2 This is a summary of the named.conf options supported by
3 this version of BIND 9.
5 acl <string> { <address_match_element>; ... };
8 inet ( <ipv4_address> | <ipv6_address> | * ) [ port ( <integer> | *
9 ) ] allow { <address_match_element>; ... } [ keys { <string>;
11 unix <quoted_string> perm <integer> owner <integer> group <integer>
12 [ keys { <string>; ... } ];
25 category <string> { <string>; ... };
27 file <quoted_string> [ versions ( "unlimited" | <integer> )
30 print-category <boolean>;
31 print-severity <boolean>;
33 severity <log_severity>;
35 syslog <optional_facility>;
40 listen-on [ port <integer> ] { ( <ipv4_address> | <ipv6_address> )
41 [ port <integer> ]; ... };
43 search { <string>; ... };
44 view <string> <optional_class>;
47 managed-keys { <string> <string> <integer> <integer> <integer>
48 <quoted_string>; ... };
50 masters <string> [ port <integer> ] { ( <masters> | <ipv4_address> [ port
51 <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ]; ... };
54 acache-cleaning-interval <integer>;
55 acache-enable <boolean>;
56 additional-from-auth <boolean>;
57 additional-from-cache <boolean>;
58 allow-new-zones <boolean>;
59 allow-notify { <address_match_element>; ... };
60 allow-query { <address_match_element>; ... };
61 allow-query-cache { <address_match_element>; ... };
62 allow-query-cache-on { <address_match_element>; ... };
63 allow-query-on { <address_match_element>; ... };
64 allow-recursion { <address_match_element>; ... };
65 allow-recursion-on { <address_match_element>; ... };
66 allow-transfer { <address_match_element>; ... };
67 allow-update { <address_match_element>; ... };
68 allow-update-forwarding { <address_match_element>; ... };
69 allow-v6-synthesis { <address_match_element>; ... }; // obsolete
70 also-notify [ port <integer> ] { ( <masters> | <ipv4_address> [
71 port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key
73 alt-transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
74 alt-transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> |
76 attach-cache <string>;
77 auth-nxdomain <boolean>; // default changed
78 auto-dnssec ( allow | maintain | off );
79 avoid-v4-udp-ports { <portrange>; ... };
80 avoid-v6-udp-ports { <portrange>; ... };
81 bindkeys-file <quoted_string>;
82 blackhole { <address_match_element>; ... };
83 cache-file <quoted_string>;
84 check-dup-records ( fail | warn | ignore );
85 check-integrity <boolean>;
86 check-mx ( fail | warn | ignore );
87 check-mx-cname ( fail | warn | ignore );
88 check-names ( master | slave | response ) ( fail | warn | ignore );
89 check-sibling <boolean>;
90 check-spf ( warn | ignore );
91 check-srv-cname ( fail | warn | ignore );
92 check-wildcard <boolean>;
93 cleaning-interval <integer>;
94 clients-per-query <integer>;
97 deallocate-on-exit <boolean>; // obsolete
98 deny-answer-addresses { <address_match_element>; ... } [
99 except-from { <quoted_string>; ... } ];
100 deny-answer-aliases { <quoted_string>; ... } [ except-from {
101 <quoted_string>; ... } ];
103 directory <quoted_string>;
104 disable-algorithms <string> { <string>; ... };
105 disable-empty-zone <string>;
107 break-dnssec <boolean>;
108 clients { <address_match_element>; ... };
109 exclude { <address_match_element>; ... };
110 mapped { <address_match_element>; ... };
111 recursive-only <boolean>;
112 suffix <ipv6_address>;
114 dns64-contact <string>;
115 dns64-server <string>;
116 dnssec-accept-expired <boolean>;
117 dnssec-dnskey-kskonly <boolean>;
118 dnssec-enable <boolean>;
119 dnssec-loadkeys-interval <integer>;
120 dnssec-lookaside ( <string> trust-anchor <string> | auto | no );
121 dnssec-must-be-secure <string> <boolean>;
122 dnssec-secure-to-insecure <boolean>;
123 dnssec-update-mode ( maintain | no-resign );
124 dnssec-validation ( yes | no | auto );
125 dual-stack-servers [ port <integer> ] { ( <quoted_string> [ port
126 <integer> ] | <ipv4_address> [ port <integer> ] |
127 <ipv6_address> [ port <integer> ] ); ... };
