mirror of
https://github.com/isc-projects/bind9.git
synced 2026-03-01 13:01:40 -05:00
1d239012a9
Commit070c5fff49updated the man pages to contents produced using: - Sphinx 4.0.2 - sphinx-rtd-theme 0.5.2 - docutils 0.17.1 However, sphinx-rtd-theme 0.5.2 is incompatible with versions 0.17+ of the docutils package. This problem was addressed in the Docker image used for building man pages by downgrading the docutils package to version 0.16. Regenerate the man pages again, this time using: - Sphinx 4.0.2 - sphinx-rtd-theme 0.5.2 - docutils 0.16 This is necessary to prevent the "docs" GitLab CI job from failing. (cherry picked from commit6a2daddf5b)
1133 lines
41 KiB
Text
1133 lines
41 KiB
Text
.\" Man page generated from reStructuredText.
|
|
.
|
|
.TH "NAMED.CONF" "5" "@RELEASE_DATE@" "@BIND9_VERSION@" "BIND 9"
|
|
.SH NAME
|
|
named.conf \- configuration file for **named**
|
|
.
|
|
.nr rst2man-indent-level 0
|
|
.
|
|
.de1 rstReportMargin
|
|
\\$1 \\n[an-margin]
|
|
level \\n[rst2man-indent-level]
|
|
level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
|
|
-
|
|
\\n[rst2man-indent0]
|
|
\\n[rst2man-indent1]
|
|
\\n[rst2man-indent2]
|
|
..
|
|
.de1 INDENT
|
|
.\" .rstReportMargin pre:
|
|
. RS \\$1
|
|
. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
|
|
. nr rst2man-indent-level +1
|
|
.\" .rstReportMargin post:
|
|
..
|
|
.de UNINDENT
|
|
. RE
|
|
.\" indent \\n[an-margin]
|
|
.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
|
|
.nr rst2man-indent-level -1
|
|
.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
|
|
.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
|
|
..
|
|
.SH SYNOPSIS
|
|
.sp
|
|
\fBnamed.conf\fP
|
|
.SH DESCRIPTION
|
|
.sp
|
|
\fBnamed.conf\fP is the configuration file for \fBnamed\fP\&. Statements are
|
|
enclosed in braces and terminated with a semi\-colon. Clauses in the
|
|
statements are also semi\-colon terminated. The usual comment styles are
|
|
supported:
|
|
.sp
|
|
C style: /* */
|
|
.INDENT 0.0
|
|
.INDENT 3.5
|
|
C++ style: // to end of line
|
|
.UNINDENT
|
|
.UNINDENT
|
|
.sp
|
|
Unix style: # to end of line
|
|
.SS ACL
|
|
.INDENT 0.0
|
|
.INDENT 3.5
|
|
.sp
|
|
.nf
|
|
.ft C
|
|
acl string { address_match_element; ... };
|
|
.ft P
|
|
.fi
|
|
.UNINDENT
|
|
.UNINDENT
|
|
.SS CONTROLS
|
|
.INDENT 0.0
|
|
.INDENT 3.5
|
|
.sp
|
|
.nf
|
|
.ft C
|
|
controls {
|
|
inet ( ipv4_address | ipv6_address |
|
|
* ) [ port ( integer | * ) ] allow
|
|
{ address_match_element; ... } [
|
|
keys { string; ... } ] [ read\-only
|
|
boolean ];
|
|
unix quoted_string perm integer
|
|
owner integer group integer [
|
|
keys { string; ... } ] [ read\-only
|
|
boolean ];
|
|
};
|
|
.ft P
|
|
.fi
|
|
.UNINDENT
|
|
.UNINDENT
|
|
.SS DLZ
|
|
.INDENT 0.0
|
|
.INDENT 3.5
|
|
.sp
|
|
.nf
|
|
.ft C
|
|
dlz string {
|
|
database string;
|
|
search boolean;
|
|
};
|
|
.ft P
|
|
.fi
|
|
.UNINDENT
|
|
.UNINDENT
|
|
.SS DNSSEC\-POLICY
|
|
.INDENT 0.0
|
|
.INDENT 3.5
|
|
.sp
|
|
.nf
|
|
.ft C
|
|
dnssec\-policy string {
|
|
dnskey\-ttl duration;
|
|
keys { ( csk | ksk | zsk ) [ ( key\-directory ) ] lifetime
|
|
duration_or_unlimited algorithm string [ integer ]; ... };
|
|
max\-zone\-ttl duration;
|
|
nsec3param [ iterations integer ] [ optout boolean ] [
|
|
salt\-length integer ];
|
|
parent\-ds\-ttl duration;
|
|
parent\-propagation\-delay duration;
|
|
publish\-safety duration;
|
|
purge\-keys duration;
|
|
retire\-safety duration;
|
|
signatures\-refresh duration;
|
|
signatures\-validity duration;
|
|
signatures\-validity\-dnskey duration;
|
|
zone\-propagation\-delay duration;
|
|
};
|
|
.ft P
|
|
.fi
|
|
.UNINDENT
|
|
.UNINDENT
|
|
.SS DYNDB
|
|
.INDENT 0.0
|
|
.INDENT 3.5
|
|
.sp
|
|
.nf
|
|
.ft C
|
|
dyndb string quoted_string {
|
|
unspecified\-text };
|
|
.ft P
|
|
.fi
|
|
.UNINDENT
|
|
.UNINDENT
|
|
.SS KEY
|
|
.INDENT 0.0
|
|
.INDENT 3.5
|
|
.sp
|
|
.nf
|
|
.ft C
|
|
key string {
|
|
algorithm string;
|
|
secret string;
|
|
};
|
|
.ft P
|
|
.fi
|
|
.UNINDENT
|
|
.UNINDENT
|
|
.SS LOGGING
|
|
.INDENT 0.0
|
|
.INDENT 3.5
|
|
.sp
|
|
.nf
|
|
.ft C
|
|
logging {
|
|
category string { string; ... };
|
|
channel string {
|
|
buffered boolean;
|
|
file quoted_string [ versions ( unlimited | integer ) ]
|
|
[ size size ] [ suffix ( increment | timestamp ) ];
|
|
null;
|
|
print\-category boolean;
|
|
print\-severity boolean;
|
|
print\-time ( iso8601 | iso8601\-utc | local | boolean );
|
|
severity log_severity;
|
|
stderr;
|
|
syslog [ syslog_facility ];
|
|
};
|
|
};
|
|
.ft P
|
|
.fi
|
|
.UNINDENT
|
|
.UNINDENT
|
|
.SS MANAGED\-KEYS
|
|
.sp
|
|
See DNSSEC\-KEYS.
