2 - Copyright (C) 2004-2015 Internet Systems Consortium, Inc. ("ISC")
3 - Copyright (C) 2000-2003 Internet Software Consortium.
5 - Permission to use, copy, modify, and/or distribute this software for any
6 - purpose with or without fee is hereby granted, provided that the above
7 - copyright notice and this permission notice appear in all copies.
9 - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
10 - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
11 - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
12 - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
13 - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14 - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
15 - PERFORMANCE OF THIS SOFTWARE.
19 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
20 <title>named.conf</title>
21 <meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
22 <link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
23 <link rel="up" href="Bv9ARM.ch13.html" title="Manual pages">
24 <link rel="prev" href="man.named.html" title="named">
25 <link rel="next" href="man.lwresd.html" title="lwresd">
27 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
28 <div class="navheader">
29 <table width="100%" summary="Navigation header">
30 <tr><th colspan="3" align="center"><code class="filename">named.conf</code></th></tr>
32 <td width="20%" align="left">
33 <a accesskey="p" href="man.named.html">Prev</a> </td>
34 <th width="60%" align="center">Manual pages</th>
35 <td width="20%" align="right"> <a accesskey="n" href="man.lwresd.html">Next</a>
41 <div class="refentry">
42 <a name="man.named.conf"></a><div class="titlepage"></div>
43 <div class="refnamediv">
45 <p><code class="filename">named.conf</code> — configuration file for named</p>
47 <div class="refsynopsisdiv">
49 <div class="cmdsynopsis"><p><code class="command">named.conf</code> </p></div>
51 <div class="refsection">
52 <a name="id-1.14.17.7"></a><h2>DESCRIPTION</h2>
53 <p><code class="filename">named.conf</code> is the configuration file
55 <span class="command"><strong>named</strong></span>. Statements are enclosed
56 in braces and terminated with a semi-colon. Clauses in
57 the statements are also semi-colon terminated. The usual
58 comment styles are supported:
64 C++ style: // to end of line
67 Unix style: # to end of line
70 <div class="refsection">
71 <a name="id-1.14.17.8"></a><h2>ACL</h2>
72 <div class="literallayout"><p><br>
73 acl <em class="replaceable"><code>string</code></em> { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
77 <div class="refsection">
78 <a name="id-1.14.17.9"></a><h2>KEY</h2>
79 <div class="literallayout"><p><br>
80 key <em class="replaceable"><code>domain_name</code></em> {<br>
81 algorithm <em class="replaceable"><code>string</code></em>;<br>
82 secret <em class="replaceable"><code>string</code></em>;<br>
86 <div class="refsection">
87 <a name="id-1.14.17.10"></a><h2>MASTERS</h2>
88 <div class="literallayout"><p><br>
89 masters <em class="replaceable"><code>string</code></em> [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br>
90 ( <em class="replaceable"><code>masters</code></em> | <em class="replaceable"><code>ipv4_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] |<br>
91 <em class="replaceable"><code>ipv6_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] ) [<span class="optional"> key <em class="replaceable"><code>string</code></em> </span>]; ...<br>
95 <div class="refsection">
96 <a name="id-1.14.17.11"></a><h2>SERVER</h2>
97 <div class="literallayout"><p><br>
98 server ( <em class="replaceable"><code>ipv4_address[<span class="optional">/prefixlen</span>]</code></em> | <em class="replaceable"><code>ipv6_address[<span class="optional">/prefixlen</span>]</code></em> ) {<br>
99 bogus <em class="replaceable"><code>boolean</code></em>;<br>
100 edns <em class="replaceable"><code>boolean</code></em>;<br>
101 edns-udp-size <em class="replaceable"><code>integer</code></em>;<br>
102 max-udp-size <em class="replaceable"><code>integer</code></em>;<br>
103 provide-ixfr <em class="replaceable"><code>boolean</code></em>;<br>
104 request-ixfr <em class="replaceable"><code>boolean</code></em>;<br>
105 keys <em class="replaceable"><code>server_key</code></em>;<br>
106 transfers <em class="replaceable"><code>integer</code></em>;<br>
107 transfer-format ( many-answers | one-answer );<br>
108 transfer-source ( <em class="replaceable"><code>ipv4_address</code></em> | * )<br>
109 [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
110 transfer-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * )<br>
111 [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
113 support-ixfr <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
117 <div class="refsection">
118 <a name="id-1.14.17.12"></a><h2>TRUSTED-KEYS</h2>
119 <div class="literallayout"><p><br>
121 <em class="replaceable"><code>domain_name</code></em> <em class="replaceable"><code>flags</code></em> <em class="replaceable"><code>protocol</code></em> <em class="replaceable"><code>algorithm</code></em> <em class="replaceable"><code>key</code></em>; ...<br>
125 <div class="refsection">