128 dump-file <quoted_string>;
129 edns-udp-size <integer>;
130 empty-contact <string>;
131 empty-server <string>;
132 empty-zones-enable <boolean>;
133 fake-iquery <boolean>; // obsolete
134 fetch-glue <boolean>; // obsolete
136 filter-aaaa { <address_match_element>; ... }; // not configured
137 filter-aaaa-on-v4 <v4_aaaa>; // not configured
138 flush-zones-on-shutdown <boolean>;
139 forward ( first | only );
140 forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> )
141 [ port <integer> ]; ... };
142 has-old-clients <boolean>; // obsolete
143 heartbeat-interval <integer>;
144 host-statistics <boolean>; // not implemented
145 host-statistics-max <integer>; // not implemented
146 hostname ( <quoted_string> | none );
147 inline-signing <boolean>;
148 interface-interval <integer>;
149 ixfr-from-differences <ixfrdiff>;
150 key-directory <quoted_string>;
152 listen-on [ port <integer> ] { <address_match_element>; ... };
153 listen-on-v6 [ port <integer> ] { <address_match_element>; ... };
154 maintain-ixfr-base <boolean>; // obsolete
155 managed-keys-directory <quoted_string>;
156 masterfile-format ( text | raw );
157 match-mapped-addresses <boolean>;
158 max-acache-size <size_no_default>;
159 max-cache-size <size_no_default>;
160 max-cache-ttl <integer>;
161 max-clients-per-query <integer>;
162 max-ixfr-log-size <size>; // obsolete
163 max-journal-size <size_no_default>;
164 max-ncache-ttl <integer>;
165 max-recursion-depth <integer>;
166 max-recursion-queries <integer>;
167 max-refresh-time <integer>;
168 max-retry-time <integer>;
169 max-rsa-exponent-size <integer>;
170 max-transfer-idle-in <integer>;
171 max-transfer-idle-out <integer>;
172 max-transfer-time-in <integer>;
173 max-transfer-time-out <integer>;
174 max-udp-size <integer>;
175 memstatistics <boolean>;
176 memstatistics-file <quoted_string>;
177 min-refresh-time <integer>;
178 min-retry-time <integer>;
179 min-roots <integer>; // not implemented
180 minimal-responses <boolean>;
181 multi-master <boolean>;
182 multiple-cnames <boolean>; // obsolete
183 named-xfer <quoted_string>; // obsolete
184 no-case-compress { <address_match_element>; ... };
186 notify-delay <integer>;
187 notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
188 notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
189 notify-to-soa <boolean>;
190 nsec3-test-zone <boolean>; // test only
191 pid-file ( <quoted_string> | none );
193 preferred-glue <string>;
194 provide-ixfr <boolean>;
195 query-source <querysource4>;
196 query-source-v6 <querysource6>;
198 queryport-pool-ports <integer>; // obsolete
199 queryport-pool-updateinterval <integer>; // obsolete
200 random-device <quoted_string>;
201 recursing-file <quoted_string>;
203 recursive-clients <integer>;
204 request-ixfr <boolean>;
205 request-nsid <boolean>;
206 reserved-sockets <integer>;
207 resolver-query-timeout <integer>;
208 response-policy { zone <quoted_string> [ policy ( given | disabled
209 | passthru | no-op | nxdomain | nodata | cname <quoted_string>
210 ) ] [ recursive-only <boolean> ] [ max-policy-ttl <integer> ];
211 ... } [ recursive-only <boolean> ] [ break-dnssec <boolean> ] [
212 max-policy-ttl <integer> ] [ min-ns-dots <integer> ];
213 rfc2308-type1 <boolean>; // not yet implemented
214 root-delegation-only [ exclude { <quoted_string>; ... } ];
215 rrset-order { [ class <string> ] [ type <string> ] [ name
216 <quoted_string> ] <string> <string>; ... };
217 secroots-file <quoted_string>;
218 serial-queries <integer>; // obsolete
219 serial-query-rate <integer>;
220 serial-update-method ( increment | unixtime );
221 server-id ( <quoted_string> | none | hostname );
222 session-keyalg <string>;
223 session-keyfile ( <quoted_string> | none );
224 session-keyname <string>;
225 sig-signing-nodes <integer>;
226 sig-signing-signatures <integer>;
227 sig-signing-type <integer>;
228 sig-validity-interval <integer> [ <integer> ];
229 sortlist { <address_match_element>; ... };
