]> CyberLeo.Net >> Repos - FreeBSD/releng/8.1.git/blob - contrib/bind9/doc/misc/options
projects / FreeBSD / releng / 8.1.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Copy stable/8 to releng/8.1 in preparation for 8.1-RC1.
[FreeBSD/releng/8.1.git] / contrib / bind9 / doc / misc / options
1
2 This is a summary of the named.conf options supported by 
3 this version of BIND 9.
4
5 acl <string> { <address_match_element>; ... };
6
7 controls {
8         inet ( <ipv4_address> | <ipv6_address> | * ) [ port ( <integer> | *
9             ) ] allow { <address_match_element>; ... } [ keys { <string>;
10             ... } ];
11         unix <quoted_string> perm <integer> owner <integer> group <integer>
12             [ keys { <string>; ... } ];
13 };
14
15 dlz <string> {
16         database <string>;
17 };
18
19 key <string> {
20         algorithm <string>;
21         secret <string>;
22 };
23
24 logging {
25         category <string> { <string>; ... };
26         channel <string> {
27                 file <quoted_string> [ versions ( "unlimited" | <integer> )
28                     ] [ size <size> ];
29                 null;
30                 print-category <boolean>;
31                 print-severity <boolean>;
32                 print-time <boolean>;
33                 severity <log_severity>;
34                 stderr;
35                 syslog <optional_facility>;
36         };
37 };
38
39 lwres {
40         listen-on [ port <integer> ] { ( <ipv4_address> | <ipv6_address> )
41             [ port <integer> ]; ... };
42         ndots <integer>;
43         search { <string>; ... };
44         view <string> <optional_class>;
45 };
46
47 masters <string> [ port <integer> ] { ( <masters> | <ipv4_address> [ port
48     <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ]; ... };
49
50 options {
51         acache-cleaning-interval <integer>;
52         acache-enable <boolean>;
53         additional-from-auth <boolean>;
54         additional-from-cache <boolean>;
55         allow-notify { <address_match_element>; ... };
56         allow-query { <address_match_element>; ... };
57         allow-query-cache { <address_match_element>; ... };
58         allow-query-cache-on { <address_match_element>; ... };
59         allow-query-on { <address_match_element>; ... };
60         allow-recursion { <address_match_element>; ... };
61         allow-recursion-on { <address_match_element>; ... };
62         allow-transfer { <address_match_element>; ... };
63         allow-update { <address_match_element>; ... };
64         allow-update-forwarding { <address_match_element>; ... };
65         allow-v6-synthesis { <address_match_element>; ... }; // obsolete
66         also-notify [ port <integer> ] { ( <ipv4_address> | <ipv6_address>
67             ) [ port <integer> ]; ... };
68         alt-transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
69         alt-transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> |
70             * ) ];
71         auth-nxdomain <boolean>; // default changed
72         avoid-v4-udp-ports { <portrange>; ... };
73         avoid-v6-udp-ports { <portrange>; ... };
74         blackhole { <address_match_element>; ... };
75         cache-file <quoted_string>;
76         check-integrity <boolean>;
77         check-mx ( fail | warn | ignore );
78         check-mx-cname ( fail | warn | ignore );
79         check-names ( master | slave | response ) ( fail | warn | ignore );
80         check-sibling <boolean>;
81         check-srv-cname ( fail | warn | ignore );
82         check-wildcard <boolean>;
83         cleaning-interval <integer>;
84         clients-per-query <integer>;
85         coresize <size>;
86         datasize <size>;
87         deallocate-on-exit <boolean>; // obsolete
88         dialup <dialuptype>;
89         directory <quoted_string>;
90         disable-algorithms <string> { <string>; ... };
91         disable-empty-zone <string>;
92         dnssec-accept-expired <boolean>;
93         dnssec-enable <boolean>;
94         dnssec-lookaside <string> trust-anchor <string>;
95         dnssec-must-be-secure <string> <boolean>;
96         dnssec-validation <boolean>;
97         dual-stack-servers [ port <integer> ] { ( <quoted_string> [ port
98             <integer> ] | <ipv4_address> [ port <integer> ] |
99             <ipv6_address> [ port <integer> ] ); ... };
100         dump-file <quoted_string>;
101         edns-udp-size <integer>;
102         empty-contact <string>;
103         empty-server <string>;
104         empty-zones-enable <boolean>;
105         fake-iquery <boolean>; // obsolete
106         fetch-glue <boolean>; // obsolete
107         files <size>;
108         flush-zones-on-shutdown <boolean>;
109         forward ( first | only );
110         forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> )
111             [ port <integer> ]; ... };
112         has-old-clients <boolean>; // obsolete
113         heartbeat-interval <integer>;
114         host-statistics <boolean>; // not implemented
115         host-statistics-max <integer>; // not implemented
116         hostname ( <quoted_string> | none );
