1 <!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
2 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
3 [<!ENTITY mdash "—">]>
5 - Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC")
7 - Permission to use, copy, modify, and/or distribute this software for any
8 - purpose with or without fee is hereby granted, provided that the above
9 - copyright notice and this permission notice appear in all copies.
11 - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
12 - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
13 - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
14 - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
15 - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
16 - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
17 - PERFORMANCE OF THIS SOFTWARE.
20 <!-- $Id: named.conf.docbook,v 1.39 2008/09/24 02:46:21 marka Exp $ -->
23 <date>Aug 13, 2004</date>
27 <refentrytitle><filename>named.conf</filename></refentrytitle>
28 <manvolnum>5</manvolnum>
29 <refmiscinfo>BIND9</refmiscinfo>
33 <refname><filename>named.conf</filename></refname>
34 <refpurpose>configuration file for named</refpurpose>
44 <holder>Internet Systems Consortium, Inc. ("ISC")</holder>
50 <command>named.conf</command>
55 <title>DESCRIPTION</title>
56 <para><filename>named.conf</filename> is the configuration file
58 <command>named</command>. Statements are enclosed
59 in braces and terminated with a semi-colon. Clauses in
60 the statements are also semi-colon terminated. The usual
61 comment styles are supported:
67 C++ style: // to end of line
70 Unix style: # to end of line
77 acl <replaceable>string</replaceable> { <replaceable>address_match_element</replaceable>; ... };
85 key <replaceable>domain_name</replaceable> {
86 algorithm <replaceable>string</replaceable>;
87 secret <replaceable>string</replaceable>;
93 <title>MASTERS</title>
95 masters <replaceable>string</replaceable> <optional> port <replaceable>integer</replaceable> </optional> {
96 ( <replaceable>masters</replaceable> | <replaceable>ipv4_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> |
97 <replaceable>ipv6_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> ) <optional> key <replaceable>string</replaceable> </optional>; ...
103 <title>SERVER</title>
105 server ( <replaceable>ipv4_address<optional>/prefixlen</optional></replaceable> | <replaceable>ipv6_address<optional>/prefixlen</optional></replaceable> ) {
106 bogus <replaceable>boolean</replaceable>;
107 edns <replaceable>boolean</replaceable>;
108 edns-udp-size <replaceable>integer</replaceable>;
109 max-udp-size <replaceable>integer</replaceable>;
110 provide-ixfr <replaceable>boolean</replaceable>;
111 request-ixfr <replaceable>boolean</replaceable>;
112 keys <replaceable>server_key</replaceable>;
113 transfers <replaceable>integer</replaceable>;
114 transfer-format ( many-answers | one-answer );
115 transfer-source ( <replaceable>ipv4_address</replaceable> | * )
116 <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
117 transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * )
118 <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
120 support-ixfr <replaceable>boolean</replaceable>; // obsolete
126 <title>TRUSTED-KEYS</title>
129 <replaceable>domain_name</replaceable> <replaceable>flags</replaceable> <replaceable>protocol</replaceable> <replaceable>algorithm</replaceable> <replaceable>key</replaceable>; ...
135 <title>CONTROLS</title>
138 inet ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> | * )
139 <optional> port ( <replaceable>integer</replaceable> | * ) </optional>
140 allow { <replaceable>address_match_element</replaceable>; ... }
141 <optional> keys { <replaceable>string</replaceable>; ... } </optional>;
142 unix <replaceable>unsupported</replaceable>; // not implemented
148 <title>LOGGING</title>
151 channel <replaceable>string</replaceable> {
152 file <replaceable>log_file</replaceable>;
153 syslog <replaceable>optional_facility</replaceable>;
156 severity <replaceable>log_severity</replaceable>;
157 print-time <replaceable>boolean</replaceable>;
158 print-severity <replaceable>boolean</replaceable>;
159 print-category <replaceable>boolean</replaceable>;
161 category <replaceable>string</replaceable> { <replaceable>string</replaceable>; ... };
170 listen-on <optional> port <replaceable>integer</replaceable> </optional> {
171 ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> ) <optional> port <replaceable>integer</replaceable> </optional>; ...