126 <a name="id-1.14.17.13"></a><h2>MANAGED-KEYS</h2>
127 <div class="literallayout"><p><br>
129 <em class="replaceable"><code>domain_name</code></em> <code class="constant">initial-key</code> <em class="replaceable"><code>flags</code></em> <em class="replaceable"><code>protocol</code></em> <em class="replaceable"><code>algorithm</code></em> <em class="replaceable"><code>key</code></em>; ...<br>
133 <div class="refsection">
134 <a name="id-1.14.17.14"></a><h2>CONTROLS</h2>
135 <div class="literallayout"><p><br>
137 inet ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> | * )<br>
138 [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>]<br>
139 allow { <em class="replaceable"><code>address_match_element</code></em>; ... }<br>
140 [<span class="optional"> keys { <em class="replaceable"><code>string</code></em>; ... } </span>];<br>
141 unix <em class="replaceable"><code>unsupported</code></em>; // not implemented<br>
145 <div class="refsection">
146 <a name="id-1.14.17.15"></a><h2>LOGGING</h2>
147 <div class="literallayout"><p><br>
149 channel <em class="replaceable"><code>string</code></em> {<br>
150 file <em class="replaceable"><code>log_file</code></em>;<br>
151 syslog <em class="replaceable"><code>optional_facility</code></em>;<br>
154 severity <em class="replaceable"><code>log_severity</code></em>;<br>
155 print-time <em class="replaceable"><code>boolean</code></em>;<br>
156 print-severity <em class="replaceable"><code>boolean</code></em>;<br>
157 print-category <em class="replaceable"><code>boolean</code></em>;<br>
159 category <em class="replaceable"><code>string</code></em> { <em class="replaceable"><code>string</code></em>; ... };<br>
163 <div class="refsection">
164 <a name="id-1.14.17.16"></a><h2>LWRES</h2>
165 <div class="literallayout"><p><br>
167 listen-on [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br>
168 ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> ) [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>]; ...<br>
170 view <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>optional_class</code></em>;<br>
171 search { <em class="replaceable"><code>string</code></em>; ... };<br>
172 ndots <em class="replaceable"><code>integer</code></em>;<br>
176 <div class="refsection">
177 <a name="id-1.14.17.17"></a><h2>OPTIONS</h2>
178 <div class="literallayout"><p><br>
180 avoid-v4-udp-ports { <em class="replaceable"><code>port</code></em>; ... };<br>
181 avoid-v6-udp-ports { <em class="replaceable"><code>port</code></em>; ... };<br>
182 blackhole { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
183 coresize <em class="replaceable"><code>size</code></em>;<br>
184 datasize <em class="replaceable"><code>size</code></em>;<br>
185 directory <em class="replaceable"><code>quoted_string</code></em>;<br>
186 dump-file <em class="replaceable"><code>quoted_string</code></em>;<br>
187 files <em class="replaceable"><code>size</code></em>;<br>
188 heartbeat-interval <em class="replaceable"><code>integer</code></em>;<br>
189 host-statistics <em class="replaceable"><code>boolean</code></em>; // not implemented<br>
190 host-statistics-max <em class="replaceable"><code>number</code></em>; // not implemented<br>
191 hostname ( <em class="replaceable"><code>quoted_string</code></em> | none );<br>
192 interface-interval <em class="replaceable"><code>integer</code></em>;<br>
193 listen-on [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
194 listen-on-v6 [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
195 match-mapped-addresses <em class="replaceable"><code>boolean</code></em>;<br>
196 memstatistics-file <em class="replaceable"><code>quoted_string</code></em>;<br>
197 pid-file ( <em class="replaceable"><code>quoted_string</code></em> | none );<br>
198 port <em class="replaceable"><code>integer</code></em>;<br>
199 querylog <em class="replaceable"><code>boolean</code></em>;<br>
200 recursing-file <em class="replaceable"><code>quoted_string</code></em>;<br>
201 reserved-sockets <em class="replaceable"><code>integer</code></em>;<br>
202 random-device <em class="replaceable"><code>quoted_string</code></em>;<br>
203 recursive-clients <em class="replaceable"><code>integer</code></em>;<br>
204 serial-query-rate <em class="replaceable"><code>integer</code></em>;<br>
205 server-id ( <em class="replaceable"><code>quoted_string</code></em> | hostname | none );<br>
206 stacksize <em class="replaceable"><code>size</code></em>;<br>
207 statistics-file <em class="replaceable"><code>quoted_string</code></em>;<br>
208 statistics-interval <em class="replaceable"><code>integer</code></em>; // not yet implemented<br>
209 tcp-clients <em class="replaceable"><code>integer</code></em>;<br>
210 tcp-listen-queue <em class="replaceable"><code>integer</code></em>;<br>
211 tkey-dhkey <em class="replaceable"><code>quoted_string</code></em> <em class="replaceable"><code>integer</code></em>;<br>
212 tkey-gssapi-credential <em class="replaceable"><code>quoted_string</code></em>;<br>
213 tkey-gssapi-keytab <em class="replaceable"><code>quoted_string</code></em>;<br>
214 tkey-domain <em class="replaceable"><code>quoted_string</code></em>;<br>