117         interface-interval <integer>;
118         ixfr-from-differences <ixfrdiff>;
119         key-directory <quoted_string>;
120         lame-ttl <integer>;
121         listen-on [ port <integer> ] { <address_match_element>; ... };
122         listen-on-v6 [ port <integer> ] { <address_match_element>; ... };
123         maintain-ixfr-base <boolean>; // obsolete
124         masterfile-format ( text | raw );
125         match-mapped-addresses <boolean>;
126         max-acache-size <size_no_default>;
127         max-cache-size <size_no_default>;
128         max-cache-ttl <integer>;
129         max-clients-per-query <integer>;
130         max-ixfr-log-size <size>; // obsolete
131         max-journal-size <size_no_default>;
132         max-ncache-ttl <integer>;
133         max-refresh-time <integer>;
134         max-retry-time <integer>;
135         max-transfer-idle-in <integer>;
136         max-transfer-idle-out <integer>;
137         max-transfer-time-in <integer>;
138         max-transfer-time-out <integer>;
139         max-udp-size <integer>;
140         memstatistics <boolean>;
141         memstatistics-file <quoted_string>;
142         min-refresh-time <integer>;
143         min-retry-time <integer>;
144         min-roots <integer>; // not implemented
145         minimal-responses <boolean>;
146         multi-master <boolean>;
147         multiple-cnames <boolean>; // obsolete
148         named-xfer <quoted_string>; // obsolete
149         notify <notifytype>;
150         notify-delay <integer>;
151         notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
152         notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
153         notify-to-soa <boolean>;
154         nsec3-test-zone <boolean>; // test only
155         pid-file ( <quoted_string> | none );
156         port <integer>;
157         preferred-glue <string>;
158         provide-ixfr <boolean>;
159         query-source <querysource4>;
160         query-source-v6 <querysource6>;
161         querylog <boolean>;
162         queryport-pool-ports <integer>; // obsolete
163         queryport-pool-updateinterval <integer>; // obsolete
164         random-device <quoted_string>;
165         recursing-file <quoted_string>;
166         recursion <boolean>;
167         recursive-clients <integer>;
168         request-ixfr <boolean>;
169         request-nsid <boolean>;
170         reserved-sockets <integer>;
171         rfc2308-type1 <boolean>; // not yet implemented
172         root-delegation-only [ exclude { <quoted_string>; ... } ];
173         rrset-order { [ class <string> ] [ type <string> ] [ name
174             <quoted_string> ] <string> <string>; ... };
175         serial-queries <integer>; // obsolete
176         serial-query-rate <integer>;
177         server-id ( <quoted_string> | none |;
178         sig-signing-nodes <integer>;
179         sig-signing-signatures <integer>;
180         sig-signing-type <integer>;
181         sig-validity-interval <integer> [ <integer> ];
182         sortlist { <address_match_element>; ... };
183         stacksize <size>;
184         statistics-file <quoted_string>;
185         statistics-interval <integer>; // not yet implemented
186         suppress-initial-notify <boolean>; // not yet implemented
187         tcp-clients <integer>;
188         tcp-listen-queue <integer>;
189         tkey-dhkey <quoted_string> <integer>;
190         tkey-domain <quoted_string>;
191         tkey-gssapi-credential <quoted_string>;
192         topology { <address_match_element>; ... }; // not implemented
193         transfer-format ( many-answers | one-answer );
194         transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
195         transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
196         transfers-in <integer>;
197         transfers-out <integer>;
198         transfers-per-ns <integer>;
199         treat-cr-as-space <boolean>; // obsolete
200         try-tcp-refresh <boolean>;
201         update-check-ksk <boolean>;
202         use-alt-transfer-source <boolean>;
203         use-id-pool <boolean>; // obsolete
204         use-ixfr <boolean>;
205         use-queryport-pool <boolean>; // obsolete
206         use-v4-udp-ports { <portrange>; ... };
207         use-v6-udp-ports { <portrange>; ... };
208         version ( <quoted_string> | none );
209         zero-no-soa-ttl <boolean>;
210         zero-no-soa-ttl-cache <boolean>;
211         zone-statistics <boolean>;
212 };
213
214 server <netprefix> {
215         bogus <boolean>;
216         edns <boolean>;
217         edns-udp-size <integer>;
218         keys <server_key>;
219         max-udp-size <integer>;
220         notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
221         notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
222         provide-ixfr <boolean>;
223         query-source <querysource4>;
224         query-source-v6 <querysource6>;
225         request-ixfr <boolean>;
226         support-ixfr <boolean>; // obsolete
227         transfer-format ( many-answers | one-answer );
228         transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