173 view <replaceable>string</replaceable> <replaceable>optional_class</replaceable>;
174 search { <replaceable>string</replaceable>; ... };
175 ndots <replaceable>integer</replaceable>;
181 <title>OPTIONS</title>
184 avoid-v4-udp-ports { <replaceable>port</replaceable>; ... };
185 avoid-v6-udp-ports { <replaceable>port</replaceable>; ... };
186 blackhole { <replaceable>address_match_element</replaceable>; ... };
187 coresize <replaceable>size</replaceable>;
188 datasize <replaceable>size</replaceable>;
189 directory <replaceable>quoted_string</replaceable>;
190 dump-file <replaceable>quoted_string</replaceable>;
191 files <replaceable>size</replaceable>;
192 heartbeat-interval <replaceable>integer</replaceable>;
193 host-statistics <replaceable>boolean</replaceable>; // not implemented
194 host-statistics-max <replaceable>number</replaceable>; // not implemented
195 hostname ( <replaceable>quoted_string</replaceable> | none );
196 interface-interval <replaceable>integer</replaceable>;
197 listen-on <optional> port <replaceable>integer</replaceable> </optional> { <replaceable>address_match_element</replaceable>; ... };
198 listen-on-v6 <optional> port <replaceable>integer</replaceable> </optional> { <replaceable>address_match_element</replaceable>; ... };
199 match-mapped-addresses <replaceable>boolean</replaceable>;
200 memstatistics-file <replaceable>quoted_string</replaceable>;
201 pid-file ( <replaceable>quoted_string</replaceable> | none );
202 port <replaceable>integer</replaceable>;
203 querylog <replaceable>boolean</replaceable>;
204 recursing-file <replaceable>quoted_string</replaceable>;
205 reserved-sockets <replaceable>integer</replaceable>;
206 random-device <replaceable>quoted_string</replaceable>;
207 recursive-clients <replaceable>integer</replaceable>;
208 serial-query-rate <replaceable>integer</replaceable>;
209 server-id ( <replaceable>quoted_string</replaceable> | none |;
210 stacksize <replaceable>size</replaceable>;
211 statistics-file <replaceable>quoted_string</replaceable>;
212 statistics-interval <replaceable>integer</replaceable>; // not yet implemented
213 tcp-clients <replaceable>integer</replaceable>;
214 tcp-listen-queue <replaceable>integer</replaceable>;
215 tkey-dhkey <replaceable>quoted_string</replaceable> <replaceable>integer</replaceable>;
216 tkey-gssapi-credential <replaceable>quoted_string</replaceable>;
217 tkey-domain <replaceable>quoted_string</replaceable>;
218 transfers-per-ns <replaceable>integer</replaceable>;
219 transfers-in <replaceable>integer</replaceable>;
220 transfers-out <replaceable>integer</replaceable>;
221 use-ixfr <replaceable>boolean</replaceable>;
222 version ( <replaceable>quoted_string</replaceable> | none );
223 allow-recursion { <replaceable>address_match_element</replaceable>; ... };
224 allow-recursion-on { <replaceable>address_match_element</replaceable>; ... };
225 sortlist { <replaceable>address_match_element</replaceable>; ... };
226 topology { <replaceable>address_match_element</replaceable>; ... }; // not implemented
227 auth-nxdomain <replaceable>boolean</replaceable>; // default changed
228 minimal-responses <replaceable>boolean</replaceable>;
229 recursion <replaceable>boolean</replaceable>;
231 <optional> class <replaceable>string</replaceable> </optional> <optional> type <replaceable>string</replaceable> </optional>
232 <optional> name <replaceable>quoted_string</replaceable> </optional> <replaceable>string</replaceable> <replaceable>string</replaceable>; ...