|
|
.INDENT 0.0
|
|
.INDENT 3.5
|
|
.sp
|
|
.nf
|
|
.ft C
|
|
managed\-keys { string ( static\-key
|
|
| initial\-key | static\-ds |
|
|
initial\-ds ) integer integer
|
|
integer quoted_string; ... };, deprecated
|
|
.ft P
|
|
.fi
|
|
.UNINDENT
|
|
.UNINDENT
|
|
.SS MASTERS
|
|
.INDENT 0.0
|
|
.INDENT 3.5
|
|
.sp
|
|
.nf
|
|
.ft C
|
|
masters string [ port integer ] [ dscp
|
|
integer ] { ( primaries | ipv4_address
|
|
[ port integer ] | ipv6_address [ port
|
|
integer ] ) [ key string ]; ... };
|
|
.ft P
|
|
.fi
|
|
.UNINDENT
|
|
.UNINDENT
|
|
.SS OPTIONS
|
|
.INDENT 0.0
|
|
.INDENT 3.5
|
|
.sp
|
|
.nf
|
|
.ft C
|
|
options {
|
|
allow\-new\-zones boolean;
|
|
allow\-notify { address_match_element; ... };
|
|
allow\-query { address_match_element; ... };
|
|
allow\-query\-cache { address_match_element; ... };
|
|
allow\-query\-cache\-on { address_match_element; ... };
|
|
allow\-query\-on { address_match_element; ... };
|
|
allow\-recursion { address_match_element; ... };
|
|
allow\-recursion\-on { address_match_element; ... };
|
|
allow\-transfer { address_match_element; ... };
|
|
allow\-update { address_match_element; ... };
|
|
allow\-update\-forwarding { address_match_element; ... };
|
|
also\-notify [ port integer ] [ dscp integer ] { ( primaries |
|
|
ipv4_address [ port integer ] | ipv6_address [ port
|
|
integer ] ) [ key string ]; ... };
|
|
alt\-transfer\-source ( ipv4_address | * ) [ port ( integer | * )
|
|
] [ dscp integer ];
|
|
alt\-transfer\-source\-v6 ( ipv6_address | * ) [ port ( integer |
|
|
* ) ] [ dscp integer ];
|
|
answer\-cookie boolean;
|
|
attach\-cache string;
|
|
auth\-nxdomain boolean; // default changed
|
|
auto\-dnssec ( allow | maintain | off );
|
|
automatic\-interface\-scan boolean;
|
|
avoid\-v4\-udp\-ports { portrange; ... };
|
|
avoid\-v6\-udp\-ports { portrange; ... };
|
|
bindkeys\-file quoted_string;
|
|
blackhole { address_match_element; ... };
|
|
cache\-file quoted_string;
|
|
catalog\-zones { zone string [ default\-masters [ port integer ]
|
|
[ dscp integer ] { ( primaries | ipv4_address [ port
|
|
integer ] | ipv6_address [ port integer ] ) [ key
|
|
string ]; ... } ] [ zone\-directory quoted_string ] [
|
|
in\-memory boolean ] [ min\-update\-interval duration ]; ... };
|
|
check\-dup\-records ( fail | warn | ignore );
|
|
check\-integrity boolean;
|
|
check\-mx ( fail | warn | ignore );
|
|
check\-mx\-cname ( fail | warn | ignore );
|
|
check\-names ( primary | master |
|
|
secondary | slave | response ) (
|
|
fail | warn | ignore );
|
|
check\-sibling boolean;
|
|
check\-spf ( warn | ignore );
|
|
check\-srv\-cname ( fail | warn | ignore );
|
|
check\-wildcard boolean;
|
|
clients\-per\-query integer;
|
|
cookie\-algorithm ( aes | siphash24 );
|
|
cookie\-secret string;
|
|
coresize ( default | unlimited | sizeval );
|
|
datasize ( default | unlimited | sizeval );
|
|
deny\-answer\-addresses { address_match_element; ... } [
|
|
except\-from { string; ... } ];
|
|
deny\-answer\-aliases { string; ... } [ except\-from { string; ...
|
|
} ];
|
|
dialup ( notify | notify\-passive | passive | refresh | boolean );
|
|
directory quoted_string;
|
|
disable\-algorithms string { string;
|
|
... };
|
|
disable\-ds\-digests string { string;
|
|
... };
|
|
disable\-empty\-zone string;
|
|
dns64 netprefix {
|
|
break\-dnssec boolean;
|
|
clients { address_match_element; ... };
|
|
exclude { address_match_element; ... };
|
|
mapped { address_match_element; ... };
|
|
recursive\-only boolean;
|
|
suffix ipv6_address;
|
|
};
|
|
dns64\-contact string;
|
|
dns64\-server string;
|
|
dnskey\-sig\-validity integer;
|
|
dnsrps\-enable boolean;
|
|
dnsrps\-options { unspecified\-text };
|
|
dnssec\-accept\-expired boolean;
|
|
dnssec\-dnskey\-kskonly boolean;
|
|
dnssec\-loadkeys\-interval integer;
|
|
dnssec\-must\-be\-secure string boolean;
|
|
dnssec\-policy string;
|
|
dnssec\-secure\-to\-insecure boolean;
|
|
dnssec\-update\-mode ( maintain | no\-resign );
|
|
dnssec\-validation ( yes | no | auto );
|
|
dnstap { ( all | auth | client | forwarder | resolver | update ) [
|
|
( query | response ) ]; ... };
|
|
dnstap\-identity ( quoted_string | none | hostname );
|
|
dnstap\-output ( file | unix ) quoted_string [ size ( unlimited |
|
|
size ) ] [ versions ( unlimited | integer ) ] [ suffix (
|
|
increment | timestamp ) ];
|
|
dnstap\-version ( quoted_string | none );
|
|
dscp integer;
|
|
dual\-stack\-servers [ port integer ] { ( quoted_string [ port
|
|
integer ] [ dscp integer ] | ipv4_address [ port
|
|
integer ] [ dscp integer ] | ipv6_address [ port
|
|
integer ] [ dscp integer ] ); ... };
|
|
dump\-file quoted_string;
|
|
edns\-udp\-size integer;
|
|
empty\-contact string;
|
|
empty\-server string;
|
|
empty\-zones\-enable boolean;
|
|
fetch\-quota\-params integer fixedpoint fixedpoint fixedpoint;
|
|
fetches\-per\-server integer [ ( drop | fail ) ];
|
|
fetches\-per\-zone integer [ ( drop | fail ) ];
|
|
files ( default | unlimited | sizeval );
