1 .\" Copyright (C) 2004-2011 Internet Systems Consortium, Inc. ("ISC")
3 .\" Permission to use, copy, modify, and/or distribute this software for any
4 .\" purpose with or without fee is hereby granted, provided that the above
5 .\" copyright notice and this permission notice appear in all copies.
7 .\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
8 .\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
9 .\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
10 .\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
11 .\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
12 .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
13 .\" PERFORMANCE OF THIS SOFTWARE.
15 .\" $Id: named.conf.5,v 1.44.12.1 2011-02-03 12:29:12 tbox Exp $
19 .\" Title: \fInamed.conf\fR
21 .\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/>
22 .\" Date: Aug 13, 2004
26 .TH "\fINAMED.CONF\fR" "5" "Aug 13, 2004" "BIND9" "BIND9"
27 .\" disable hyphenation
29 .\" disable justification (adjust text to left margin only)
32 named.conf \- configuration file for named
39 is the configuration file for
40 \fBnamed\fR. Statements are enclosed in braces and terminated with a semi\-colon. Clauses in the statements are also semi\-colon terminated. The usual comment styles are supported:
44 C++ style: // to end of line
46 Unix style: # to end of line
51 acl \fIstring\fR { \fIaddress_match_element\fR; ... };
58 key \fIdomain_name\fR {
59 algorithm \fIstring\fR;
68 masters \fIstring\fR [ port \fIinteger\fR ] {
69 ( \fImasters\fR | \fIipv4_address\fR [port \fIinteger\fR] |
70 \fIipv6_address\fR [port \fIinteger\fR] ) [ key \fIstring\fR ]; ...
78 server ( \fIipv4_address\fR\fI[/prefixlen]\fR | \fIipv6_address\fR\fI[/prefixlen]\fR ) {
81 edns\-udp\-size \fIinteger\fR;
82 max\-udp\-size \fIinteger\fR;
83 provide\-ixfr \fIboolean\fR;
84 request\-ixfr \fIboolean\fR;
85 keys \fIserver_key\fR;
86 transfers \fIinteger\fR;
87 transfer\-format ( many\-answers | one\-answer );
88 transfer\-source ( \fIipv4_address\fR | * )
89 [ port ( \fIinteger\fR | * ) ];
90 transfer\-source\-v6 ( \fIipv6_address\fR | * )
91 [ port ( \fIinteger\fR | * ) ];
92 support\-ixfr \fIboolean\fR; // obsolete
101 \fIdomain_name\fR \fIflags\fR \fIprotocol\fR \fIalgorithm\fR \fIkey\fR; ...
110 \fIdomain_name\fR \fBinitial\-key\fR \fIflags\fR \fIprotocol\fR \fIalgorithm\fR \fIkey\fR; ...
119 inet ( \fIipv4_address\fR | \fIipv6_address\fR | * )
120 [ port ( \fIinteger\fR | * ) ]
121 allow { \fIaddress_match_element\fR; ... }
122 [ keys { \fIstring\fR; ... } ];
123 unix \fIunsupported\fR; // not implemented
132 channel \fIstring\fR {
134 syslog \fIoptional_facility\fR;
137 severity \fIlog_severity\fR;
138 print\-time \fIboolean\fR;
139 print\-severity \fIboolean\fR;
140 print\-category \fIboolean\fR;
142 category \fIstring\fR { \fIstring\fR; ... };
151 listen\-on [ port \fIinteger\fR ] {
152 ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ...