234 provide-ixfr <replaceable>boolean</replaceable>;
235 request-ixfr <replaceable>boolean</replaceable>;
236 rfc2308-type1 <replaceable>boolean</replaceable>; // not yet implemented
237 additional-from-auth <replaceable>boolean</replaceable>;
238 additional-from-cache <replaceable>boolean</replaceable>;
239 query-source ( ( <replaceable>ipv4_address</replaceable> | * ) | <optional> address ( <replaceable>ipv4_address</replaceable> | * ) </optional> ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
240 query-source-v6 ( ( <replaceable>ipv6_address</replaceable> | * ) | <optional> address ( <replaceable>ipv6_address</replaceable> | * ) </optional> ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
241 use-queryport-pool <replaceable>boolean</replaceable>;
242 queryport-pool-ports <replaceable>integer</replaceable>;
243 queryport-pool-updateinterval <replaceable>integer</replaceable>;
244 cleaning-interval <replaceable>integer</replaceable>;
245 min-roots <replaceable>integer</replaceable>; // not implemented
246 lame-ttl <replaceable>integer</replaceable>;
247 max-ncache-ttl <replaceable>integer</replaceable>;
248 max-cache-ttl <replaceable>integer</replaceable>;
249 transfer-format ( many-answers | one-answer );
250 max-cache-size <replaceable>size</replaceable>;
251 max-acache-size <replaceable>size</replaceable>;
252 clients-per-query <replaceable>number</replaceable>;
253 max-clients-per-query <replaceable>number</replaceable>;
254 check-names ( master | slave | response )
255 ( fail | warn | ignore );
256 check-mx ( fail | warn | ignore );
257 check-integrity <replaceable>boolean</replaceable>;
258 check-mx-cname ( fail | warn | ignore );
259 check-srv-cname ( fail | warn | ignore );
260 cache-file <replaceable>quoted_string</replaceable>; // test option
261 suppress-initial-notify <replaceable>boolean</replaceable>; // not yet implemented
262 preferred-glue <replaceable>string</replaceable>;
263 dual-stack-servers <optional> port <replaceable>integer</replaceable> </optional> {
264 ( <replaceable>quoted_string</replaceable> <optional>port <replaceable>integer</replaceable></optional> |
265 <replaceable>ipv4_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> |
266 <replaceable>ipv6_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> ); ...
268 edns-udp-size <replaceable>integer</replaceable>;
269 max-udp-size <replaceable>integer</replaceable>;
270 root-delegation-only <optional> exclude { <replaceable>quoted_string</replaceable>; ... } </optional>;
271 disable-algorithms <replaceable>string</replaceable> { <replaceable>string</replaceable>; ... };
272 dnssec-enable <replaceable>boolean</replaceable>;
273 dnssec-validation <replaceable>boolean</replaceable>;
274 dnssec-lookaside <replaceable>string</replaceable> trust-anchor <replaceable>string</replaceable>;
275 dnssec-must-be-secure <replaceable>string</replaceable> <replaceable>boolean</replaceable>;
276 dnssec-accept-expired <replaceable>boolean</replaceable>;
278 empty-server <replaceable>string</replaceable>;
279 empty-contact <replaceable>string</replaceable>;
280 empty-zones-enable <replaceable>boolean</replaceable>;
281 disable-empty-zone <replaceable>string</replaceable>;
283 dialup <replaceable>dialuptype</replaceable>;
284 ixfr-from-differences <replaceable>ixfrdiff</replaceable>;
286 allow-query { <replaceable>address_match_element</replaceable>; ... };
287 allow-query-on { <replaceable>address_match_element</replaceable>; ... };
288 allow-query-cache { <replaceable>address_match_element</replaceable>; ... };
289 allow-query-cache-on { <replaceable>address_match_element</replaceable>; ... };
290 allow-transfer { <replaceable>address_match_element</replaceable>; ... };
291 allow-update { <replaceable>address_match_element</replaceable>; ... };
292 allow-update-forwarding { <replaceable>address_match_element</replaceable>; ... };
293 update-check-ksk <replaceable>boolean</replaceable>;
295 masterfile-format ( text | raw );
296 notify <replaceable>notifytype</replaceable>;
297 notify-source ( <replaceable>ipv4_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
298 notify-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
299 notify-delay <replaceable>seconds</replaceable>;
300 notify-to-soa <replaceable>boolean</replaceable>;
301 also-notify <optional> port <replaceable>integer</replaceable> </optional> { ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> )
302 <optional> port <replaceable>integer</replaceable> </optional>; ... };
303 allow-notify { <replaceable>address_match_element</replaceable>; ... };
305 forward ( first | only );
306 forwarders <optional> port <replaceable>integer</replaceable> </optional> {
307 ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> ) <optional> port <replaceable>integer</replaceable> </optional>; ...