|
|
flush\-zones\-on\-shutdown boolean;
|
|
forward ( first | only );
|
|
forwarders [ port integer ] [ dscp integer ] { ( ipv4_address
|
|
| ipv6_address ) [ port integer ] [ dscp integer ]; ... };
|
|
fstrm\-set\-buffer\-hint integer;
|
|
fstrm\-set\-flush\-timeout integer;
|
|
fstrm\-set\-input\-queue\-size integer;
|
|
fstrm\-set\-output\-notify\-threshold integer;
|
|
fstrm\-set\-output\-queue\-model ( mpsc | spsc );
|
|
fstrm\-set\-output\-queue\-size integer;
|
|
fstrm\-set\-reopen\-interval duration;
|
|
geoip\-directory ( quoted_string | none );
|
|
glue\-cache boolean;
|
|
heartbeat\-interval integer;
|
|
hostname ( quoted_string | none );
|
|
interface\-interval duration;
|
|
ixfr\-from\-differences ( primary | master | secondary | slave |
|
|
boolean );
|
|
keep\-response\-order { address_match_element; ... };
|
|
key\-directory quoted_string;
|
|
lame\-ttl duration;
|
|
listen\-on [ port integer ] [ dscp
|
|
integer ] {
|
|
address_match_element; ... };
|
|
listen\-on\-v6 [ port integer ] [ dscp
|
|
integer ] {
|
|
address_match_element; ... };
|
|
lmdb\-mapsize sizeval;
|
|
lock\-file ( quoted_string | none );
|
|
managed\-keys\-directory quoted_string;
|
|
masterfile\-format ( map | raw | text );
|
|
masterfile\-style ( full | relative );
|
|
match\-mapped\-addresses boolean;
|
|
max\-cache\-size ( default | unlimited | sizeval | percentage );
|
|
max\-cache\-ttl duration;
|
|
max\-clients\-per\-query integer;
|
|
max\-ixfr\-ratio ( unlimited | percentage );
|
|
max\-journal\-size ( default | unlimited | sizeval );
|
|
max\-ncache\-ttl duration;
|
|
max\-records integer;
|
|
max\-recursion\-depth integer;
|
|
max\-recursion\-queries integer;
|
|
max\-refresh\-time integer;
|
|
max\-retry\-time integer;
|
|
max\-rsa\-exponent\-size integer;
|
|
max\-stale\-ttl duration;
|
|
max\-transfer\-idle\-in integer;
|
|
max\-transfer\-idle\-out integer;
|
|
max\-transfer\-time\-in integer;
|
|
max\-transfer\-time\-out integer;
|
|
max\-udp\-size integer;
|
|
max\-zone\-ttl ( unlimited | duration );
|
|
memstatistics boolean;
|
|
memstatistics\-file quoted_string;
|
|
message\-compression boolean;
|
|
min\-cache\-ttl duration;
|
|
min\-ncache\-ttl duration;
|
|
min\-refresh\-time integer;
|
|
min\-retry\-time integer;
|
|
minimal\-any boolean;
|
|
minimal\-responses ( no\-auth | no\-auth\-recursive | boolean );
|
|
multi\-master boolean;
|
|
new\-zones\-directory quoted_string;
|
|
no\-case\-compress { address_match_element; ... };
|
|
nocookie\-udp\-size integer;
|
|
notify ( explicit | master\-only | primary\-only | boolean );
|
|
notify\-delay integer;
|
|
notify\-rate integer;
|
|
notify\-source ( ipv4_address | * ) [ port ( integer | * ) ] [
|
|
dscp integer ];
|
|
notify\-source\-v6 ( ipv6_address | * ) [ port ( integer | * ) ]
|
|
[ dscp integer ];
|
|
notify\-to\-soa boolean;
|
|
nta\-lifetime duration;
|
|
nta\-recheck duration;
|
|
nxdomain\-redirect string;
|
|
pid\-file ( quoted_string | none );
|
|
port integer;
|
|
preferred\-glue string;
|
|
prefetch integer [ integer ];
|
|
provide\-ixfr boolean;
|
|
qname\-minimization ( strict | relaxed | disabled | off );
|
|
query\-source ( ( [ address ] ( ipv4_address | * ) [ port (
|
|
integer | * ) ] ) | ( [ [ address ] ( ipv4_address | * ) ]
|
|
port ( integer | * ) ) ) [ dscp integer ];
|
|
query\-source\-v6 ( ( [ address ] ( ipv6_address | * ) [ port (
|
|
integer | * ) ] ) | ( [ [ address ] ( ipv6_address | * ) ]
|
|
port ( integer | * ) ) ) [ dscp integer ];
|
|
querylog boolean;
|
|
random\-device ( quoted_string | none );
|
|
rate\-limit {
|
|
all\-per\-second integer;
|
|
errors\-per\-second integer;
|
|
exempt\-clients { address_match_element; ... };
|
|
ipv4\-prefix\-length integer;
|
|
ipv6\-prefix\-length integer;
|
|
log\-only boolean;
|
|
max\-table\-size integer;
|
|
min\-table\-size integer;
|
|
nodata\-per\-second integer;
|
|
nxdomains\-per\-second integer;
|
|
qps\-scale integer;
|
|
referrals\-per\-second integer;
|
|
responses\-per\-second integer;
|
|
slip integer;
|
|
window integer;
|
|
};
|
|
recursing\-file quoted_string;
|
|
recursion boolean;
|
|
recursive\-clients integer;
|
|
request\-expire boolean;
|
|
request\-ixfr boolean;
|
|
request\-nsid boolean;
|
|
require\-server\-cookie boolean;
|
|
reserved\-sockets integer;
|
|
resolver\-nonbackoff\-tries integer;
|
|
resolver\-query\-timeout integer;
|
|
resolver\-retry\-interval integer;
|
|
response\-padding { address_match_element; ... } block\-size
|
|
integer;
|
|
response\-policy { zone string [ add\-soa boolean ] [ log
|
|
boolean ] [ max\-policy\-ttl duration ] [ min\-update\-interval
|
|
duration ] [ policy ( cname | disabled | drop | given | no\-op
|
|
| nodata | nxdomain | passthru | tcp\-only quoted_string ) ] [
|
|
recursive\-only boolean ] [ nsip\-enable boolean ] [
|
|
nsdname\-enable boolean ]; ... } [ add\-soa boolean ] [
|
|
break\-dnssec boolean ] [ max\-policy\-ttl duration ] [
|
|