154 view \fIstring\fR \fIoptional_class\fR;
155 search { \fIstring\fR; ... };
165 avoid\-v4\-udp\-ports { \fIport\fR; ... };
166 avoid\-v6\-udp\-ports { \fIport\fR; ... };
167 blackhole { \fIaddress_match_element\fR; ... };
170 directory \fIquoted_string\fR;
171 dump\-file \fIquoted_string\fR;
173 heartbeat\-interval \fIinteger\fR;
174 host\-statistics \fIboolean\fR; // not implemented
175 host\-statistics\-max \fInumber\fR; // not implemented
176 hostname ( \fIquoted_string\fR | none );
177 interface\-interval \fIinteger\fR;
178 listen\-on [ port \fIinteger\fR ] { \fIaddress_match_element\fR; ... };
179 listen\-on\-v6 [ port \fIinteger\fR ] { \fIaddress_match_element\fR; ... };
180 match\-mapped\-addresses \fIboolean\fR;
181 memstatistics\-file \fIquoted_string\fR;
182 pid\-file ( \fIquoted_string\fR | none );
184 querylog \fIboolean\fR;
185 recursing\-file \fIquoted_string\fR;
186 reserved\-sockets \fIinteger\fR;
187 random\-device \fIquoted_string\fR;
188 recursive\-clients \fIinteger\fR;
189 serial\-query\-rate \fIinteger\fR;
190 server\-id ( \fIquoted_string\fR | none |;
191 stacksize \fIsize\fR;
192 statistics\-file \fIquoted_string\fR;
193 statistics\-interval \fIinteger\fR; // not yet implemented
194 tcp\-clients \fIinteger\fR;
195 tcp\-listen\-queue \fIinteger\fR;
196 tkey\-dhkey \fIquoted_string\fR \fIinteger\fR;
197 tkey\-gssapi\-credential \fIquoted_string\fR;
198 tkey\-gssapi\-keytab \fIquoted_string\fR;
199 tkey\-domain \fIquoted_string\fR;
200 transfers\-per\-ns \fIinteger\fR;
201 transfers\-in \fIinteger\fR;
202 transfers\-out \fIinteger\fR;
203 use\-ixfr \fIboolean\fR;
204 version ( \fIquoted_string\fR | none );
205 allow\-recursion { \fIaddress_match_element\fR; ... };
206 allow\-recursion\-on { \fIaddress_match_element\fR; ... };
207 sortlist { \fIaddress_match_element\fR; ... };
208 topology { \fIaddress_match_element\fR; ... }; // not implemented
209 auth\-nxdomain \fIboolean\fR; // default changed
210 minimal\-responses \fIboolean\fR;
211 recursion \fIboolean\fR;
213 [ class \fIstring\fR ] [ type \fIstring\fR ]
214 [ name \fIquoted_string\fR ] \fIstring\fR \fIstring\fR; ...
216 provide\-ixfr \fIboolean\fR;
217 request\-ixfr \fIboolean\fR;
218 rfc2308\-type1 \fIboolean\fR; // not yet implemented
219 additional\-from\-auth \fIboolean\fR;
220 additional\-from\-cache \fIboolean\fR;
221 query\-source ( ( \fIipv4_address\fR | * ) | [ address ( \fIipv4_address\fR | * ) ] ) [ port ( \fIinteger\fR | * ) ];
222 query\-source\-v6 ( ( \fIipv6_address\fR | * ) | [ address ( \fIipv6_address\fR | * ) ] ) [ port ( \fIinteger\fR | * ) ];
223 use\-queryport\-pool \fIboolean\fR;
224 queryport\-pool\-ports \fIinteger\fR;
225 queryport\-pool\-updateinterval \fIinteger\fR;
226 cleaning\-interval \fIinteger\fR;
227 resolver\-query\-timeout \fIinteger\fR;
228 min\-roots \fIinteger\fR; // not implemented
229 lame\-ttl \fIinteger\fR;
230 max\-ncache\-ttl \fIinteger\fR;
231 max\-cache\-ttl \fIinteger\fR;
232 transfer\-format ( many\-answers | one\-answer );
233 max\-cache\-size \fIsize\fR;
234 max\-acache\-size \fIsize\fR;
235 clients\-per\-query \fInumber\fR;
236 max\-clients\-per\-query \fInumber\fR;
237 check\-names ( master | slave | response )
238 ( fail | warn | ignore );
239 check\-mx ( fail | warn | ignore );
240 check\-integrity \fIboolean\fR;
241 check\-mx\-cname ( fail | warn | ignore );
242 check\-srv\-cname ( fail | warn | ignore );
243 cache\-file \fIquoted_string\fR; // test option
244 suppress\-initial\-notify \fIboolean\fR; // not yet implemented
245 preferred\-glue \fIstring\fR;
246 dual\-stack\-servers [ port \fIinteger\fR ] {
247 ( \fIquoted_string\fR [port \fIinteger\fR] |
248 \fIipv4_address\fR [port \fIinteger\fR] |
249 \fIipv6_address\fR [port \fIinteger\fR] ); ...