231 statistics-file <quoted_string>;
232 statistics-interval <integer>; // not yet implemented
233 suppress-initial-notify <boolean>; // not yet implemented
234 tcp-clients <integer>;
235 tcp-listen-queue <integer>;
236 tkey-dhkey <quoted_string> <integer>;
237 tkey-domain <quoted_string>;
238 tkey-gssapi-credential <quoted_string>;
239 tkey-gssapi-keytab <quoted_string>;
240 topology { <address_match_element>; ... }; // not implemented
241 transfer-format ( many-answers | one-answer );
242 transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
243 transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
244 transfers-in <integer>;
245 transfers-out <integer>;
246 transfers-per-ns <integer>;
247 treat-cr-as-space <boolean>; // obsolete
248 try-tcp-refresh <boolean>;
249 update-check-ksk <boolean>;
250 use-alt-transfer-source <boolean>;
251 use-id-pool <boolean>; // obsolete
253 use-queryport-pool <boolean>; // obsolete
254 use-v4-udp-ports { <portrange>; ... };
255 use-v6-udp-ports { <portrange>; ... };
256 version ( <quoted_string> | none );
257 zero-no-soa-ttl <boolean>;
258 zero-no-soa-ttl-cache <boolean>;
259 zone-statistics <zonestat>;
265 edns-udp-size <integer>;
267 max-udp-size <integer>;
268 notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
269 notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
270 provide-ixfr <boolean>;
271 query-source <querysource4>;
272 query-source-v6 <querysource6>;
273 request-ixfr <boolean>;
274 support-ixfr <boolean>; // obsolete
275 transfer-format ( many-answers | one-answer );
276 transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
277 transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
281 statistics-channels {
282 inet ( <ipv4_address> | <ipv6_address> | * ) [ port ( <integer> | *
283 ) ] [ allow { <address_match_element>; ... } ];
286 trusted-keys { <string> <integer> <integer> <integer> <quoted_string>; ... };
288 view <string> <optional_class> {
289 acache-cleaning-interval <integer>;
290 acache-enable <boolean>;
291 additional-from-auth <boolean>;
292 additional-from-cache <boolean>;
293 allow-new-zones <boolean>;
294 allow-notify { <address_match_element>; ... };
295 allow-query { <address_match_element>; ... };
296 allow-query-cache { <address_match_element>; ... };
297 allow-query-cache-on { <address_match_element>; ... };
298 allow-query-on { <address_match_element>; ... };
299 allow-recursion { <address_match_element>; ... };
300 allow-recursion-on { <address_match_element>; ... };
301 allow-transfer { <address_match_element>; ... };
302 allow-update { <address_match_element>; ... };
303 allow-update-forwarding { <address_match_element>; ... };
304 allow-v6-synthesis { <address_match_element>; ... }; // obsolete
305 also-notify [ port <integer> ] { ( <masters> | <ipv4_address> [
306 port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key
308 alt-transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
309 alt-transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> |
311 attach-cache <string>;
312 auth-nxdomain <boolean>; // default changed
313 auto-dnssec ( allow | maintain | off );
314 cache-file <quoted_string>;
315 check-dup-records ( fail | warn | ignore );
316 check-integrity <boolean>;
317 check-mx ( fail | warn | ignore );
318 check-mx-cname ( fail | warn | ignore );
319 check-names ( master | slave | response ) ( fail | warn | ignore );
320 check-sibling <boolean>;
321 check-spf ( warn | ignore );
322 check-srv-cname ( fail | warn | ignore );
323 check-wildcard <boolean>;
324 cleaning-interval <integer>;
325 clients-per-query <integer>;
326 deny-answer-addresses { <address_match_element>; ... } [
327 except-from { <quoted_string>; ... } ];
328 deny-answer-aliases { <quoted_string>; ... } [ except-from {
329 <quoted_string>; ... } ];
331 disable-algorithms <string> { <string>; ... };
332 disable-empty-zone <string>;
337 break-dnssec <boolean>;
338 clients { <address_match_element>; ... };