310 max-journal-size <replaceable>size_no_default</replaceable>;
311 max-transfer-time-in <replaceable>integer</replaceable>;
312 max-transfer-time-out <replaceable>integer</replaceable>;
313 max-transfer-idle-in <replaceable>integer</replaceable>;
314 max-transfer-idle-out <replaceable>integer</replaceable>;
315 max-retry-time <replaceable>integer</replaceable>;
316 min-retry-time <replaceable>integer</replaceable>;
317 max-refresh-time <replaceable>integer</replaceable>;
318 min-refresh-time <replaceable>integer</replaceable>;
319 multi-master <replaceable>boolean</replaceable>;
321 sig-validity-interval <replaceable>integer</replaceable>;
322 sig-re-signing-interval <replaceable>integer</replaceable>;
323 sig-signing-nodes <replaceable>integer</replaceable>;
324 sig-signing-signatures <replaceable>integer</replaceable>;
325 sig-signing-type <replaceable>integer</replaceable>;
327 transfer-source ( <replaceable>ipv4_address</replaceable> | * )
328 <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
329 transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * )
330 <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
332 alt-transfer-source ( <replaceable>ipv4_address</replaceable> | * )
333 <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
334 alt-transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * )
335 <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
336 use-alt-transfer-source <replaceable>boolean</replaceable>;
338 zone-statistics <replaceable>boolean</replaceable>;
339 key-directory <replaceable>quoted_string</replaceable>;
340 try-tcp-refresh <replaceable>boolean</replaceable>;
341 zero-no-soa-ttl <replaceable>boolean</replaceable>;
342 zero-no-soa-ttl-cache <replaceable>boolean</replaceable>;
344 nsec3-test-zone <replaceable>boolean</replaceable>; // testing only
346 allow-v6-synthesis { <replaceable>address_match_element</replaceable>; ... }; // obsolete
347 deallocate-on-exit <replaceable>boolean</replaceable>; // obsolete
348 fake-iquery <replaceable>boolean</replaceable>; // obsolete
349 fetch-glue <replaceable>boolean</replaceable>; // obsolete
350 has-old-clients <replaceable>boolean</replaceable>; // obsolete
351 maintain-ixfr-base <replaceable>boolean</replaceable>; // obsolete
352 max-ixfr-log-size <replaceable>size</replaceable>; // obsolete
353 multiple-cnames <replaceable>boolean</replaceable>; // obsolete
354 named-xfer <replaceable>quoted_string</replaceable>; // obsolete
355 serial-queries <replaceable>integer</replaceable>; // obsolete
356 treat-cr-as-space <replaceable>boolean</replaceable>; // obsolete
357 use-id-pool <replaceable>boolean</replaceable>; // obsolete
365 view <replaceable>string</replaceable> <replaceable>optional_class</replaceable> {
366 match-clients { <replaceable>address_match_element</replaceable>; ... };
367 match-destinations { <replaceable>address_match_element</replaceable>; ... };
368 match-recursive-only <replaceable>boolean</replaceable>;
370 key <replaceable>string</replaceable> {
371 algorithm <replaceable>string</replaceable>;
372 secret <replaceable>string</replaceable>;
375 zone <replaceable>string</replaceable> <replaceable>optional_class</replaceable> {
379 server ( <replaceable>ipv4_address<optional>/prefixlen</optional></replaceable> | <replaceable>ipv6_address<optional>/prefixlen</optional></replaceable> ) {
384 <replaceable>string</replaceable> <replaceable>integer</replaceable> <replaceable>integer</replaceable> <replaceable>integer</replaceable> <replaceable>quoted_string</replaceable>; ...