229         transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
230         transfers <integer>;
231 };
232
233 statistics-channels {
234         inet ( <ipv4_address> | <ipv6_address> | * ) [ port ( <integer> | *
235             ) ] [ allow { <address_match_element>; ... } ];
236 };
237
238 trusted-keys { <string> <integer> <integer> <integer> <quoted_string>; ... };
239
240 view <string> <optional_class> {
241         acache-cleaning-interval <integer>;
242         acache-enable <boolean>;
243         additional-from-auth <boolean>;
244         additional-from-cache <boolean>;
245         allow-notify { <address_match_element>; ... };
246         allow-query { <address_match_element>; ... };
247         allow-query-cache { <address_match_element>; ... };
248         allow-query-cache-on { <address_match_element>; ... };
249         allow-query-on { <address_match_element>; ... };
250         allow-recursion { <address_match_element>; ... };
251         allow-recursion-on { <address_match_element>; ... };
252         allow-transfer { <address_match_element>; ... };
253         allow-update { <address_match_element>; ... };
254         allow-update-forwarding { <address_match_element>; ... };
255         allow-v6-synthesis { <address_match_element>; ... }; // obsolete
256         also-notify [ port <integer> ] { ( <ipv4_address> | <ipv6_address>
257             ) [ port <integer> ]; ... };
258         alt-transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
259         alt-transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> |
260             * ) ];
261         auth-nxdomain <boolean>; // default changed
262         cache-file <quoted_string>;
263         check-integrity <boolean>;
264         check-mx ( fail | warn | ignore );
265         check-mx-cname ( fail | warn | ignore );
266         check-names ( master | slave | response ) ( fail | warn | ignore );
267         check-sibling <boolean>;
268         check-srv-cname ( fail | warn | ignore );
269         check-wildcard <boolean>;
270         cleaning-interval <integer>;
271         clients-per-query <integer>;
272         database <string>;
273         dialup <dialuptype>;
274         disable-algorithms <string> { <string>; ... };
275         disable-empty-zone <string>;
276         dlz <string> {
277                 database <string>;
278         };
279         dnssec-accept-expired <boolean>;
280         dnssec-enable <boolean>;
281         dnssec-lookaside <string> trust-anchor <string>;
282         dnssec-must-be-secure <string> <boolean>;
283         dnssec-validation <boolean>;
284         dual-stack-servers [ port <integer> ] { ( <quoted_string> [ port
285             <integer> ] | <ipv4_address> [ port <integer> ] |
286             <ipv6_address> [ port <integer> ] ); ... };
287         edns-udp-size <integer>;
288         empty-contact <string>;
289         empty-server <string>;
290         empty-zones-enable <boolean>;
291         fetch-glue <boolean>; // obsolete
292         forward ( first | only );
293         forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> )
294             [ port <integer> ]; ... };
295         ixfr-from-differences <ixfrdiff>;
296         key <string> {
297                 algorithm <string>;
298                 secret <string>;
299         };
300         key-directory <quoted_string>;
301         lame-ttl <integer>;
302         maintain-ixfr-base <boolean>; // obsolete
303         masterfile-format ( text | raw );
304         match-clients { <address_match_element>; ... };
305         match-destinations { <address_match_element>; ... };
306         match-recursive-only <boolean>;
307         max-acache-size <size_no_default>;
308         max-cache-size <size_no_default>;
309         max-cache-ttl <integer>;
310         max-clients-per-query <integer>;
311         max-ixfr-log-size <size>; // obsolete
312         max-journal-size <size_no_default>;
313         max-ncache-ttl <integer>;
314         max-refresh-time <integer>;
315         max-retry-time <integer>;
316         max-transfer-idle-in <integer>;
317         max-transfer-idle-out <integer>;
318         max-transfer-time-in <integer>;
319         max-transfer-time-out <integer>;
320         max-udp-size <integer>;
321         min-refresh-time <integer>;
322         min-retry-time <integer>;
323         min-roots <integer>; // not implemented
324         minimal-responses <boolean>;
325         multi-master <boolean>;
326         notify <notifytype>;
327         notify-delay <integer>;
328         notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
329         notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
330         notify-to-soa <boolean>;
331         nsec3-test-zone <boolean>; // test only
332         preferred-glue <string>;
333         provide-ixfr <boolean>;
334         query-source <querysource4>;
335         query-source-v6 <querysource6>;
336         queryport-pool-ports <integer>; // obsolete
337         queryport-pool-updateinterval <integer>; // obsolete
338         recursion <boolean>;
339         request-ixfr <boolean>;