min\-update\-interval duration ] [ min\-ns\-dots integer ] [
|
|
nsip\-wait\-recurse boolean ] [ qname\-wait\-recurse boolean ]
|
|
[ recursive\-only boolean ] [ nsip\-enable boolean ] [
|
|
nsdname\-enable boolean ] [ dnsrps\-enable boolean ] [
|
|
dnsrps\-options { unspecified\-text } ];
|
|
root\-delegation\-only [ exclude { string; ... } ];
|
|
root\-key\-sentinel boolean;
|
|
rrset\-order { [ class string ] [ type string ] [ name
|
|
quoted_string ] string string; ... };
|
|
secroots\-file quoted_string;
|
|
send\-cookie boolean;
|
|
serial\-query\-rate integer;
|
|
serial\-update\-method ( date | increment | unixtime );
|
|
server\-id ( quoted_string | none | hostname );
|
|
servfail\-ttl duration;
|
|
session\-keyalg string;
|
|
session\-keyfile ( quoted_string | none );
|
|
session\-keyname string;
|
|
sig\-signing\-nodes integer;
|
|
sig\-signing\-signatures integer;
|
|
sig\-signing\-type integer;
|
|
sig\-validity\-interval integer [ integer ];
|
|
sortlist { address_match_element; ... };
|
|
stacksize ( default | unlimited | sizeval );
|
|
stale\-answer\-client\-timeout ( disabled | off | integer );
|
|
stale\-answer\-enable boolean;
|
|
stale\-answer\-ttl duration;
|
|
stale\-cache\-enable boolean;
|
|
stale\-refresh\-time duration;
|
|
startup\-notify\-rate integer;
|
|
statistics\-file quoted_string;
|
|
synth\-from\-dnssec boolean;
|
|
tcp\-advertised\-timeout integer;
|
|
tcp\-clients integer;
|
|
tcp\-idle\-timeout integer;
|
|
tcp\-initial\-timeout integer;
|
|
tcp\-keepalive\-timeout integer;
|
|
tcp\-listen\-queue integer;
|
|
tkey\-dhkey quoted_string integer;
|
|
tkey\-domain quoted_string;
|
|
tkey\-gssapi\-credential quoted_string;
|
|
tkey\-gssapi\-keytab quoted_string;
|
|
transfer\-format ( many\-answers | one\-answer );
|
|
transfer\-message\-size integer;
|
|
transfer\-source ( ipv4_address | * ) [ port ( integer | * ) ] [
|
|
dscp integer ];
|
|
transfer\-source\-v6 ( ipv6_address | * ) [ port ( integer | * )
|
|
] [ dscp integer ];
|
|
transfers\-in integer;
|
|
transfers\-out integer;
|
|
transfers\-per\-ns integer;
|
|
trust\-anchor\-telemetry boolean; // experimental
|
|
try\-tcp\-refresh boolean;
|
|
update\-check\-ksk boolean;
|
|
use\-alt\-transfer\-source boolean;
|
|
use\-v4\-udp\-ports { portrange; ... };
|
|
use\-v6\-udp\-ports { portrange; ... };
|
|
v6\-bias integer;
|
|
validate\-except { string; ... };
|
|
version ( quoted_string | none );
|
|
zero\-no\-soa\-ttl boolean;
|
|
zero\-no\-soa\-ttl\-cache boolean;
|
|
zone\-statistics ( full | terse | none | boolean );
|
|
};
|
|
.ft P
|
|
.fi
|
|
.UNINDENT
|
|
.UNINDENT
|
|
.SS PLUGIN
|
|
.INDENT 0.0
|
|
.INDENT 3.5
|
|
.sp
|
|
.nf
|
|
.ft C
|
|
plugin ( query ) string [ { unspecified\-text
|
|
} ];
|
|
.ft P
|
|
.fi
|
|
.UNINDENT
|
|
.UNINDENT
|
|
.SS PRIMARIES
|
|
.INDENT 0.0
|
|
.INDENT 3.5
|
|
.sp
|
|
.nf
|
|
.ft C
|
|
primaries string [ port integer ] [ dscp
|
|
integer ] { ( primaries | ipv4_address
|
|
[ port integer ] | ipv6_address [ port
|
|
integer ] ) [ key string ]; ... };
|
|
.ft P
|
|
.fi
|
|
.UNINDENT
|
|
.UNINDENT
|
|
.SS SERVER
|
|
.INDENT 0.0
|
|
.INDENT 3.5
|
|
.sp
|
|
.nf
|
|
.ft C
|
|
server netprefix {
|
|
bogus boolean;
|
|
edns boolean;
|
|
edns\-udp\-size integer;
|
|
edns\-version integer;
|
|
keys server_key;
|
|
max\-udp\-size integer;
|
|
notify\-source ( ipv4_address | * ) [ port ( integer | * ) ] [
|
|
dscp integer ];
|
|
notify\-source\-v6 ( ipv6_address | * ) [ port ( integer | * ) ]
|
|
[ dscp integer ];
|
|
padding integer;
|
|
provide\-ixfr boolean;
|
|
query\-source ( ( [ address ] ( ipv4_address | * ) [ port (
|
|
integer | * ) ] ) | ( [ [ address ] ( ipv4_address | * ) ]
|
|
port ( integer | * ) ) ) [ dscp integer ];
|
|
query\-source\-v6 ( ( [ address ] ( ipv6_address | * ) [ port (
|
|
integer | * ) ] ) | ( [ [ address ] ( ipv6_address | * ) ]
|
|
port ( integer | * ) ) ) [ dscp integer ];
|
|
request\-expire boolean;
|
|
request\-ixfr boolean;
|
|
request\-nsid boolean;
|
|
send\-cookie boolean;
|
|
tcp\-keepalive boolean;
|
|
tcp\-only boolean;
|
|
transfer\-format ( many\-answers | one\-answer );
|
|
transfer\-source ( ipv4_address | * ) [ port ( integer | * ) ] [
|
|
dscp integer ];
|
|
transfer\-source\-v6 ( ipv6_address | * ) [ port ( integer | * )
|
|
] [ dscp integer ];
|
|
transfers integer;
|
|
};
|
|
.ft P
|
|
.fi
|
|
.UNINDENT
|
|
.UNINDENT
|
|
.SS STATISTICS\-CHANNELS
|
|
.INDENT 0.0
|
|
.INDENT 3.5
|
|
.sp
|
|
.nf
|
|
.ft C
|
|
statistics\-channels {
|
|
inet ( ipv4_address | ipv6_address |
|
|
* ) [ port ( integer | * ) ] [
|
|
allow { address_match_element; ...
|
|
} ];
|
|
};
|
|
.ft P
|
|
.fi
|
|
.UNINDENT
|
|
.UNINDENT
|
|
.SS TRUST\-ANCHORS
|
|
.INDENT 0.0
|
|
.INDENT 3.5
|
|
.sp
|
|
.nf
|
|
.ft C
|
|
trust\-anchors { string ( static\-key |
|
|
initial\-key | static\-ds | initial\-ds )
|
|
integer integer integer
|
|
quoted_string; ... };
|
|
.ft P
|
|
.fi
|
|
.UNINDENT
|
|
.UNINDENT
|
|
.SS TRUSTED\-KEYS
|
|
.sp
|
|
Deprecated \- see DNSSEC\-KEYS.
