ] ) [ key
535 <string> ]; ... };
536 max-ixfr-log-size <size>; // obsolete
537 max-journal-size <size_no_default>;
538 max-refresh-time <integer>;
539 max-retry-time <integer>;
540 max-transfer-idle-in <integer>;
541 max-transfer-idle-out <integer>;
542 max-transfer-time-in <integer>;
543 max-transfer-time-out <integer>;
544 min-refresh-time <integer>;
545 min-retry-time <integer>;
546 multi-master <boolean>;
547 notify <notifytype>;
548 notify-delay <integer>;
549 notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
550 notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
551 notify-to-soa <boolean>;
552 nsec3-test-zone <boolean>; // test only
553 pubkey <integer> <integer> <integer> <quoted_string>; // obsolete
554 sig-signing-nodes <integer>;
555 sig-signing-signatures <integer>;
556 sig-signing-type <integer>;
557 sig-validity-interval <integer> [ <integer> ];
558 transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
559 transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
560 try-tcp-refresh <boolean>;
561 type ( master | slave | stub | hint | forward | delegation-only );
562 update-check-ksk <boolean>;
563 update-policy ( local | { ( grant | deny ) <string> ( name |
564 subdomain | wildcard | self | selfsub | selfwild | krb5-self |
565 ms-self | krb5-subdomain | ms-subdomain | tcp-self | 6to4-self
566 | zonesub ) [ <string> ] <rrtypelist>; ... };
567 use-alt-transfer-source <boolean>;
568 zero-no-soa-ttl <boolean>;
569 zone-statistics <boolean>;
570 };