340         request-nsid <boolean>;
341         rfc2308-type1 <boolean>; // not yet implemented
342         root-delegation-only [ exclude { <quoted_string>; ... } ];
343         rrset-order { [ class <string> ] [ type <string> ] [ name
344             <quoted_string> ] <string> <string>; ... };
345         server <netprefix> {
346                 bogus <boolean>;
347                 edns <boolean>;
348                 edns-udp-size <integer>;
349                 keys <server_key>;
350                 max-udp-size <integer>;
351                 notify-source ( <ipv4_address> | * ) [ port ( <integer> | *
352                     ) ];
353                 notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer>
354                     | * ) ];
355                 provide-ixfr <boolean>;
356                 query-source <querysource4>;
357                 query-source-v6 <querysource6>;
358                 request-ixfr <boolean>;
359                 support-ixfr <boolean>; // obsolete
360                 transfer-format ( many-answers | one-answer );
361                 transfer-source ( <ipv4_address> | * ) [ port ( <integer> |
362                     * ) ];
363                 transfer-source-v6 ( <ipv6_address> | * ) [ port (
364                     <integer> | * ) ];
365                 transfers <integer>;
366         };
367         sig-signing-nodes <integer>;
368         sig-signing-signatures <integer>;
369         sig-signing-type <integer>;
370         sig-validity-interval <integer> [ <integer> ];
371         sortlist { <address_match_element>; ... };
372         suppress-initial-notify <boolean>; // not yet implemented
373         topology { <address_match_element>; ... }; // not implemented
374         transfer-format ( many-answers | one-answer );
375         transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
376         transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
377         trusted-keys { <string> <integer> <integer> <integer>
378             <quoted_string>; ... };
379         try-tcp-refresh <boolean>;
380         update-check-ksk <boolean>;
381         use-alt-transfer-source <boolean>;
382         use-queryport-pool <boolean>; // obsolete
383         zero-no-soa-ttl <boolean>;
384         zero-no-soa-ttl-cache <boolean>;
385         zone <string> <optional_class> {
386                 allow-notify { <address_match_element>; ... };
387                 allow-query { <address_match_element>; ... };
388                 allow-query-on { <address_match_element>; ... };
389                 allow-transfer { <address_match_element>; ... };
390                 allow-update { <address_match_element>; ... };
391                 allow-update-forwarding { <address_match_element>; ... };
392                 also-notify [ port <integer> ] { ( <ipv4_address> |
393                     <ipv6_address> ) [ port <integer> ]; ... };
394                 alt-transfer-source ( <ipv4_address> | * ) [ port (
395                     <integer> | * ) ];
396                 alt-transfer-source-v6 ( <ipv6_address> | * ) [ port (
397                     <integer> | * ) ];
398                 check-integrity <boolean>;
399                 check-mx ( fail | warn | ignore );
400                 check-mx-cname ( fail | warn | ignore );
401                 check-names ( fail | warn | ignore );
402                 check-sibling <boolean>;
403                 check-srv-cname ( fail | warn | ignore );
404                 check-wildcard <boolean>;
405                 database <string>;
406                 delegation-only <boolean>;
407                 dialup <dialuptype>;
408                 file <quoted_string>;
409                 forward ( first | only );
410                 forwarders [ port <integer> ] { ( <ipv4_address> |
411                     <ipv6_address> ) [ port <integer> ]; ... };
412                 ixfr-base <quoted_string>; // obsolete
413                 ixfr-from-differences <boolean>;
414                 ixfr-tmp-file <quoted_string>; // obsolete
415                 journal <quoted_string>;
416                 key-directory <quoted_string>;
417                 maintain-ixfr-base <boolean>; // obsolete
418                 masterfile-format ( text | raw );
419                 masters [ port <integer> ] { ( <masters> | <ipv4_address> [
420                     port <integer> ] | <ipv6_address> [ port <integer> ] )
421                     [ key <string> ]; ... };
422                 max-ixfr-log-size <size>; // obsolete
423                 max-journal-size <size_no_default>;
424                 max-refresh-time <integer>;
425                 max-retry-time <integer>;
426                 max-transfer-idle-in <integer>;
427                 max-transfer-idle-out <integer>;
428                 max-transfer-time-in <integer>;
429                 max-transfer-time-out <integer>;
430                 min-refresh-time <integer>;
431                 min-retry-time <integer>;
432                 multi-master <boolean>;
433                 notify <notifytype>;
434                 notify-delay <integer>;
435                 notify-source ( <ipv4_address> | * ) [ port ( <integer> | *