215 transfers-per-ns <em class="replaceable"><code>integer</code></em>;<br>
216 transfers-in <em class="replaceable"><code>integer</code></em>;<br>
217 transfers-out <em class="replaceable"><code>integer</code></em>;<br>
218 version ( <em class="replaceable"><code>quoted_string</code></em> | none );<br>
219 allow-recursion { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
220 allow-recursion-on { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
221 sortlist { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
222 topology { <em class="replaceable"><code>address_match_element</code></em>; ... }; // not implemented<br>
223 auth-nxdomain <em class="replaceable"><code>boolean</code></em>; // default changed<br>
224 minimal-responses <em class="replaceable"><code>boolean</code></em>;<br>
225 recursion <em class="replaceable"><code>boolean</code></em>;<br>
227 [<span class="optional"> class <em class="replaceable"><code>string</code></em> </span>] [<span class="optional"> type <em class="replaceable"><code>string</code></em> </span>]<br>
228 [<span class="optional"> name <em class="replaceable"><code>quoted_string</code></em> </span>] <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>string</code></em>; ...<br>
230 provide-ixfr <em class="replaceable"><code>boolean</code></em>;<br>
231 request-ixfr <em class="replaceable"><code>boolean</code></em>;<br>
232 rfc2308-type1 <em class="replaceable"><code>boolean</code></em>; // not yet implemented<br>
233 additional-from-auth <em class="replaceable"><code>boolean</code></em>;<br>
234 additional-from-cache <em class="replaceable"><code>boolean</code></em>;<br>
235 query-source ( ( <em class="replaceable"><code>ipv4_address</code></em> | * ) | [<span class="optional"> address ( <em class="replaceable"><code>ipv4_address</code></em> | * ) </span>] ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
236 query-source-v6 ( ( <em class="replaceable"><code>ipv6_address</code></em> | * ) | [<span class="optional"> address ( <em class="replaceable"><code>ipv6_address</code></em> | * ) </span>] ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
237 use-queryport-pool <em class="replaceable"><code>boolean</code></em>;<br>
238 queryport-pool-ports <em class="replaceable"><code>integer</code></em>;<br>
239 queryport-pool-updateinterval <em class="replaceable"><code>integer</code></em>;<br>
240 cleaning-interval <em class="replaceable"><code>integer</code></em>;<br>
241 resolver-query-timeout <em class="replaceable"><code>integer</code></em>;<br>
242 min-roots <em class="replaceable"><code>integer</code></em>; // not implemented<br>
243 lame-ttl <em class="replaceable"><code>integer</code></em>;<br>
244 max-ncache-ttl <em class="replaceable"><code>integer</code></em>;<br>
245 max-cache-ttl <em class="replaceable"><code>integer</code></em>;<br>
246 transfer-format ( many-answers | one-answer );<br>
247 max-cache-size <em class="replaceable"><code>size</code></em>;<br>
248 max-acache-size <em class="replaceable"><code>size</code></em>;<br>
249 clients-per-query <em class="replaceable"><code>number</code></em>;<br>
250 max-clients-per-query <em class="replaceable"><code>number</code></em>;<br>
251 check-names ( master | slave | response )<br>
252 ( fail | warn | ignore );<br>
253 check-mx ( fail | warn | ignore );<br>
254 check-integrity <em class="replaceable"><code>boolean</code></em>;<br>
255 check-mx-cname ( fail | warn | ignore );<br>
256 check-srv-cname ( fail | warn | ignore );<br>
257 cache-file <em class="replaceable"><code>quoted_string</code></em>; // test option<br>
258 suppress-initial-notify <em class="replaceable"><code>boolean</code></em>; // not yet implemented<br>
259 preferred-glue <em class="replaceable"><code>string</code></em>;<br>
260 dual-stack-servers [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br>
261 ( <em class="replaceable"><code>quoted_string</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] |<br>
262 <em class="replaceable"><code>ipv4_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] |<br>
263 <em class="replaceable"><code>ipv6_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] ); ...<br>
265 edns-udp-size <em class="replaceable"><code>integer</code></em>;<br>
266 max-udp-size <em class="replaceable"><code>integer</code></em>;<br>
267 root-delegation-only [<span class="optional"> exclude { <em class="replaceable"><code>quoted_string</code></em>; ... } </span>];<br>
268 disable-algorithms <em class="replaceable"><code>string</code></em> { <em class="replaceable"><code>string</code></em>; ... };<br>
269 dnssec-enable <em class="replaceable"><code>boolean</code></em>;<br>
270 dnssec-validation <em class="replaceable"><code>boolean</code></em>;<br>
271 dnssec-lookaside ( <em class="replaceable"><code>auto</code></em> | <em class="replaceable"><code>no</code></em> | <em class="replaceable"><code>domain</code></em> trust-anchor <em class="replaceable"><code>domain</code></em> );<br>
272 dnssec-must-be-secure <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>boolean</code></em>;<br>