339 exclude { <address_match_element>; ... };
340 mapped { <address_match_element>; ... };
341 recursive-only <boolean>;
342 suffix <ipv6_address>;
344 dns64-contact <string>;
345 dns64-server <string>;
346 dnssec-accept-expired <boolean>;
347 dnssec-dnskey-kskonly <boolean>;
348 dnssec-enable <boolean>;
349 dnssec-loadkeys-interval <integer>;
350 dnssec-lookaside ( <string> trust-anchor <string> | auto | no );
351 dnssec-must-be-secure <string> <boolean>;
352 dnssec-secure-to-insecure <boolean>;
353 dnssec-update-mode ( maintain | no-resign );
354 dnssec-validation ( yes | no | auto );
355 dual-stack-servers [ port <integer> ] { ( <quoted_string> [ port
356 <integer> ] | <ipv4_address> [ port <integer> ] |
357 <ipv6_address> [ port <integer> ] ); ... };
358 edns-udp-size <integer>;
359 empty-contact <string>;
360 empty-server <string>;
361 empty-zones-enable <boolean>;
362 fetch-glue <boolean>; // obsolete
363 filter-aaaa { <address_match_element>; ... }; // not configured
364 filter-aaaa-on-v4 <v4_aaaa>; // not configured
365 forward ( first | only );
366 forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> )
367 [ port <integer> ]; ... };
368 inline-signing <boolean>;
369 ixfr-from-differences <ixfrdiff>;
374 key-directory <quoted_string>;
376 maintain-ixfr-base <boolean>; // obsolete
377 managed-keys { <string> <string> <integer> <integer> <integer>
378 <quoted_string>; ... };
379 masterfile-format ( text | raw );
380 match-clients { <address_match_element>; ... };
381 match-destinations { <address_match_element>; ... };
382 match-recursive-only <boolean>;
383 max-acache-size <size_no_default>;
384 max-cache-size <size_no_default>;
385 max-cache-ttl <integer>;
386 max-clients-per-query <integer>;
387 max-ixfr-log-size <size>; // obsolete
388 max-journal-size <size_no_default>;
389 max-ncache-ttl <integer>;
390 max-recursion-depth <integer>;
391 max-recursion-queries <integer>;
392 max-refresh-time <integer>;
393 max-retry-time <integer>;
394 max-transfer-idle-in <integer>;
395 max-transfer-idle-out <integer>;
396 max-transfer-time-in <integer>;
397 max-transfer-time-out <integer>;
398 max-udp-size <integer>;
399 min-refresh-time <integer>;
400 min-retry-time <integer>;
401 min-roots <integer>; // not implemented
402 minimal-responses <boolean>;
403 multi-master <boolean>;
404 no-case-compress { <address_match_element>; ... };
406 notify-delay <integer>;
407 notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
408 notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
409 notify-to-soa <boolean>;
410 nsec3-test-zone <boolean>; // test only
411 preferred-glue <string>;
412 provide-ixfr <boolean>;
413 query-source <querysource4>;
414 query-source-v6 <querysource6>;
415 queryport-pool-ports <integer>; // obsolete
416 queryport-pool-updateinterval <integer>; // obsolete
418 request-ixfr <boolean>;
419 request-nsid <boolean>;
420 resolver-query-timeout <integer>;
421 response-policy { zone <quoted_string> [ policy ( given | disabled
422 | passthru | no-op | nxdomain | nodata | cname <quoted_string>
423 ) ] [ recursive-only <boolean> ] [ max-policy-ttl <integer> ];
424 ... } [ recursive-only <boolean> ] [ break-dnssec <boolean> ] [
425 max-policy-ttl <integer> ] [ min-ns-dots <integer> ];
426 rfc2308-type1 <boolean>; // not yet implemented
427 root-delegation-only [ exclude { <quoted_string>; ... } ];
428 rrset-order { [ class <string> ] [ type <string> ] [ name
429 <quoted_string> ] <string> <string>; ... };
430 serial-update-method ( increment | unixtime );
434 edns-udp-size <integer>;
436 max-udp-size <integer>;
437 notify-source ( <ipv4_address> | * ) [ port ( <integer> | *
439 notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer>
441 provide-ixfr <boolean>;
442 query-source <querysource4>;
443 query-source-v6 <querysource6>;
444 request-ixfr <boolean>;
445 support-ixfr <boolean>; // obsolete
446 transfer-format ( many-answers | one-answer );