251 edns\-udp\-size \fIinteger\fR;
252 max\-udp\-size \fIinteger\fR;
253 root\-delegation\-only [ exclude { \fIquoted_string\fR; ... } ];
254 disable\-algorithms \fIstring\fR { \fIstring\fR; ... };
255 dnssec\-enable \fIboolean\fR;
256 dnssec\-validation \fIboolean\fR;
257 dnssec\-lookaside \fIstring\fR trust\-anchor \fIstring\fR;
258 dnssec\-lookaside ( \fIauto\fR | \fIdomain\fR trust\-anchor \fIdomain\fR );
259 dnssec\-must\-be\-secure \fIstring\fR \fIboolean\fR;
260 dnssec\-accept\-expired \fIboolean\fR;
261 dns64\-server \fIstring\fR;
262 dns64\-contact \fIstring\fR;
264 clients { <replacable>acl</replacable>; };
265 exclude { <replacable>acl</replacable>; };
266 mapped { <replacable>acl</replacable>; };
267 break\-dnssec \fIboolean\fR;
268 recursive\-only \fIboolean\fR;
269 suffix \fIipv6_address\fR;
271 empty\-server \fIstring\fR;
272 empty\-contact \fIstring\fR;
273 empty\-zones\-enable \fIboolean\fR;
274 disable\-empty\-zone \fIstring\fR;
275 dialup \fIdialuptype\fR;
276 ixfr\-from\-differences \fIixfrdiff\fR;
277 allow\-query { \fIaddress_match_element\fR; ... };
278 allow\-query\-on { \fIaddress_match_element\fR; ... };
279 allow\-query\-cache { \fIaddress_match_element\fR; ... };
280 allow\-query\-cache\-on { \fIaddress_match_element\fR; ... };
281 allow\-transfer { \fIaddress_match_element\fR; ... };
282 allow\-update { \fIaddress_match_element\fR; ... };
283 allow\-update\-forwarding { \fIaddress_match_element\fR; ... };
284 update\-check\-ksk \fIboolean\fR;
285 dnssec\-dnskey\-kskonly \fIboolean\fR;
286 masterfile\-format ( text | raw );
287 notify \fInotifytype\fR;
288 notify\-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
289 notify\-source\-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
290 notify\-delay \fIseconds\fR;
291 notify\-to\-soa \fIboolean\fR;
292 also\-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \fIipv6_address\fR )
293 [ port \fIinteger\fR ]; ... };
294 allow\-notify { \fIaddress_match_element\fR; ... };
295 forward ( first | only );
296 forwarders [ port \fIinteger\fR ] {
297 ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ...
299 max\-journal\-size \fIsize_no_default\fR;
300 max\-transfer\-time\-in \fIinteger\fR;
301 max\-transfer\-time\-out \fIinteger\fR;
302 max\-transfer\-idle\-in \fIinteger\fR;
303 max\-transfer\-idle\-out \fIinteger\fR;
304 max\-retry\-time \fIinteger\fR;
305 min\-retry\-time \fIinteger\fR;
306 max\-refresh\-time \fIinteger\fR;
307 min\-refresh\-time \fIinteger\fR;
308 multi\-master \fIboolean\fR;
309 sig\-validity\-interval \fIinteger\fR;
310 sig\-re\-signing\-interval \fIinteger\fR;
311 sig\-signing\-nodes \fIinteger\fR;
312 sig\-signing\-signatures \fIinteger\fR;
313 sig\-signing\-type \fIinteger\fR;
314 transfer\-source ( \fIipv4_address\fR | * )
315 [ port ( \fIinteger\fR | * ) ];
316 transfer\-source\-v6 ( \fIipv6_address\fR | * )
317 [ port ( \fIinteger\fR | * ) ];
318 alt\-transfer\-source ( \fIipv4_address\fR | * )
319 [ port ( \fIinteger\fR | * ) ];
320 alt\-transfer\-source\-v6 ( \fIipv6_address\fR | * )
321 [ port ( \fIinteger\fR | * ) ];
322 use\-alt\-transfer\-source \fIboolean\fR;
323 zone\-statistics \fIboolean\fR;
324 key\-directory \fIquoted_string\fR;
325 managed\-keys\-directory \fIquoted_string\fR;
326 auto\-dnssec \fBallow\fR|\fBmaintain\fR|\fBcreate\fR|\fBoff\fR;
327 try\-tcp\-refresh \fIboolean\fR;
328 zero\-no\-soa\-ttl \fIboolean\fR;
329 zero\-no\-soa\-ttl\-cache \fIboolean\fR;