273 dnssec-accept-expired <em class="replaceable"><code>boolean</code></em>;<br>
275 dns64-server <em class="replaceable"><code>string</code></em>;<br>
276 dns64-contact <em class="replaceable"><code>string</code></em>;<br>
277 dns64 <em class="replaceable"><code>prefix</code></em> {<br>
278 clients { <span style="color: red"><replacable>acl</replacable></span>; };<br>
279 exclude { <span style="color: red"><replacable>acl</replacable></span>; };<br>
280 mapped { <span style="color: red"><replacable>acl</replacable></span>; };<br>
281 break-dnssec <em class="replaceable"><code>boolean</code></em>;<br>
282 recursive-only <em class="replaceable"><code>boolean</code></em>;<br>
283 suffix <em class="replaceable"><code>ipv6_address</code></em>;<br>
286 empty-server <em class="replaceable"><code>string</code></em>;<br>
287 empty-contact <em class="replaceable"><code>string</code></em>;<br>
288 empty-zones-enable <em class="replaceable"><code>boolean</code></em>;<br>
289 disable-empty-zone <em class="replaceable"><code>string</code></em>;<br>
291 dialup <em class="replaceable"><code>dialuptype</code></em>;<br>
292 ixfr-from-differences <em class="replaceable"><code>ixfrdiff</code></em>;<br>
294 allow-query { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
295 allow-query-on { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
296 allow-query-cache { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
297 allow-query-cache-on { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
298 allow-transfer { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
299 allow-update { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
300 allow-update-forwarding { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
301 update-check-ksk <em class="replaceable"><code>boolean</code></em>;<br>
302 dnssec-dnskey-kskonly <em class="replaceable"><code>boolean</code></em>;<br>
304 masterfile-format ( text | raw );<br>
305 notify <em class="replaceable"><code>notifytype</code></em>;<br>
306 notify-source ( <em class="replaceable"><code>ipv4_address</code></em> | * ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
307 notify-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
308 notify-delay <em class="replaceable"><code>seconds</code></em>;<br>
309 notify-to-soa <em class="replaceable"><code>boolean</code></em>;<br>
310 also-notify [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] { ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> )<br>
311 [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>]; ...<br>
312 [<span class="optional"> key <em class="replaceable"><code>keyname</code></em> </span>] ... };<br>
313 allow-notify { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
315 forward ( first | only );<br>
316 forwarders [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br>
317 ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> ) [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>]; ...<br>
320 max-journal-size <em class="replaceable"><code>size_no_default</code></em>;<br>
321 max-transfer-time-in <em class="replaceable"><code>integer</code></em>;<br>
322 max-transfer-time-out <em class="replaceable"><code>integer</code></em>;<br>
323 max-transfer-idle-in <em class="replaceable"><code>integer</code></em>;<br>
324 max-transfer-idle-out <em class="replaceable"><code>integer</code></em>;<br>
325 max-retry-time <em class="replaceable"><code>integer</code></em>;<br>
326 min-retry-time <em class="replaceable"><code>integer</code></em>;<br>
327 max-refresh-time <em class="replaceable"><code>integer</code></em>;<br>
328 min-refresh-time <em class="replaceable"><code>integer</code></em>;<br>
329 multi-master <em class="replaceable"><code>boolean</code></em>;<br>
331 sig-validity-interval <em class="replaceable"><code>integer</code></em>;<br>
332 sig-re-signing-interval <em class="replaceable"><code>integer</code></em>;<br>
333 sig-signing-nodes <em class="replaceable"><code>integer</code></em>;<br>
334 sig-signing-signatures <em class="replaceable"><code>integer</code></em>;<br>
335 sig-signing-type <em class="replaceable"><code>integer</code></em>;<br>
337 transfer-source ( <em class="replaceable"><code>ipv4_address</code></em> | * )<br>
338 [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
339 transfer-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * )<br>
340 [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
342 alt-transfer-source ( <em class="replaceable"><code>ipv4_address</code></em> | * )<br>
343 [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
344 alt-transfer-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * )<br>
345 [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
346 use-alt-transfer-source <em class="replaceable"><code>boolean</code></em>;<br>
348 zone-statistics <em class="replaceable"><code>boolean</code></em>;<br>
349 key-directory <em class="replaceable"><code>quoted_string</code></em>;<br>
350 managed-keys-directory <em class="replaceable"><code>quoted_string</code></em>;<br>
351 auto-dnssec <code class="constant">allow</code>|<code class="constant">maintain</code>|<code class="constant">off</code>;<br>