447 transfer-source ( <ipv4_address> | * ) [ port ( <integer> |
449 transfer-source-v6 ( <ipv6_address> | * ) [ port (
453 sig-signing-nodes <integer>;
454 sig-signing-signatures <integer>;
455 sig-signing-type <integer>;
456 sig-validity-interval <integer> [ <integer> ];
457 sortlist { <address_match_element>; ... };
458 suppress-initial-notify <boolean>; // not yet implemented
459 topology { <address_match_element>; ... }; // not implemented
460 transfer-format ( many-answers | one-answer );
461 transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
462 transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
463 trusted-keys { <string> <integer> <integer> <integer>
464 <quoted_string>; ... };
465 try-tcp-refresh <boolean>;
466 update-check-ksk <boolean>;
467 use-alt-transfer-source <boolean>;
468 use-queryport-pool <boolean>; // obsolete
469 zero-no-soa-ttl <boolean>;
470 zero-no-soa-ttl-cache <boolean>;
471 zone <string> <optional_class> {
472 allow-notify { <address_match_element>; ... };
473 allow-query { <address_match_element>; ... };
474 allow-query-on { <address_match_element>; ... };
475 allow-transfer { <address_match_element>; ... };
476 allow-update { <address_match_element>; ... };
477 allow-update-forwarding { <address_match_element>; ... };
478 also-notify [ port <integer> ] { ( <masters> |
479 <ipv4_address> [ port <integer> ] | <ipv6_address> [
480 port <integer> ] ) [ key <string> ]; ... };
481 alt-transfer-source ( <ipv4_address> | * ) [ port (
483 alt-transfer-source-v6 ( <ipv6_address> | * ) [ port (
485 auto-dnssec ( allow | maintain | off );
486 check-dup-records ( fail | warn | ignore );
487 check-integrity <boolean>;
488 check-mx ( fail | warn | ignore );
489 check-mx-cname ( fail | warn | ignore );
490 check-names ( fail | warn | ignore );
491 check-sibling <boolean>;
492 check-spf ( warn | ignore );
493 check-srv-cname ( fail | warn | ignore );
494 check-wildcard <boolean>;
496 delegation-only <boolean>;
498 dnssec-dnskey-kskonly <boolean>;
499 dnssec-loadkeys-interval <integer>;
500 dnssec-secure-to-insecure <boolean>;
501 dnssec-update-mode ( maintain | no-resign );
502 file <quoted_string>;
503 forward ( first | only );
504 forwarders [ port <integer> ] { ( <ipv4_address> |
505 <ipv6_address> ) [ port <integer> ]; ... };
506 inline-signing <boolean>;
507 ixfr-base <quoted_string>; // obsolete
508 ixfr-from-differences <boolean>;
509 ixfr-tmp-file <quoted_string>; // obsolete
510 journal <quoted_string>;
511 key-directory <quoted_string>;
512 maintain-ixfr-base <boolean>; // obsolete
513 masterfile-format ( text | raw );
514 masters [ port <integer> ] { ( <masters> | <ipv4_address> [
515 port <integer> ] | <ipv6_address> [ port <integer> ] )
516 [ key <string> ]; ... };
517 max-ixfr-log-size <size>; // obsolete
518 max-journal-size <size_no_default>;
519 max-refresh-time <integer>;
520 max-retry-time <integer>;
521 max-transfer-idle-in <integer>;
522 max-transfer-idle-out <integer>;
523 max-transfer-time-in <integer>;
524 max-transfer-time-out <integer>;
525 min-refresh-time <integer>;
526 min-retry-time <integer>;
527 multi-master <boolean>;
529 notify-delay <integer>;
530 notify-source ( <ipv4_address> | * ) [ port ( <integer> | *
532 notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer>
534 notify-to-soa <boolean>;
535 nsec3-test-zone <boolean>; // test only
536 pubkey <integer> <integer> <integer>
537 <quoted_string>; // obsolete
538 request-ixfr <boolean>;
539 serial-update-method ( increment | unixtime );
540 server-addresses { ( <ipv4_address> | <ipv6_address> ) [
541 port <integer> ]; ... };
542 server-names { <quoted_string>; ... };
543 sig-signing-nodes <integer>;
544 sig-signing-signatures <integer>;
545 sig-signing-type <integer>;
546 sig-validity-interval <integer> [ <integer> ];
547 transfer-source ( <ipv4_address> | * ) [ port ( <integer> |
549 transfer-source-v6 ( <ipv6_address> | * ) [ port (
551 try-tcp-refresh <boolean>;