436                     ) ];
437                 notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer>
438                     | * ) ];
439                 notify-to-soa <boolean>;
440                 nsec3-test-zone <boolean>; // test only
441                 pubkey <integer> <integer> <integer>
442                     <quoted_string>; // obsolete
443                 sig-signing-nodes <integer>;
444                 sig-signing-signatures <integer>;
445                 sig-signing-type <integer>;
446                 sig-validity-interval <integer> [ <integer> ];
447                 transfer-source ( <ipv4_address> | * ) [ port ( <integer> |
448                     * ) ];
449                 transfer-source-v6 ( <ipv6_address> | * ) [ port (
450                     <integer> | * ) ];
451                 try-tcp-refresh <boolean>;
452                 type ( master | slave | stub | hint | forward |
453                     delegation-only );
454                 update-check-ksk <boolean>;
455                 update-policy { ( grant | deny ) <string> ( name |
456                     subdomain | wildcard | self | selfsub | selfwild |
457                     krb5-self | ms-self | krb5-subdomain | ms-subdomain |
458                     tcp-self | 6to4-self ) <string> <rrtypelist>; ... };
459                 use-alt-transfer-source <boolean>;
460                 zero-no-soa-ttl <boolean>;
461                 zone-statistics <boolean>;
462         };
463         zone-statistics <boolean>;
464 };
465
466 zone <string> <optional_class> {
467         allow-notify { <address_match_element>; ... };
468         allow-query { <address_match_element>; ... };
469         allow-query-on { <address_match_element>; ... };
470         allow-transfer { <address_match_element>; ... };
471         allow-update { <address_match_element>; ... };
472         allow-update-forwarding { <address_match_element>; ... };
473         also-notify [ port <integer> ] { ( <ipv4_address> | <ipv6_address>
474             ) [ port <integer> ]; ... };
475         alt-transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
476         alt-transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> |
477             * ) ];
478         check-integrity <boolean>;
479         check-mx ( fail | warn | ignore );
480         check-mx-cname ( fail | warn | ignore );
481         check-names ( fail | warn | ignore );
482         check-sibling <boolean>;
483         check-srv-cname ( fail | warn | ignore );
484         check-wildcard <boolean>;
485         database <string>;
486         delegation-only <boolean>;
487         dialup <dialuptype>;
488         file <quoted_string>;
489         forward ( first | only );
490         forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> )
491             [ port <integer> ]; ... };
492         ixfr-base <quoted_string>; // obsolete
493         ixfr-from-differences <boolean>;
494         ixfr-tmp-file <quoted_string>; // obsolete
495         journal <quoted_string>;
496         key-directory <quoted_string>;
497         maintain-ixfr-base <boolean>; // obsolete
498         masterfile-format ( text | raw );
499         masters [ port <integer> ] { ( <masters> | <ipv4_address> [ port
500             <integer> ] | <ipv6_address> [ port <integer> ] ) [ key
501             <string> ]; ... };
502         max-ixfr-log-size <size>; // obsolete
503         max-journal-size <size_no_default>;
504         max-refresh-time <integer>;
505         max-retry-time <integer>;
506         max-transfer-idle-in <integer>;
507         max-transfer-idle-out <integer>;
508         max-transfer-time-in <integer>;
509         max-transfer-time-out <integer>;
510         min-refresh-time <integer>;
511         min-retry-time <integer>;
512         multi-master <boolean>;
513         notify <notifytype>;
514         notify-delay <integer>;
515         notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
516         notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
517         notify-to-soa <boolean>;
518         nsec3-test-zone <boolean>; // test only
519         pubkey <integer> <integer> <integer> <quoted_string>; // obsolete
520         sig-signing-nodes <integer>;
521         sig-signing-signatures <integer>;
522         sig-signing-type <integer>;
523         sig-validity-interval <integer> [ <integer> ];
524         transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
525         transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
526         try-tcp-refresh <boolean>;
527         type ( master | slave | stub | hint | forward | delegation-only );
528         update-check-ksk <boolean>;
529         update-policy { ( grant | deny ) <string> ( name | subdomain |
530             wildcard | self | selfsub | selfwild | krb5-self | ms-self |
531             krb5-subdomain | ms-subdomain | tcp-self | 6to4-self ) <string>
532             <rrtypelist>; ... };
533         use-alt-transfer-source <boolean>;
534         zero-no-soa-ttl <boolean>;
535         zone-statistics <boolean>;
536 };
537
8.1-RELEASE