352 try-tcp-refresh <em class="replaceable"><code>boolean</code></em>;<br>
353 zero-no-soa-ttl <em class="replaceable"><code>boolean</code></em>;<br>
354 zero-no-soa-ttl-cache <em class="replaceable"><code>boolean</code></em>;<br>
355 dnssec-secure-to-insecure <em class="replaceable"><code>boolean</code></em>;<br>
356 deny-answer-addresses {<br>
357 <em class="replaceable"><code>address_match_list</code></em><br>
358 } [<span class="optional"> except-from { <em class="replaceable"><code>namelist</code></em> } </span>];<br>
359 deny-answer-aliases {<br>
360 <em class="replaceable"><code>namelist</code></em><br>
361 } [<span class="optional"> except-from { <em class="replaceable"><code>namelist</code></em> } </span>];<br>
363 nsec3-test-zone <em class="replaceable"><code>boolean</code></em>; // testing only<br>
365 allow-v6-synthesis { <em class="replaceable"><code>address_match_element</code></em>; ... }; // obsolete<br>
366 deallocate-on-exit <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
367 fake-iquery <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
368 fetch-glue <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
369 has-old-clients <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
370 maintain-ixfr-base <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
371 max-ixfr-log-size <em class="replaceable"><code>size</code></em>; // obsolete<br>
372 multiple-cnames <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
373 named-xfer <em class="replaceable"><code>quoted_string</code></em>; // obsolete<br>
374 serial-queries <em class="replaceable"><code>integer</code></em>; // obsolete<br>
375 treat-cr-as-space <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
376 use-id-pool <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
377 use-ixfr <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
381 <div class="refsection">
382 <a name="id-1.14.17.18"></a><h2>VIEW</h2>
383 <div class="literallayout"><p><br>
384 view <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>optional_class</code></em> {<br>
385 match-clients { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
386 match-destinations { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
387 match-recursive-only <em class="replaceable"><code>boolean</code></em>;<br>
389 key <em class="replaceable"><code>string</code></em> {<br>
390 algorithm <em class="replaceable"><code>string</code></em>;<br>
391 secret <em class="replaceable"><code>string</code></em>;<br>
394 zone <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>optional_class</code></em> {<br>
398 server ( <em class="replaceable"><code>ipv4_address[<span class="optional">/prefixlen</span>]</code></em> | <em class="replaceable"><code>ipv6_address[<span class="optional">/prefixlen</span>]</code></em> ) {<br>
403 <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>integer</code></em> <em class="replaceable"><code>integer</code></em> <em class="replaceable"><code>integer</code></em> <em class="replaceable"><code>quoted_string</code></em>;<br>
404 [<span class="optional">...</span>]<br>
407 allow-recursion { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
408 allow-recursion-on { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
409 sortlist { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
410 topology { <em class="replaceable"><code>address_match_element</code></em>; ... }; // not implemented<br>
411 auth-nxdomain <em class="replaceable"><code>boolean</code></em>; // default changed<br>
412 minimal-responses <em class="replaceable"><code>boolean</code></em>;<br>
413 recursion <em class="replaceable"><code>boolean</code></em>;<br>
415 [<span class="optional"> class <em class="replaceable"><code>string</code></em> </span>] [<span class="optional"> type <em class="replaceable"><code>string</code></em> </span>]<br>
416 [<span class="optional"> name <em class="replaceable"><code>quoted_string</code></em> </span>] <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>string</code></em>; ...<br>
418 provide-ixfr <em class="replaceable"><code>boolean</code></em>;<br>
419 request-ixfr <em class="replaceable"><code>boolean</code></em>;<br>
420 rfc2308-type1 <em class="replaceable"><code>boolean</code></em>; // not yet implemented<br>
421 additional-from-auth <em class="replaceable"><code>boolean</code></em>;<br>
422 additional-from-cache <em class="replaceable"><code>boolean</code></em>;<br>
423 query-source ( ( <em class="replaceable"><code>ipv4_address</code></em> | * ) | [<span class="optional"> address ( <em class="replaceable"><code>ipv4_address</code></em> | * ) </span>] ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
424 query-source-v6 ( ( <em class="replaceable"><code>ipv6_address</code></em> | * ) | [<span class="optional"> address ( <em class="replaceable"><code>ipv6_address</code></em> | * ) </span>] ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
425 use-queryport-pool <em class="replaceable"><code>boolean</code></em>;<br>
426 queryport-pool-ports <em class="replaceable"><code>integer</code></em>;<br>
427 queryport-pool-updateinterval <em class="replaceable"><code>integer</code></em>;<br>