552 type ( master | slave | stub | static-stub | hint | forward
553 | delegation-only | redirect );
554 update-check-ksk <boolean>;
555 update-policy ( local | { ( grant | deny ) <string> ( name
556 | subdomain | wildcard | self | selfsub | selfwild |
557 krb5-self | ms-self | krb5-subdomain | ms-subdomain |
558 tcp-self | 6to4-self | zonesub | external ) [ <string>
559 ] <rrtypelist>; ... };
560 use-alt-transfer-source <boolean>;
561 zero-no-soa-ttl <boolean>;
562 zone-statistics <zonestat>;
564 zone-statistics <zonestat>;
567 zone <string> <optional_class> {
568 allow-notify { <address_match_element>; ... };
569 allow-query { <address_match_element>; ... };
570 allow-query-on { <address_match_element>; ... };
571 allow-transfer { <address_match_element>; ... };
572 allow-update { <address_match_element>; ... };
573 allow-update-forwarding { <address_match_element>; ... };
574 also-notify [ port <integer> ] { ( <masters> | <ipv4_address> [
575 port <integer> ] | <ipv6_address> [ port <integer> ] ) [ key
577 alt-transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
578 alt-transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> |
580 auto-dnssec ( allow | maintain | off );
581 check-dup-records ( fail | warn | ignore );
582 check-integrity <boolean>;
583 check-mx ( fail | warn | ignore );
584 check-mx-cname ( fail | warn | ignore );
585 check-names ( fail | warn | ignore );
586 check-sibling <boolean>;
587 check-spf ( warn | ignore );
588 check-srv-cname ( fail | warn | ignore );
589 check-wildcard <boolean>;
591 delegation-only <boolean>;
593 dnssec-dnskey-kskonly <boolean>;
594 dnssec-loadkeys-interval <integer>;
595 dnssec-secure-to-insecure <boolean>;
596 dnssec-update-mode ( maintain | no-resign );
597 file <quoted_string>;
598 forward ( first | only );
599 forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> )
600 [ port <integer> ]; ... };
601 inline-signing <boolean>;
602 ixfr-base <quoted_string>; // obsolete
603 ixfr-from-differences <boolean>;
604 ixfr-tmp-file <quoted_string>; // obsolete
605 journal <quoted_string>;
606 key-directory <quoted_string>;
607 maintain-ixfr-base <boolean>; // obsolete
608 masterfile-format ( text | raw );
609 masters [ port <integer> ] { ( <masters> | <ipv4_address> [ port
610 <integer> ] | <ipv6_address> [ port <integer> ] ) [ key
612 max-ixfr-log-size <size>; // obsolete
613 max-journal-size <size_no_default>;
614 max-refresh-time <integer>;
615 max-retry-time <integer>;
616 max-transfer-idle-in <integer>;
617 max-transfer-idle-out <integer>;
618 max-transfer-time-in <integer>;
619 max-transfer-time-out <integer>;
620 min-refresh-time <integer>;
621 min-retry-time <integer>;
622 multi-master <boolean>;
624 notify-delay <integer>;
625 notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
626 notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
627 notify-to-soa <boolean>;
628 nsec3-test-zone <boolean>; // test only
629 pubkey <integer> <integer> <integer> <quoted_string>; // obsolete
630 request-ixfr <boolean>;
631 serial-update-method ( increment | unixtime );
632 server-addresses { ( <ipv4_address> | <ipv6_address> ) [ port
634 server-names { <quoted_string>; ... };
635 sig-signing-nodes <integer>;
636 sig-signing-signatures <integer>;
637 sig-signing-type <integer>;
638 sig-validity-interval <integer> [ <integer> ];
639 transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
640 transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
641 try-tcp-refresh <boolean>;
642 type ( master | slave | stub | static-stub | hint | forward |
643 delegation-only | redirect );
644 update-check-ksk <boolean>;
645 update-policy ( local | { ( grant | deny ) <string> ( name |
646 subdomain | wildcard | self | selfsub | selfwild | krb5-self |
647 ms-self | krb5-subdomain | ms-subdomain | tcp-self | 6to4-self
648 | zonesub | external ) [ <string> ] <rrtypelist>; ... };
649 use-alt-transfer-source <boolean>;
650 zero-no-soa-ttl <boolean>;
651 zone-statistics <zonestat>;