|
|
.INDENT 0.0
|
|
.INDENT 3.5
|
|
.sp
|
|
.nf
|
|
.ft C
|
|
trusted\-keys { string integer
|
|
integer integer
|
|
quoted_string; ... };, deprecated
|
|
.ft P
|
|
.fi
|
|
.UNINDENT
|
|
.UNINDENT
|
|
.SS VIEW
|
|
.INDENT 0.0
|
|
.INDENT 3.5
|
|
.sp
|
|
.nf
|
|
.ft C
|
|
view string [ class ] {
|
|
allow\-new\-zones boolean;
|
|
allow\-notify { address_match_element; ... };
|
|
allow\-query { address_match_element; ... };
|
|
allow\-query\-cache { address_match_element; ... };
|
|
allow\-query\-cache\-on { address_match_element; ... };
|
|
allow\-query\-on { address_match_element; ... };
|
|
allow\-recursion { address_match_element; ... };
|
|
allow\-recursion\-on { address_match_element; ... };
|
|
allow\-transfer { address_match_element; ... };
|
|
allow\-update { address_match_element; ... };
|
|
allow\-update\-forwarding { address_match_element; ... };
|
|
also\-notify [ port integer ] [ dscp integer ] { ( primaries |
|
|
ipv4_address [ port integer ] | ipv6_address [ port
|
|
integer ] ) [ key string ]; ... };
|
|
alt\-transfer\-source ( ipv4_address | * ) [ port ( integer | * )
|
|
] [ dscp integer ];
|
|
alt\-transfer\-source\-v6 ( ipv6_address | * ) [ port ( integer |
|
|
* ) ] [ dscp integer ];
|
|
attach\-cache string;
|
|
auth\-nxdomain boolean; // default changed
|
|
auto\-dnssec ( allow | maintain | off );
|
|
cache\-file quoted_string;
|
|
catalog\-zones { zone string [ default\-masters [ port integer ]
|
|
[ dscp integer ] { ( primaries | ipv4_address [ port
|
|
integer ] | ipv6_address [ port integer ] ) [ key
|
|
string ]; ... } ] [ zone\-directory quoted_string ] [
|
|
in\-memory boolean ] [ min\-update\-interval duration ]; ... };
|
|
check\-dup\-records ( fail | warn | ignore );
|
|
check\-integrity boolean;
|
|
check\-mx ( fail | warn | ignore );
|
|
check\-mx\-cname ( fail | warn | ignore );
|
|
check\-names ( primary | master |
|
|
secondary | slave | response ) (
|
|
fail | warn | ignore );
|
|
check\-sibling boolean;
|
|
check\-spf ( warn | ignore );
|
|
check\-srv\-cname ( fail | warn | ignore );
|
|
check\-wildcard boolean;
|
|
clients\-per\-query integer;
|
|
deny\-answer\-addresses { address_match_element; ... } [
|
|
except\-from { string; ... } ];
|
|
deny\-answer\-aliases { string; ... } [ except\-from { string; ...
|
|
} ];
|
|
dialup ( notify | notify\-passive | passive | refresh | boolean );
|
|
disable\-algorithms string { string;
|
|
... };
|
|
disable\-ds\-digests string { string;
|
|
... };
|
|
disable\-empty\-zone string;
|
|
dlz string {
|
|
database string;
|
|
search boolean;
|
|
};
|
|
dns64 netprefix {
|
|
break\-dnssec boolean;
|
|
clients { address_match_element; ... };
|
|
exclude { address_match_element; ... };
|
|
mapped { address_match_element; ... };
|
|
recursive\-only boolean;
|
|
suffix ipv6_address;
|
|
};
|
|
dns64\-contact string;
|
|
dns64\-server string;
|
|
dnskey\-sig\-validity integer;
|
|
dnsrps\-enable boolean;
|
|
dnsrps\-options { unspecified\-text };
|
|
dnssec\-accept\-expired boolean;
|
|
dnssec\-dnskey\-kskonly boolean;
|
|
dnssec\-loadkeys\-interval integer;
|
|
dnssec\-must\-be\-secure string boolean;
|
|
dnssec\-policy string;
|
|
dnssec\-secure\-to\-insecure boolean;
|
|
dnssec\-update\-mode ( maintain | no\-resign );
|
|
dnssec\-validation ( yes | no | auto );
|
|
dnstap { ( all | auth | client | forwarder | resolver | update ) [
|
|
( query | response ) ]; ... };
|
|
dual\-stack\-servers [ port integer ] { ( quoted_string [ port
|
|
integer ] [ dscp integer ] | ipv4_address [ port
|
|
integer ] [ dscp integer ] | ipv6_address [ port
|
|
integer ] [ dscp integer ] ); ... };
|
|
dyndb string quoted_string {
|
|
unspecified\-text };
|
|
edns\-udp\-size integer;
|
|
empty\-contact string;
|
|
empty\-server string;
|
|
empty\-zones\-enable boolean;
|
|
fetch\-quota\-params integer fixedpoint fixedpoint fixedpoint;
|
|
fetches\-per\-server integer [ ( drop | fail ) ];
|
|
fetches\-per\-zone integer [ ( drop | fail ) ];
|
|
forward ( first | only );
|
|
forwarders [ port integer ] [ dscp integer ] { ( ipv4_address
|
|
| ipv6_address ) [ port integer ] [ dscp integer ]; ... };
|
|
glue\-cache boolean;
|
|
ixfr\-from\-differences ( primary | master | secondary | slave |
|
|
boolean );
|
|
key string {
|
|
algorithm string;
|
|
secret string;
|
|
};
|
|
key\-directory quoted_string;
|
|
lame\-ttl duration;
|
|
lmdb\-mapsize sizeval;
|
|
managed\-keys { string (
|
|
static\-key | initial\-key
|
|
| static\-ds | initial\-ds
|
|
) integer integer
|
|
integer
|
|
quoted_string; ... };, deprecated
|
|
masterfile\-format ( map | raw | text );
|
|
masterfile\-style ( full | relative );
|
|
match\-clients { address_match_element; ... };
|
|
match\-destinations { address_match_element; ... };
|
|
match\-recursive\-only boolean;
|
|
max\-cache\-size ( default | unlimited | sizeval | percentage );
|
|
max\-cache\-ttl duration;
|
|
max\-clients\-per\-query integer;
|
|
max\-ixfr\-ratio ( unlimited | percentage );
|
|
max\-journal\-size ( default | unlimited | sizeval );