428 cleaning-interval <em class="replaceable"><code>integer</code></em>;<br>
429 resolver-query-timeout <em class="replaceable"><code>integer</code></em>;<br>
430 min-roots <em class="replaceable"><code>integer</code></em>; // not implemented<br>
431 lame-ttl <em class="replaceable"><code>integer</code></em>;<br>
432 max-ncache-ttl <em class="replaceable"><code>integer</code></em>;<br>
433 max-cache-ttl <em class="replaceable"><code>integer</code></em>;<br>
434 transfer-format ( many-answers | one-answer );<br>
435 max-cache-size <em class="replaceable"><code>size</code></em>;<br>
436 max-acache-size <em class="replaceable"><code>size</code></em>;<br>
437 clients-per-query <em class="replaceable"><code>number</code></em>;<br>
438 max-clients-per-query <em class="replaceable"><code>number</code></em>;<br>
439 check-names ( master | slave | response )<br>
440 ( fail | warn | ignore );<br>
441 check-mx ( fail | warn | ignore );<br>
442 check-integrity <em class="replaceable"><code>boolean</code></em>;<br>
443 check-mx-cname ( fail | warn | ignore );<br>
444 check-srv-cname ( fail | warn | ignore );<br>
445 cache-file <em class="replaceable"><code>quoted_string</code></em>; // test option<br>
446 suppress-initial-notify <em class="replaceable"><code>boolean</code></em>; // not yet implemented<br>
447 preferred-glue <em class="replaceable"><code>string</code></em>;<br>
448 dual-stack-servers [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br>
449 ( <em class="replaceable"><code>quoted_string</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] |<br>
450 <em class="replaceable"><code>ipv4_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] |<br>
451 <em class="replaceable"><code>ipv6_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] ); ...<br>
453 edns-udp-size <em class="replaceable"><code>integer</code></em>;<br>
454 max-udp-size <em class="replaceable"><code>integer</code></em>;<br>
455 root-delegation-only [<span class="optional"> exclude { <em class="replaceable"><code>quoted_string</code></em>; ... } </span>];<br>
456 disable-algorithms <em class="replaceable"><code>string</code></em> { <em class="replaceable"><code>string</code></em>; ... };<br>
457 dnssec-enable <em class="replaceable"><code>boolean</code></em>;<br>
458 dnssec-validation <em class="replaceable"><code>boolean</code></em>;<br>
459 dnssec-lookaside ( <em class="replaceable"><code>auto</code></em> | <em class="replaceable"><code>no</code></em> | <em class="replaceable"><code>domain</code></em> trust-anchor <em class="replaceable"><code>domain</code></em> );<br>
460 dnssec-must-be-secure <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>boolean</code></em>;<br>
461 dnssec-accept-expired <em class="replaceable"><code>boolean</code></em>;<br>
463 dns64-server <em class="replaceable"><code>string</code></em>;<br>
464 dns64-contact <em class="replaceable"><code>string</code></em>;<br>
465 dns64 <em class="replaceable"><code>prefix</code></em> {<br>
466 clients { <span style="color: red"><replacable>acl</replacable></span>; };<br>
467 exclude { <span style="color: red"><replacable>acl</replacable></span>; };<br>
468 mapped { <span style="color: red"><replacable>acl</replacable></span>; };<br>
469 break-dnssec <em class="replaceable"><code>boolean</code></em>;<br>
470 recursive-only <em class="replaceable"><code>boolean</code></em>;<br>
471 suffix <em class="replaceable"><code>ipv6_address</code></em>;<br>
474 empty-server <em class="replaceable"><code>string</code></em>;<br>
475 empty-contact <em class="replaceable"><code>string</code></em>;<br>
476 empty-zones-enable <em class="replaceable"><code>boolean</code></em>;<br>
477 disable-empty-zone <em class="replaceable"><code>string</code></em>;<br>
479 dialup <em class="replaceable"><code>dialuptype</code></em>;<br>
480 ixfr-from-differences <em class="replaceable"><code>ixfrdiff</code></em>;<br>
482 allow-query { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
483 allow-query-on { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
484 allow-query-cache { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
485 allow-query-cache-on { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
486 allow-transfer { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
487 allow-update { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
488 allow-update-forwarding { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
489 update-check-ksk <em class="replaceable"><code>boolean</code></em>;<br>
490 dnssec-dnskey-kskonly <em class="replaceable"><code>boolean</code></em>;<br>
492 masterfile-format ( text | raw );<br>
493 notify <em class="replaceable"><code>notifytype</code></em>;<br>
494 notify-source ( <em class="replaceable"><code>ipv4_address</code></em> | * ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
495 notify-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
496 notify-delay <em class="replaceable"><code>seconds</code></em>;<br>
497 notify-to-soa <em class="replaceable"><code>boolean</code></em>;<br>