387 allow-recursion { <replaceable>address_match_element</replaceable>; ... };
388 allow-recursion-on { <replaceable>address_match_element</replaceable>; ... };
389 sortlist { <replaceable>address_match_element</replaceable>; ... };
390 topology { <replaceable>address_match_element</replaceable>; ... }; // not implemented
391 auth-nxdomain <replaceable>boolean</replaceable>; // default changed
392 minimal-responses <replaceable>boolean</replaceable>;
393 recursion <replaceable>boolean</replaceable>;
395 <optional> class <replaceable>string</replaceable> </optional> <optional> type <replaceable>string</replaceable> </optional>
396 <optional> name <replaceable>quoted_string</replaceable> </optional> <replaceable>string</replaceable> <replaceable>string</replaceable>; ...
398 provide-ixfr <replaceable>boolean</replaceable>;
399 request-ixfr <replaceable>boolean</replaceable>;
400 rfc2308-type1 <replaceable>boolean</replaceable>; // not yet implemented
401 additional-from-auth <replaceable>boolean</replaceable>;
402 additional-from-cache <replaceable>boolean</replaceable>;
403 query-source ( ( <replaceable>ipv4_address</replaceable> | * ) | <optional> address ( <replaceable>ipv4_address</replaceable> | * ) </optional> ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
404 query-source-v6 ( ( <replaceable>ipv6_address</replaceable> | * ) | <optional> address ( <replaceable>ipv6_address</replaceable> | * ) </optional> ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
405 use-queryport-pool <replaceable>boolean</replaceable>;
406 queryport-pool-ports <replaceable>integer</replaceable>;
407 queryport-pool-updateinterval <replaceable>integer</replaceable>;
408 cleaning-interval <replaceable>integer</replaceable>;
409 min-roots <replaceable>integer</replaceable>; // not implemented
410 lame-ttl <replaceable>integer</replaceable>;
411 max-ncache-ttl <replaceable>integer</replaceable>;
412 max-cache-ttl <replaceable>integer</replaceable>;
413 transfer-format ( many-answers | one-answer );
414 max-cache-size <replaceable>size</replaceable>;
415 max-acache-size <replaceable>size</replaceable>;
416 clients-per-query <replaceable>number</replaceable>;
417 max-clients-per-query <replaceable>number</replaceable>;
418 check-names ( master | slave | response )
419 ( fail | warn | ignore );
420 check-mx ( fail | warn | ignore );
421 check-integrity <replaceable>boolean</replaceable>;
422 check-mx-cname ( fail | warn | ignore );
423 check-srv-cname ( fail | warn | ignore );
424 cache-file <replaceable>quoted_string</replaceable>; // test option
425 suppress-initial-notify <replaceable>boolean</replaceable>; // not yet implemented
426 preferred-glue <replaceable>string</replaceable>;
427 dual-stack-servers <optional> port <replaceable>integer</replaceable> </optional> {
428 ( <replaceable>quoted_string</replaceable> <optional>port <replaceable>integer</replaceable></optional> |
429 <replaceable>ipv4_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> |
430 <replaceable>ipv6_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> ); ...
432 edns-udp-size <replaceable>integer</replaceable>;
433 max-udp-size <replaceable>integer</replaceable>;
434 root-delegation-only <optional> exclude { <replaceable>quoted_string</replaceable>; ... } </optional>;
435 disable-algorithms <replaceable>string</replaceable> { <replaceable>string</replaceable>; ... };
436 dnssec-enable <replaceable>boolean</replaceable>;
437 dnssec-validation <replaceable>boolean</replaceable>;
438 dnssec-lookaside <replaceable>string</replaceable> trust-anchor <replaceable>string</replaceable>;
439 dnssec-must-be-secure <replaceable>string</replaceable> <replaceable>boolean</replaceable>;
440 dnssec-accept-expired <replaceable>boolean</replaceable>;
442 empty-server <replaceable>string</replaceable>;
443 empty-contact <replaceable>string</replaceable>;
444 empty-zones-enable <replaceable>boolean</replaceable>;
445 disable-empty-zone <replaceable>string</replaceable>;
447 dialup <replaceable>dialuptype</replaceable>;
448 ixfr-from-differences <replaceable>ixfrdiff</replaceable>;
450 allow-query { <replaceable>address_match_element</replaceable>; ... };
451 allow-query-on { <replaceable>address_match_element</replaceable>; ... };
452 allow-query-cache { <replaceable>address_match_element</replaceable>; ... };
453 allow-query-cache-on { <replaceable>address_match_element</replaceable>; ... };
454 allow-transfer { <replaceable>address_match_element</replaceable>; ... };
455 allow-update { <replaceable>address_match_element</replaceable>; ... };
456 allow-update-forwarding { <replaceable>address_match_element</replaceable>; ... };
457 update-check-ksk <replaceable>boolean</replaceable>;
459 masterfile-format ( text | raw );
460 notify <replaceable>notifytype</replaceable>;
461 notify-source ( <replaceable>ipv4_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
462 notify-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
463 notify-delay <replaceable>seconds</replaceable>;
464 notify-to-soa <replaceable>boolean</replaceable>;
465 also-notify <optional> port <replaceable>integer</replaceable> </optional> { ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> )
466 <optional> port <replaceable>integer</replaceable> </optional>; ... };
467 allow-notify { <replaceable>address_match_element</replaceable>; ... };
469 forward ( first | only );
470 forwarders <optional> port <replaceable>integer</replaceable> </optional> {
471 ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> ) <optional> port <replaceable>integer</replaceable> </optional>; ...