|
|
max\-ncache\-ttl duration;
|
|
max\-records integer;
|
|
max\-recursion\-depth integer;
|
|
max\-recursion\-queries integer;
|
|
max\-refresh\-time integer;
|
|
max\-retry\-time integer;
|
|
max\-stale\-ttl duration;
|
|
max\-transfer\-idle\-in integer;
|
|
max\-transfer\-idle\-out integer;
|
|
max\-transfer\-time\-in integer;
|
|
max\-transfer\-time\-out integer;
|
|
max\-udp\-size integer;
|
|
max\-zone\-ttl ( unlimited | duration );
|
|
message\-compression boolean;
|
|
min\-cache\-ttl duration;
|
|
min\-ncache\-ttl duration;
|
|
min\-refresh\-time integer;
|
|
min\-retry\-time integer;
|
|
minimal\-any boolean;
|
|
minimal\-responses ( no\-auth | no\-auth\-recursive | boolean );
|
|
multi\-master boolean;
|
|
new\-zones\-directory quoted_string;
|
|
no\-case\-compress { address_match_element; ... };
|
|
nocookie\-udp\-size integer;
|
|
notify ( explicit | master\-only | primary\-only | boolean );
|
|
notify\-delay integer;
|
|
notify\-source ( ipv4_address | * ) [ port ( integer | * ) ] [
|
|
dscp integer ];
|
|
notify\-source\-v6 ( ipv6_address | * ) [ port ( integer | * ) ]
|
|
[ dscp integer ];
|
|
notify\-to\-soa boolean;
|
|
nta\-lifetime duration;
|
|
nta\-recheck duration;
|
|
nxdomain\-redirect string;
|
|
plugin ( query ) string [ {
|
|
unspecified\-text } ];
|
|
preferred\-glue string;
|
|
prefetch integer [ integer ];
|
|
provide\-ixfr boolean;
|
|
qname\-minimization ( strict | relaxed | disabled | off );
|
|
query\-source ( ( [ address ] ( ipv4_address | * ) [ port (
|
|
integer | * ) ] ) | ( [ [ address ] ( ipv4_address | * ) ]
|
|
port ( integer | * ) ) ) [ dscp integer ];
|
|
query\-source\-v6 ( ( [ address ] ( ipv6_address | * ) [ port (
|
|
integer | * ) ] ) | ( [ [ address ] ( ipv6_address | * ) ]
|
|
port ( integer | * ) ) ) [ dscp integer ];
|
|
rate\-limit {
|
|
all\-per\-second integer;
|
|
errors\-per\-second integer;
|
|
exempt\-clients { address_match_element; ... };
|
|
ipv4\-prefix\-length integer;
|
|
ipv6\-prefix\-length integer;
|
|
log\-only boolean;
|
|
max\-table\-size integer;
|
|
min\-table\-size integer;
|
|
nodata\-per\-second integer;
|
|
nxdomains\-per\-second integer;
|
|
qps\-scale integer;
|
|
referrals\-per\-second integer;
|
|
responses\-per\-second integer;
|
|
slip integer;
|
|
window integer;
|
|
};
|
|
recursion boolean;
|
|
request\-expire boolean;
|
|
request\-ixfr boolean;
|
|
request\-nsid boolean;
|
|
require\-server\-cookie boolean;
|
|
resolver\-nonbackoff\-tries integer;
|
|
resolver\-query\-timeout integer;
|
|
resolver\-retry\-interval integer;
|
|
response\-padding { address_match_element; ... } block\-size
|
|
integer;
|
|
response\-policy { zone string [ add\-soa boolean ] [ log
|
|
boolean ] [ max\-policy\-ttl duration ] [ min\-update\-interval
|
|
duration ] [ policy ( cname | disabled | drop | given | no\-op
|
|
| nodata | nxdomain | passthru | tcp\-only quoted_string ) ] [
|
|
recursive\-only boolean ] [ nsip\-enable boolean ] [
|
|
nsdname\-enable boolean ]; ... } [ add\-soa boolean ] [
|
|
break\-dnssec boolean ] [ max\-policy\-ttl duration ] [
|
|
min\-update\-interval duration ] [ min\-ns\-dots integer ] [
|
|
nsip\-wait\-recurse boolean ] [ qname\-wait\-recurse boolean ]
|
|
[ recursive\-only boolean ] [ nsip\-enable boolean ] [
|
|
nsdname\-enable boolean ] [ dnsrps\-enable boolean ] [
|
|
dnsrps\-options { unspecified\-text } ];
|
|
root\-delegation\-only [ exclude { string; ... } ];
|
|
root\-key\-sentinel boolean;
|
|
rrset\-order { [ class string ] [ type string ] [ name
|
|
quoted_string ] string string; ... };
|
|
send\-cookie boolean;
|
|
serial\-update\-method ( date | increment | unixtime );
|
|
server netprefix {
|
|
bogus boolean;
|
|
edns boolean;
|
|
edns\-udp\-size integer;
|
|
edns\-version integer;
|
|
keys server_key;
|
|
max\-udp\-size integer;
|
|
notify\-source ( ipv4_address | * ) [ port ( integer | *
|
|
) ] [ dscp integer ];
|
|
notify\-source\-v6 ( ipv6_address | * ) [ port ( integer
|
|
| * ) ] [ dscp integer ];
|
|
padding integer;
|
|
provide\-ixfr boolean;
|
|
query\-source ( ( [ address ] ( ipv4_address | * ) [ port
|
|
( integer | * ) ] ) | ( [ [ address ] (
|
|
ipv4_address | * ) ] port ( integer | * ) ) ) [
|
|
dscp integer ];
|
|
query\-source\-v6 ( ( [ address ] ( ipv6_address | * ) [
|
|
port ( integer | * ) ] ) | ( [ [ address ] (
|
|
ipv6_address | * ) ] port ( integer | * ) ) ) [
|
|
dscp integer ];
|
|
request\-expire boolean;
|
|
request\-ixfr boolean;
|
|
request\-nsid boolean;
|
|
send\-cookie boolean;
|
|
tcp\-keepalive boolean;
|
|
tcp\-only boolean;
|
|
transfer\-format ( many\-answers | one\-answer );
|
|
transfer\-source ( ipv4_address | * ) [ port ( integer |
|
|
* ) ] [ dscp integer ];
|
|
transfer\-source\-v6 ( ipv6_address | * ) [ port (
|
|
integer | * ) ] [ dscp integer ];
|
|
transfers integer;
|
|
};
|
|
servfail\-ttl duration;
|
|
sig\-signing\-nodes integer;
|
|
sig\-signing\-signatures integer;
|
|
sig\-signing\-type integer;
|
|
sig\-validity\-interval integer [ integer ];