330 dnssec\-secure\-to\-insecure \fIboolean\fR;
331 deny\-answer\-addresses {
332 \fIaddress_match_list\fR
333 } [ except\-from { \fInamelist\fR } ];
334 deny\-answer\-aliases {
336 } [ except\-from { \fInamelist\fR } ];
337 nsec3\-test\-zone \fIboolean\fR; // testing only
338 allow\-v6\-synthesis { \fIaddress_match_element\fR; ... }; // obsolete
339 deallocate\-on\-exit \fIboolean\fR; // obsolete
340 fake\-iquery \fIboolean\fR; // obsolete
341 fetch\-glue \fIboolean\fR; // obsolete
342 has\-old\-clients \fIboolean\fR; // obsolete
343 maintain\-ixfr\-base \fIboolean\fR; // obsolete
344 max\-ixfr\-log\-size \fIsize\fR; // obsolete
345 multiple\-cnames \fIboolean\fR; // obsolete
346 named\-xfer \fIquoted_string\fR; // obsolete
347 serial\-queries \fIinteger\fR; // obsolete
348 treat\-cr\-as\-space \fIboolean\fR; // obsolete
349 use\-id\-pool \fIboolean\fR; // obsolete
357 view \fIstring\fR \fIoptional_class\fR {
358 match\-clients { \fIaddress_match_element\fR; ... };
359 match\-destinations { \fIaddress_match_element\fR; ... };
360 match\-recursive\-only \fIboolean\fR;
362 algorithm \fIstring\fR;
365 zone \fIstring\fR \fIoptional_class\fR {
368 server ( \fIipv4_address\fR\fI[/prefixlen]\fR | \fIipv6_address\fR\fI[/prefixlen]\fR ) {
372 \fIstring\fR \fIinteger\fR \fIinteger\fR \fIinteger\fR \fIquoted_string\fR;
375 allow\-recursion { \fIaddress_match_element\fR; ... };
376 allow\-recursion\-on { \fIaddress_match_element\fR; ... };
377 sortlist { \fIaddress_match_element\fR; ... };
378 topology { \fIaddress_match_element\fR; ... }; // not implemented
379 auth\-nxdomain \fIboolean\fR; // default changed
380 minimal\-responses \fIboolean\fR;
381 recursion \fIboolean\fR;
383 [ class \fIstring\fR ] [ type \fIstring\fR ]
384 [ name \fIquoted_string\fR ] \fIstring\fR \fIstring\fR; ...
386 provide\-ixfr \fIboolean\fR;
387 request\-ixfr \fIboolean\fR;
388 rfc2308\-type1 \fIboolean\fR; // not yet implemented
389 additional\-from\-auth \fIboolean\fR;
390 additional\-from\-cache \fIboolean\fR;
391 query\-source ( ( \fIipv4_address\fR | * ) | [ address ( \fIipv4_address\fR | * ) ] ) [ port ( \fIinteger\fR | * ) ];
392 query\-source\-v6 ( ( \fIipv6_address\fR | * ) | [ address ( \fIipv6_address\fR | * ) ] ) [ port ( \fIinteger\fR | * ) ];
393 use\-queryport\-pool \fIboolean\fR;
394 queryport\-pool\-ports \fIinteger\fR;
395 queryport\-pool\-updateinterval \fIinteger\fR;
396 cleaning\-interval \fIinteger\fR;
397 resolver\-query\-timeout \fIinteger\fR;
398 min\-roots \fIinteger\fR; // not implemented
399 lame\-ttl \fIinteger\fR;
400 max\-ncache\-ttl \fIinteger\fR;
401 max\-cache\-ttl \fIinteger\fR;
402 transfer\-format ( many\-answers | one\-answer );
403 max\-cache\-size \fIsize\fR;
404 max\-acache\-size \fIsize\fR;
405 clients\-per\-query \fInumber\fR;
406 max\-clients\-per\-query \fInumber\fR;
407 check\-names ( master | slave | response )
408 ( fail | warn | ignore );
409 check\-mx ( fail | warn | ignore );
410 check\-integrity \fIboolean\fR;
411 check\-mx\-cname ( fail | warn | ignore );
412 check\-srv\-cname ( fail | warn | ignore );
413 cache\-file \fIquoted_string\fR; // test option
414 suppress\-initial\-notify \fIboolean\fR; // not yet implemented
415 preferred\-glue \fIstring\fR;
416 dual\-stack\-servers [ port \fIinteger\fR ] {
417 ( \fIquoted_string\fR [port \fIinteger\fR] |
418 \fIipv4_address\fR [port \fIinteger\fR] |
419 \fIipv6_address\fR [port \fIinteger\fR] ); ...