498 also-notify [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] { ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> )<br>
499 [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>]; ...<br>
500 [<span class="optional"> key <em class="replaceable"><code>keyname</code></em> </span>] ... };<br>
501 allow-notify { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
503 forward ( first | only );<br>
504 forwarders [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br>
505 ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> ) [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>]; ...<br>
508 max-journal-size <em class="replaceable"><code>size_no_default</code></em>;<br>
509 max-transfer-time-in <em class="replaceable"><code>integer</code></em>;<br>
510 max-transfer-time-out <em class="replaceable"><code>integer</code></em>;<br>
511 max-transfer-idle-in <em class="replaceable"><code>integer</code></em>;<br>
512 max-transfer-idle-out <em class="replaceable"><code>integer</code></em>;<br>
513 max-retry-time <em class="replaceable"><code>integer</code></em>;<br>
514 min-retry-time <em class="replaceable"><code>integer</code></em>;<br>
515 max-refresh-time <em class="replaceable"><code>integer</code></em>;<br>
516 min-refresh-time <em class="replaceable"><code>integer</code></em>;<br>
517 multi-master <em class="replaceable"><code>boolean</code></em>;<br>
518 sig-validity-interval <em class="replaceable"><code>integer</code></em>;<br>
520 transfer-source ( <em class="replaceable"><code>ipv4_address</code></em> | * )<br>
521 [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
522 transfer-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * )<br>
523 [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
525 alt-transfer-source ( <em class="replaceable"><code>ipv4_address</code></em> | * )<br>
526 [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
527 alt-transfer-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * )<br>
528 [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
529 use-alt-transfer-source <em class="replaceable"><code>boolean</code></em>;<br>
531 zone-statistics <em class="replaceable"><code>boolean</code></em>;<br>
532 try-tcp-refresh <em class="replaceable"><code>boolean</code></em>;<br>
533 key-directory <em class="replaceable"><code>quoted_string</code></em>;<br>
534 zero-no-soa-ttl <em class="replaceable"><code>boolean</code></em>;<br>
535 zero-no-soa-ttl-cache <em class="replaceable"><code>boolean</code></em>;<br>
536 dnssec-secure-to-insecure <em class="replaceable"><code>boolean</code></em>;<br>
538 allow-v6-synthesis { <em class="replaceable"><code>address_match_element</code></em>; ... }; // obsolete<br>
539 fetch-glue <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
540 maintain-ixfr-base <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
541 max-ixfr-log-size <em class="replaceable"><code>size</code></em>; // obsolete<br>
545 <div class="refsection">
546 <a name="id-1.14.17.19"></a><h2>ZONE</h2>
547 <div class="literallayout"><p><br>
548 zone <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>optional_class</code></em> {<br>
549 type ( master | slave | stub | hint | redirect |<br>
550 forward | delegation-only );<br>
551 file <em class="replaceable"><code>quoted_string</code></em>;<br>
553 masters [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br>
554 ( <em class="replaceable"><code>masters</code></em> |<br>
555 <em class="replaceable"><code>ipv4_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] |<br>
556 <em class="replaceable"><code>ipv6_address</code></em> [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] ) [<span class="optional"> key <em class="replaceable"><code>string</code></em> </span>]; ...<br>
559 database <em class="replaceable"><code>string</code></em>;<br>
560 delegation-only <em class="replaceable"><code>boolean</code></em>;<br>
561 check-names ( fail | warn | ignore );<br>
562 check-mx ( fail | warn | ignore );<br>
563 check-integrity <em class="replaceable"><code>boolean</code></em>;<br>
564 check-mx-cname ( fail | warn | ignore );<br>
565 check-srv-cname ( fail | warn | ignore );<br>
566 dialup <em class="replaceable"><code>dialuptype</code></em>;<br>
567 ixfr-from-differences <em class="replaceable"><code>boolean</code></em>;<br>
568 journal <em class="replaceable"><code>quoted_string</code></em>;<br>
569 zero-no-soa-ttl <em class="replaceable"><code>boolean</code></em>;<br>
570 dnssec-secure-to-insecure <em class="replaceable"><code>boolean</code></em>;<br>
572 allow-query { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
573 allow-query-on { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
574 allow-transfer { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
575 allow-update { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
576 allow-update-forwarding { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
577 update-policy <em class="replaceable"><code>local</code></em> | <em class="replaceable"><code> {<br>
578 ( grant | deny ) <em class="replaceable"><code>string</code></em><br>
579 ( name | subdomain | wildcard | self | selfsub | selfwild |<br>