|
|
sortlist { address_match_element; ... };
|
|
stale\-answer\-client\-timeout ( disabled | off | integer );
|
|
stale\-answer\-enable boolean;
|
|
stale\-answer\-ttl duration;
|
|
stale\-cache\-enable boolean;
|
|
stale\-refresh\-time duration;
|
|
synth\-from\-dnssec boolean;
|
|
transfer\-format ( many\-answers | one\-answer );
|
|
transfer\-source ( ipv4_address | * ) [ port ( integer | * ) ] [
|
|
dscp integer ];
|
|
transfer\-source\-v6 ( ipv6_address | * ) [ port ( integer | * )
|
|
] [ dscp integer ];
|
|
trust\-anchor\-telemetry boolean; // experimental
|
|
trust\-anchors { string ( static\-key |
|
|
initial\-key | static\-ds | initial\-ds
|
|
) integer integer integer
|
|
quoted_string; ... };
|
|
trusted\-keys { string
|
|
integer integer
|
|
integer
|
|
quoted_string; ... };, deprecated
|
|
try\-tcp\-refresh boolean;
|
|
update\-check\-ksk boolean;
|
|
use\-alt\-transfer\-source boolean;
|
|
v6\-bias integer;
|
|
validate\-except { string; ... };
|
|
zero\-no\-soa\-ttl boolean;
|
|
zero\-no\-soa\-ttl\-cache boolean;
|
|
zone string [ class ] {
|
|
allow\-notify { address_match_element; ... };
|
|
allow\-query { address_match_element; ... };
|
|
allow\-query\-on { address_match_element; ... };
|
|
allow\-transfer { address_match_element; ... };
|
|
allow\-update { address_match_element; ... };
|
|
allow\-update\-forwarding { address_match_element; ... };
|
|
also\-notify [ port integer ] [ dscp integer ] { (
|
|
primaries | ipv4_address [ port integer ] |
|
|
ipv6_address [ port integer ] ) [ key string ];
|
|
... };
|
|
alt\-transfer\-source ( ipv4_address | * ) [ port (
|
|
integer | * ) ] [ dscp integer ];
|
|
alt\-transfer\-source\-v6 ( ipv6_address | * ) [ port (
|
|
integer | * ) ] [ dscp integer ];
|
|
auto\-dnssec ( allow | maintain | off );
|
|
check\-dup\-records ( fail | warn | ignore );
|
|
check\-integrity boolean;
|
|
check\-mx ( fail | warn | ignore );
|
|
check\-mx\-cname ( fail | warn | ignore );
|
|
check\-names ( fail | warn | ignore );
|
|
check\-sibling boolean;
|
|
check\-spf ( warn | ignore );
|
|
check\-srv\-cname ( fail | warn | ignore );
|
|
check\-wildcard boolean;
|
|
database string;
|
|
delegation\-only boolean;
|
|
dialup ( notify | notify\-passive | passive | refresh |
|
|
boolean );
|
|
dlz string;
|
|
dnskey\-sig\-validity integer;
|
|
dnssec\-dnskey\-kskonly boolean;
|
|
dnssec\-loadkeys\-interval integer;
|
|
dnssec\-policy string;
|
|
dnssec\-secure\-to\-insecure boolean;
|
|
dnssec\-update\-mode ( maintain | no\-resign );
|
|
file quoted_string;
|
|
forward ( first | only );
|
|
forwarders [ port integer ] [ dscp integer ] { (
|
|
ipv4_address | ipv6_address ) [ port integer ] [
|
|
dscp integer ]; ... };
|
|
in\-view string;
|
|
inline\-signing boolean;
|
|
ixfr\-from\-differences boolean;
|
|
journal quoted_string;
|
|
key\-directory quoted_string;
|
|
masterfile\-format ( map | raw | text );
|
|
masterfile\-style ( full | relative );
|
|
masters [ port integer ] [ dscp integer ] { (
|
|
primaries | ipv4_address [ port integer ] |
|
|
ipv6_address [ port integer ] ) [ key string ];
|
|
... };
|
|
max\-ixfr\-ratio ( unlimited | percentage );
|
|
max\-journal\-size ( default | unlimited | sizeval );
|
|
max\-records integer;
|
|
max\-refresh\-time integer;
|
|
max\-retry\-time integer;
|
|
max\-transfer\-idle\-in integer;
|
|
max\-transfer\-idle\-out integer;
|
|
max\-transfer\-time\-in integer;
|
|
max\-transfer\-time\-out integer;
|
|
max\-zone\-ttl ( unlimited | duration );
|
|
min\-refresh\-time integer;
|
|
min\-retry\-time integer;
|
|
multi\-master boolean;
|
|
notify ( explicit | master\-only | primary\-only | boolean );
|
|
notify\-delay integer;
|
|
notify\-source ( ipv4_address | * ) [ port ( integer | *
|
|
) ] [ dscp integer ];
|
|
notify\-source\-v6 ( ipv6_address | * ) [ port ( integer
|
|
| * ) ] [ dscp integer ];
|
|
notify\-to\-soa boolean;
|
|
primaries [ port integer ] [ dscp integer ] { (
|
|
primaries | ipv4_address [ port integer ] |
|
|
ipv6_address [ port integer ] ) [ key string ];
|
|
... };
|
|
request\-expire boolean;
|
|
request\-ixfr boolean;
|
|
serial\-update\-method ( date | increment | unixtime );
|
|
server\-addresses { ( ipv4_address | ipv6_address ); ... };
|
|
server\-names { string; ... };
|
|
sig\-signing\-nodes integer;
|
|
sig\-signing\-signatures integer;
|
|
sig\-signing\-type integer;
|
|
sig\-validity\-interval integer [ integer ];
|
|
transfer\-source ( ipv4_address | * ) [ port ( integer |
|
|
* ) ] [ dscp integer ];
|
|
transfer\-source\-v6 ( ipv6_address | * ) [ port (
|
|
integer | * ) ] [ dscp integer ];
|
|
try\-tcp\-refresh boolean;
|
|
type ( primary | master | secondary | slave | mirror |
|
|
delegation\-only | forward | hint | redirect |
|
|
static\-stub | stub );
|
|
update\-check\-ksk boolean;
|
|
update\-policy ( local | { ( deny | grant ) string (
|
|
6to4\-self | external | krb5\-self | krb5\-selfsub |
|
|
krb5\-subdomain | ms\-self | ms\-selfsub | ms\-subdomain |
|
|