474 max-journal-size <replaceable>size_no_default</replaceable>;
475 max-transfer-time-in <replaceable>integer</replaceable>;
476 max-transfer-time-out <replaceable>integer</replaceable>;
477 max-transfer-idle-in <replaceable>integer</replaceable>;
478 max-transfer-idle-out <replaceable>integer</replaceable>;
479 max-retry-time <replaceable>integer</replaceable>;
480 min-retry-time <replaceable>integer</replaceable>;
481 max-refresh-time <replaceable>integer</replaceable>;
482 min-refresh-time <replaceable>integer</replaceable>;
483 multi-master <replaceable>boolean</replaceable>;
484 sig-validity-interval <replaceable>integer</replaceable>;
486 transfer-source ( <replaceable>ipv4_address</replaceable> | * )
487 <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
488 transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * )
489 <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
491 alt-transfer-source ( <replaceable>ipv4_address</replaceable> | * )
492 <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
493 alt-transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * )
494 <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
495 use-alt-transfer-source <replaceable>boolean</replaceable>;
497 zone-statistics <replaceable>boolean</replaceable>;
498 try-tcp-refresh <replaceable>boolean</replaceable>;
499 key-directory <replaceable>quoted_string</replaceable>;
500 zero-no-soa-ttl <replaceable>boolean</replaceable>;
501 zero-no-soa-ttl-cache <replaceable>boolean</replaceable>;
503 allow-v6-synthesis { <replaceable>address_match_element</replaceable>; ... }; // obsolete
504 fetch-glue <replaceable>boolean</replaceable>; // obsolete
505 maintain-ixfr-base <replaceable>boolean</replaceable>; // obsolete
506 max-ixfr-log-size <replaceable>size</replaceable>; // obsolete
514 zone <replaceable>string</replaceable> <replaceable>optional_class</replaceable> {
515 type ( master | slave | stub | hint |
516 forward | delegation-only );
517 file <replaceable>quoted_string</replaceable>;
519 masters <optional> port <replaceable>integer</replaceable> </optional> {
520 ( <replaceable>masters</replaceable> |
521 <replaceable>ipv4_address</replaceable> <optional>port <replaceable>integer</replaceable></optional> |
522 <replaceable>ipv6_address</replaceable> <optional> port <replaceable>integer</replaceable> </optional> ) <optional> key <replaceable>string</replaceable> </optional>; ...