580 krb5-self | ms-self | krb5-subdomain | ms-subdomain |<br>
581 tcp-self | zonesub | 6to4-self ) <em class="replaceable"><code>string</code></em><br>
582 <em class="replaceable"><code>rrtypelist</code></em>;<br>
583 [<span class="optional">...</span>]<br>
585 update-check-ksk <em class="replaceable"><code>boolean</code></em>;<br>
586 dnssec-dnskey-kskonly <em class="replaceable"><code>boolean</code></em>;<br>
588 masterfile-format ( text | raw );<br>
589 notify <em class="replaceable"><code>notifytype</code></em>;<br>
590 notify-source ( <em class="replaceable"><code>ipv4_address</code></em> | * ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
591 notify-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
592 notify-delay <em class="replaceable"><code>seconds</code></em>;<br>
593 notify-to-soa <em class="replaceable"><code>boolean</code></em>;<br>
594 also-notify [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] { ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> )<br>
595 [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>]; ...<br>
596 [<span class="optional"> key <em class="replaceable"><code>keyname</code></em> </span>] ... };<br>
597 allow-notify { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
599 forward ( first | only );<br>
600 forwarders [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br>
601 ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> ) [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>]; ...<br>
604 max-journal-size <em class="replaceable"><code>size_no_default</code></em>;<br>
605 max-transfer-time-in <em class="replaceable"><code>integer</code></em>;<br>
606 max-transfer-time-out <em class="replaceable"><code>integer</code></em>;<br>
607 max-transfer-idle-in <em class="replaceable"><code>integer</code></em>;<br>
608 max-transfer-idle-out <em class="replaceable"><code>integer</code></em>;<br>
609 max-retry-time <em class="replaceable"><code>integer</code></em>;<br>
610 min-retry-time <em class="replaceable"><code>integer</code></em>;<br>
611 max-refresh-time <em class="replaceable"><code>integer</code></em>;<br>
612 min-refresh-time <em class="replaceable"><code>integer</code></em>;<br>
613 multi-master <em class="replaceable"><code>boolean</code></em>;<br>
614 request-ixfr <em class="replaceable"><code>boolean</code></em>;<br>
615 sig-validity-interval <em class="replaceable"><code>integer</code></em>;<br>
617 transfer-source ( <em class="replaceable"><code>ipv4_address</code></em> | * )<br>
618 [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
619 transfer-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * )<br>
620 [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
622 alt-transfer-source ( <em class="replaceable"><code>ipv4_address</code></em> | * )<br>
623 [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
624 alt-transfer-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * )<br>
625 [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br>
626 use-alt-transfer-source <em class="replaceable"><code>boolean</code></em>;<br>
628 zone-statistics <em class="replaceable"><code>boolean</code></em>;<br>
629 try-tcp-refresh <em class="replaceable"><code>boolean</code></em>;<br>
630 key-directory <em class="replaceable"><code>quoted_string</code></em>;<br>
632 nsec3-test-zone <em class="replaceable"><code>boolean</code></em>; // testing only<br>
634 ixfr-base <em class="replaceable"><code>quoted_string</code></em>; // obsolete<br>
635 ixfr-tmp-file <em class="replaceable"><code>quoted_string</code></em>; // obsolete<br>
636 maintain-ixfr-base <em class="replaceable"><code>boolean</code></em>; // obsolete<br>
637 max-ixfr-log-size <em class="replaceable"><code>size</code></em>; // obsolete<br>
638 pubkey <em class="replaceable"><code>integer</code></em> <em class="replaceable"><code>integer</code></em> <em class="replaceable"><code>integer</code></em> <em class="replaceable"><code>quoted_string</code></em>; // obsolete<br>
642 <div class="refsection">
643 <a name="id-1.14.17.20"></a><h2>FILES</h2>
644 <p><code class="filename">/etc/named.conf</code>
647 <div class="refsection">
648 <a name="id-1.14.17.21"></a><h2>SEE ALSO</h2>
649 <p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
650 <span class="citerefentry"><span class="refentrytitle">named-checkconf</span>(8)</span>,
651 <span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>,
652 <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
656 <div class="navfooter">
658 <table width="100%" summary="Navigation footer">
660 <td width="40%" align="left">
661 <a accesskey="p" href="man.named.html">Prev</a> </td>
662 <td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch13.html">Up</a></td>
663 <td width="40%" align="right"> <a accesskey="n" href="man.lwresd.html">Next</a>
667 <td width="40%" align="left" valign="top">
668 <span class="application">named</span> </td>
669 <td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
670 <td width="40%" align="right" valign="top"> <span class="application">lwresd</span>
675 <p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.9.9-P3 (Extended Support Version)</p>