name | self | selfsub | selfwild | subdomain | tcp\-self
|
|
| wildcard | zonesub ) [ string ] rrtypelist; ... };
|
|
use\-alt\-transfer\-source boolean;
|
|
zero\-no\-soa\-ttl boolean;
|
|
zone\-statistics ( full | terse | none | boolean );
|
|
};
|
|
zone\-statistics ( full | terse | none | boolean );
|
|
};
|
|
.ft P
|
|
.fi
|
|
.UNINDENT
|
|
.UNINDENT
|
|
.SS ZONE
|
|
.INDENT 0.0
|
|
.INDENT 3.5
|
|
.sp
|
|
.nf
|
|
.ft C
|
|
zone string [ class ] {
|
|
allow\-notify { address_match_element; ... };
|
|
allow\-query { address_match_element; ... };
|
|
allow\-query\-on { address_match_element; ... };
|
|
allow\-transfer { address_match_element; ... };
|
|
allow\-update { address_match_element; ... };
|
|
allow\-update\-forwarding { address_match_element; ... };
|
|
also\-notify [ port integer ] [ dscp integer ] { ( primaries |
|
|
ipv4_address [ port integer ] | ipv6_address [ port
|
|
integer ] ) [ key string ]; ... };
|
|
alt\-transfer\-source ( ipv4_address | * ) [ port ( integer | * )
|
|
] [ dscp integer ];
|
|
alt\-transfer\-source\-v6 ( ipv6_address | * ) [ port ( integer |
|
|
* ) ] [ dscp integer ];
|
|
auto\-dnssec ( allow | maintain | off );
|
|
check\-dup\-records ( fail | warn | ignore );
|
|
check\-integrity boolean;
|
|
check\-mx ( fail | warn | ignore );
|
|
check\-mx\-cname ( fail | warn | ignore );
|
|
check\-names ( fail | warn | ignore );
|
|
check\-sibling boolean;
|
|
check\-spf ( warn | ignore );
|
|
check\-srv\-cname ( fail | warn | ignore );
|
|
check\-wildcard boolean;
|
|
database string;
|
|
delegation\-only boolean;
|
|
dialup ( notify | notify\-passive | passive | refresh | boolean );
|
|
dlz string;
|
|
dnskey\-sig\-validity integer;
|
|
dnssec\-dnskey\-kskonly boolean;
|
|
dnssec\-loadkeys\-interval integer;
|
|
dnssec\-policy string;
|
|
dnssec\-secure\-to\-insecure boolean;
|
|
dnssec\-update\-mode ( maintain | no\-resign );
|
|
file quoted_string;
|
|
forward ( first | only );
|
|
forwarders [ port integer ] [ dscp integer ] { ( ipv4_address
|
|
| ipv6_address ) [ port integer ] [ dscp integer ]; ... };
|
|
in\-view string;
|
|
inline\-signing boolean;
|
|
ixfr\-from\-differences boolean;
|
|
journal quoted_string;
|
|
key\-directory quoted_string;
|
|
masterfile\-format ( map | raw | text );
|
|
masterfile\-style ( full | relative );
|
|
masters [ port integer ] [ dscp integer ] { ( primaries |
|
|
ipv4_address [ port integer ] | ipv6_address [ port
|
|
integer ] ) [ key string ]; ... };
|
|
max\-ixfr\-ratio ( unlimited | percentage );
|
|
max\-journal\-size ( default | unlimited | sizeval );
|
|
max\-records integer;
|
|
max\-refresh\-time integer;
|
|
max\-retry\-time integer;
|
|
max\-transfer\-idle\-in integer;
|
|
max\-transfer\-idle\-out integer;
|
|
max\-transfer\-time\-in integer;
|
|
max\-transfer\-time\-out integer;
|
|
max\-zone\-ttl ( unlimited | duration );
|
|
min\-refresh\-time integer;
|
|
min\-retry\-time integer;
|
|
multi\-master boolean;
|
|
notify ( explicit | master\-only | primary\-only | boolean );
|
|
notify\-delay integer;
|
|
notify\-source ( ipv4_address | * ) [ port ( integer | * ) ] [
|
|
dscp integer ];
|
|
notify\-source\-v6 ( ipv6_address | * ) [ port ( integer | * ) ]
|
|
[ dscp integer ];
|
|
notify\-to\-soa boolean;
|
|
primaries [ port integer ] [ dscp integer ] { ( primaries |
|
|
ipv4_address [ port integer ] | ipv6_address [ port
|
|
integer ] ) [ key string ]; ... };
|
|
request\-expire boolean;
|
|
request\-ixfr boolean;
|
|
serial\-update\-method ( date | increment | unixtime );
|
|
server\-addresses { ( ipv4_address | ipv6_address ); ... };
|
|
server\-names { string; ... };
|
|
sig\-signing\-nodes integer;
|
|
sig\-signing\-signatures integer;
|
|
sig\-signing\-type integer;
|
|
sig\-validity\-interval integer [ integer ];
|
|
transfer\-source ( ipv4_address | * ) [ port ( integer | * ) ] [
|
|
dscp integer ];
|
|
transfer\-source\-v6 ( ipv6_address | * ) [ port ( integer | * )
|
|
] [ dscp integer ];
|
|
try\-tcp\-refresh boolean;
|
|
type ( primary | master | secondary | slave | mirror |
|
|
delegation\-only | forward | hint | redirect | static\-stub |
|
|
stub );
|
|
update\-check\-ksk boolean;
|
|
update\-policy ( local | { ( deny | grant ) string ( 6to4\-self |
|
|
external | krb5\-self | krb5\-selfsub | krb5\-subdomain | ms\-self
|
|
| ms\-selfsub | ms\-subdomain | name | self | selfsub | selfwild
|
|
| subdomain | tcp\-self | wildcard | zonesub ) [ string ]
|
|
rrtypelist; ... };
|
|
use\-alt\-transfer\-source boolean;
|
|
zero\-no\-soa\-ttl boolean;
|
|
zone\-statistics ( full | terse | none | boolean );
|
|
};
|
|
.ft P
|
|
.fi
|
|
.UNINDENT
|
|
.UNINDENT
|
|
.SH FILES
|
|
.sp
|
|
\fB/etc/named.conf\fP
|
|
.SH SEE ALSO
|
|
.sp
|
|
\fBddns\-confgen(8)\fP, \fBnamed(8)\fP, \fBnamed\-checkconf(8)\fP, \fBrndc(8)\fP, \fBrndc\-confgen(8)\fP, BIND 9 Administrator Reference Manual.
|
|
.SH AUTHOR
|
|
Internet Systems Consortium
|
|
.SH COPYRIGHT
|
|
2021, Internet Systems Consortium
|
|
.\" Generated by docutils manpage writer.
|
|
.
|