421 edns\-udp\-size \fIinteger\fR;
422 max\-udp\-size \fIinteger\fR;
423 root\-delegation\-only [ exclude { \fIquoted_string\fR; ... } ];
424 disable\-algorithms \fIstring\fR { \fIstring\fR; ... };
425 dnssec\-enable \fIboolean\fR;
426 dnssec\-validation \fIboolean\fR;
427 dnssec\-lookaside \fIstring\fR trust\-anchor \fIstring\fR;
428 dnssec\-must\-be\-secure \fIstring\fR \fIboolean\fR;
429 dnssec\-accept\-expired \fIboolean\fR;
430 dns64\-server \fIstring\fR;
431 dns64\-contact \fIstring\fR;
433 clients { <replacable>acl</replacable>; };
434 exclude { <replacable>acl</replacable>; };
435 mapped { <replacable>acl</replacable>; };
436 break\-dnssec \fIboolean\fR;
437 recursive\-only \fIboolean\fR;
438 suffix \fIipv6_address\fR;
440 empty\-server \fIstring\fR;
441 empty\-contact \fIstring\fR;
442 empty\-zones\-enable \fIboolean\fR;
443 disable\-empty\-zone \fIstring\fR;
444 dialup \fIdialuptype\fR;
445 ixfr\-from\-differences \fIixfrdiff\fR;
446 allow\-query { \fIaddress_match_element\fR; ... };
447 allow\-query\-on { \fIaddress_match_element\fR; ... };
448 allow\-query\-cache { \fIaddress_match_element\fR; ... };
449 allow\-query\-cache\-on { \fIaddress_match_element\fR; ... };
450 allow\-transfer { \fIaddress_match_element\fR; ... };
451 allow\-update { \fIaddress_match_element\fR; ... };
452 allow\-update\-forwarding { \fIaddress_match_element\fR; ... };
453 update\-check\-ksk \fIboolean\fR;
454 dnssec\-dnskey\-kskonly \fIboolean\fR;
455 masterfile\-format ( text | raw );
456 notify \fInotifytype\fR;
457 notify\-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
458 notify\-source\-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
459 notify\-delay \fIseconds\fR;
460 notify\-to\-soa \fIboolean\fR;
461 also\-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \fIipv6_address\fR )
462 [ port \fIinteger\fR ]; ... };
463 allow\-notify { \fIaddress_match_element\fR; ... };
464 forward ( first | only );
465 forwarders [ port \fIinteger\fR ] {
466 ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ...
468 max\-journal\-size \fIsize_no_default\fR;
469 max\-transfer\-time\-in \fIinteger\fR;
470 max\-transfer\-time\-out \fIinteger\fR;
471 max\-transfer\-idle\-in \fIinteger\fR;
472 max\-transfer\-idle\-out \fIinteger\fR;
473 max\-retry\-time \fIinteger\fR;
474 min\-retry\-time \fIinteger\fR;
475 max\-refresh\-time \fIinteger\fR;
476 min\-refresh\-time \fIinteger\fR;
477 multi\-master \fIboolean\fR;
478 sig\-validity\-interval \fIinteger\fR;
479 transfer\-source ( \fIipv4_address\fR | * )
480 [ port ( \fIinteger\fR | * ) ];
481 transfer\-source\-v6 ( \fIipv6_address\fR | * )
482 [ port ( \fIinteger\fR | * ) ];
483 alt\-transfer\-source ( \fIipv4_address\fR | * )
484 [ port ( \fIinteger\fR | * ) ];
485 alt\-transfer\-source\-v6 ( \fIipv6_address\fR | * )
486 [ port ( \fIinteger\fR | * ) ];
487 use\-alt\-transfer\-source \fIboolean\fR;
488 zone\-statistics \fIboolean\fR;
489 try\-tcp\-refresh \fIboolean\fR;
490 key\-directory \fIquoted_string\fR;
491 zero\-no\-soa\-ttl \fIboolean\fR;
492 zero\-no\-soa\-ttl\-cache \fIboolean\fR;
493 dnssec\-secure\-to\-insecure \fIboolean\fR;
494 allow\-v6\-synthesis { \fIaddress_match_element\fR; ... }; // obsolete
495 fetch\-glue \fIboolean\fR; // obsolete
496 maintain\-ixfr\-base \fIboolean\fR; // obsolete
497 max\-ixfr\-log\-size \fIsize\fR; // obsolete
505 zone \fIstring\fR \fIoptional_class\fR {
506 type ( master | slave | stub | hint |
507 forward | delegation\-only );
508 file \fIquoted_string\fR;
509 masters [ port \fIinteger\fR ] {
511 \fIipv4_address\fR [port \fIinteger\fR] |
512 \fIipv6_address\fR [ port \fIinteger\fR ] ) [ key \fIstring\fR ]; ...