525 database <replaceable>string</replaceable>;
526 delegation-only <replaceable>boolean</replaceable>;
527 check-names ( fail | warn | ignore );
528 check-mx ( fail | warn | ignore );
529 check-integrity <replaceable>boolean</replaceable>;
530 check-mx-cname ( fail | warn | ignore );
531 check-srv-cname ( fail | warn | ignore );
532 dialup <replaceable>dialuptype</replaceable>;
533 ixfr-from-differences <replaceable>boolean</replaceable>;
534 journal <replaceable>quoted_string</replaceable>;
535 zero-no-soa-ttl <replaceable>boolean</replaceable>;
537 allow-query { <replaceable>address_match_element</replaceable>; ... };
538 allow-query-on { <replaceable>address_match_element</replaceable>; ... };
539 allow-transfer { <replaceable>address_match_element</replaceable>; ... };
540 allow-update { <replaceable>address_match_element</replaceable>; ... };
541 allow-update-forwarding { <replaceable>address_match_element</replaceable>; ... };
543 ( grant | deny ) <replaceable>string</replaceable>
544 ( name | subdomain | wildcard | self | selfsub | selfwild |
545 krb5-self | ms-self | krb5-subdomain | ms-subdomain |
546 tcp-self | 6to4-self ) <replaceable>string</replaceable>
547 <replaceable>rrtypelist</replaceable>; ...
549 update-check-ksk <replaceable>boolean</replaceable>;
551 masterfile-format ( text | raw );
552 notify <replaceable>notifytype</replaceable>;
553 notify-source ( <replaceable>ipv4_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
554 notify-source-v6 ( <replaceable>ipv6_address</replaceable> | * ) <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
555 notify-delay <replaceable>seconds</replaceable>;
556 notify-to-soa <replaceable>boolean</replaceable>;
557 also-notify <optional> port <replaceable>integer</replaceable> </optional> { ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> )
558 <optional> port <replaceable>integer</replaceable> </optional>; ... };
559 allow-notify { <replaceable>address_match_element</replaceable>; ... };
561 forward ( first | only );
562 forwarders <optional> port <replaceable>integer</replaceable> </optional> {
563 ( <replaceable>ipv4_address</replaceable> | <replaceable>ipv6_address</replaceable> ) <optional> port <replaceable>integer</replaceable> </optional>; ...
566 max-journal-size <replaceable>size_no_default</replaceable>;
567 max-transfer-time-in <replaceable>integer</replaceable>;
568 max-transfer-time-out <replaceable>integer</replaceable>;
569 max-transfer-idle-in <replaceable>integer</replaceable>;
570 max-transfer-idle-out <replaceable>integer</replaceable>;
571 max-retry-time <replaceable>integer</replaceable>;
572 min-retry-time <replaceable>integer</replaceable>;
573 max-refresh-time <replaceable>integer</replaceable>;
574 min-refresh-time <replaceable>integer</replaceable>;
575 multi-master <replaceable>boolean</replaceable>;
576 sig-validity-interval <replaceable>integer</replaceable>;
578 transfer-source ( <replaceable>ipv4_address</replaceable> | * )
579 <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
580 transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * )
581 <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
583 alt-transfer-source ( <replaceable>ipv4_address</replaceable> | * )
584 <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
585 alt-transfer-source-v6 ( <replaceable>ipv6_address</replaceable> | * )
586 <optional> port ( <replaceable>integer</replaceable> | * ) </optional>;
587 use-alt-transfer-source <replaceable>boolean</replaceable>;
589 zone-statistics <replaceable>boolean</replaceable>;
590 try-tcp-refresh <replaceable>boolean</replaceable>;
591 key-directory <replaceable>quoted_string</replaceable>;
593 nsec3-test-zone <replaceable>boolean</replaceable>; // testing only
595 ixfr-base <replaceable>quoted_string</replaceable>; // obsolete
596 ixfr-tmp-file <replaceable>quoted_string</replaceable>; // obsolete
597 maintain-ixfr-base <replaceable>boolean</replaceable>; // obsolete
598 max-ixfr-log-size <replaceable>size</replaceable>; // obsolete
599 pubkey <replaceable>integer</replaceable> <replaceable>integer</replaceable> <replaceable>integer</replaceable> <replaceable>quoted_string</replaceable>; // obsolete
606 <para><filename>/etc/named.conf</filename>
611 <title>SEE ALSO</title>
613 <refentrytitle>named</refentrytitle><manvolnum>8</manvolnum>
616 <refentrytitle>named-checkconf</refentrytitle><manvolnum>8</manvolnum>
619 <refentrytitle>rndc</refentrytitle><manvolnum>8</manvolnum>
621 <citetitle>BIND 9 Administrator Reference Manual</citetitle>.