514 database \fIstring\fR;
515 delegation\-only \fIboolean\fR;
516 check\-names ( fail | warn | ignore );
517 check\-mx ( fail | warn | ignore );
518 check\-integrity \fIboolean\fR;
519 check\-mx\-cname ( fail | warn | ignore );
520 check\-srv\-cname ( fail | warn | ignore );
521 dialup \fIdialuptype\fR;
522 ixfr\-from\-differences \fIboolean\fR;
523 journal \fIquoted_string\fR;
524 zero\-no\-soa\-ttl \fIboolean\fR;
525 dnssec\-secure\-to\-insecure \fIboolean\fR;
526 allow\-query { \fIaddress_match_element\fR; ... };
527 allow\-query\-on { \fIaddress_match_element\fR; ... };
528 allow\-transfer { \fIaddress_match_element\fR; ... };
529 allow\-update { \fIaddress_match_element\fR; ... };
530 allow\-update\-forwarding { \fIaddress_match_element\fR; ... };
531 update\-policy \fIlocal\fR | \fI {
532 ( grant | deny ) \fR\fI\fIstring\fR\fR\fI
533 ( name | subdomain | wildcard | self | selfsub | selfwild |
534 krb5\-self | ms\-self | krb5\-subdomain | ms\-subdomain |
535 tcp\-self | zonesub | 6to4\-self ) \fR\fI\fIstring\fR\fR\fI
536 \fR\fI\fIrrtypelist\fR\fR\fI;
539 update\-check\-ksk \fIboolean\fR;
540 dnssec\-dnskey\-kskonly \fIboolean\fR;
541 masterfile\-format ( text | raw );
542 notify \fInotifytype\fR;
543 notify\-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
544 notify\-source\-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
545 notify\-delay \fIseconds\fR;
546 notify\-to\-soa \fIboolean\fR;
547 also\-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \fIipv6_address\fR )
548 [ port \fIinteger\fR ]; ... };
549 allow\-notify { \fIaddress_match_element\fR; ... };
550 forward ( first | only );
551 forwarders [ port \fIinteger\fR ] {
552 ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ...
554 max\-journal\-size \fIsize_no_default\fR;
555 max\-transfer\-time\-in \fIinteger\fR;
556 max\-transfer\-time\-out \fIinteger\fR;
557 max\-transfer\-idle\-in \fIinteger\fR;
558 max\-transfer\-idle\-out \fIinteger\fR;
559 max\-retry\-time \fIinteger\fR;
560 min\-retry\-time \fIinteger\fR;
561 max\-refresh\-time \fIinteger\fR;
562 min\-refresh\-time \fIinteger\fR;
563 multi\-master \fIboolean\fR;
564 sig\-validity\-interval \fIinteger\fR;
565 transfer\-source ( \fIipv4_address\fR | * )
566 [ port ( \fIinteger\fR | * ) ];
567 transfer\-source\-v6 ( \fIipv6_address\fR | * )
568 [ port ( \fIinteger\fR | * ) ];
569 alt\-transfer\-source ( \fIipv4_address\fR | * )
570 [ port ( \fIinteger\fR | * ) ];
571 alt\-transfer\-source\-v6 ( \fIipv6_address\fR | * )
572 [ port ( \fIinteger\fR | * ) ];
573 use\-alt\-transfer\-source \fIboolean\fR;
574 zone\-statistics \fIboolean\fR;
575 try\-tcp\-refresh \fIboolean\fR;
576 key\-directory \fIquoted_string\fR;
577 nsec3\-test\-zone \fIboolean\fR; // testing only
578 ixfr\-base \fIquoted_string\fR; // obsolete
579 ixfr\-tmp\-file \fIquoted_string\fR; // obsolete
580 maintain\-ixfr\-base \fIboolean\fR; // obsolete
581 max\-ixfr\-log\-size \fIsize\fR; // obsolete
582 pubkey \fIinteger\fR \fIinteger\fR \fIinteger\fR \fIquoted_string\fR; // obsolete
588 \fI/etc/named.conf\fR
592 \fBnamed\-checkconf\fR(8),
594 BIND 9 Administrator Reference Manual.
596 Copyright \(co 2004\-2011 Internet Systems Consortium, Inc. ("ISC")