2016-12-02
ISC
Internet Systems Consortium, Inc.
named.conf
5
BIND9
named.conf
configuration file for named
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
Internet Systems Consortium, Inc. ("ISC")
named.conf
DESCRIPTION
named.conf is the configuration file
for
named. Statements are enclosed
in braces and terminated with a semi-colon. Clauses in
the statements are also semi-colon terminated. The usual
comment styles are supported:
C style: /* */
C++ style: // to end of line
Unix style: # to end of line
ACL
acl string { address_match_element; ... };
CONTROLS
controls {
inet ( ipv4_address | ipv6_address |
* ) port ( integer | * ) allow
{ address_match_element; ... }
keys { string; ... } ;
unix quoted_string perm integer
owner integer group integer
keys { string; ... } ;
};
DLZ
dlz string {
database string;
search boolean;
};
KEY
key string {
algorithm string;
secret string;
};
LOGGING
logging {
category string { string; ... };
channel string {
file quoted_string versions ( "unlimited" | integer )
size size ;
null;
print-category boolean;
print-severity boolean;
print-time boolean;
severity log_severity;
stderr;
syslog syslog_facility ;
};
};
LWRES
lwres {
listen-on port integer dscp integer { ( ipv4_address
| ipv6_address ) port integer dscp integer ; ... };
ndots integer;
search { string; ... };
view string class ;
};
MANAGED-KEYS
managed-keys { string string integer
integer integer quoted_string; ... };
MASTERS
masters string port integer dscp
integer { ( masters | ipv4_address
port integer | ipv6_address port
integer ) key string ; ... };
OPTIONS
options {
acache-cleaning-interval integer;
acache-enable boolean;
additional-from-auth boolean;
additional-from-cache boolean;
allow-new-zones boolean;
allow-notify { address_match_element; ... };
allow-query { address_match_element; ... };
allow-query-cache { address_match_element; ... };
allow-query-cache-on { address_match_element; ... };
allow-query-on { address_match_element; ... };
allow-recursion { address_match_element; ... };
allow-recursion-on { address_match_element; ... };
allow-transfer { address_match_element; ... };
allow-update { address_match_element; ... };
allow-update-forwarding { address_match_element; ... };
also-notify port integer dscp integer { ( masters |
ipv4_address port integer | ipv6_address port
integer ) key string ; ... };
alt-transfer-source ( ipv4_address | * ) port ( integer | * )
dscp integer ;
alt-transfer-source-v6 ( ipv6_address | * ) port ( integer |
* ) dscp integer ;
attach-cache string;
auth-nxdomain boolean; // default changed
auto-dnssec ( allow | maintain | off );
automatic-interface-scan boolean;
avoid-v4-udp-ports { portrange; ... };
avoid-v6-udp-ports { portrange; ... };
bindkeys-file quoted_string;
blackhole { address_match_element; ... };
cache-file quoted_string;
check-dup-records ( fail | warn | ignore );
check-integrity boolean;
check-mx ( fail | warn | ignore );
check-mx-cname ( fail | warn | ignore );
check-names ( master | slave | response
) ( fail | warn | ignore );
check-sibling boolean;
check-spf ( warn | ignore );
check-srv-cname ( fail | warn | ignore );
check-wildcard boolean;
cleaning-interval integer;
clients-per-query integer;
coresize ( default | unlimited | sizeval );
datasize ( default | unlimited | sizeval );
deny-answer-addresses { address_match_element; ... }
except-from { quoted_string; ... } ;
deny-answer-aliases { quoted_string; ... } except-from {
quoted_string; ... } ;
dialup ( notify | notify-passive | passive | refresh | boolean );
directory quoted_string;
disable-algorithms string { string;
... };
disable-ds-digests string { string;
... };
disable-empty-zone string;
dns64 netprefix {
break-dnssec boolean;
clients { address_match_element; ... };
exclude { address_match_element; ... };
mapped { address_match_element; ... };
recursive-only boolean;
suffix ipv6_address;
};
dns64-contact string;
dns64-server string;
dnssec-accept-expired boolean;
dnssec-dnskey-kskonly boolean;
dnssec-enable boolean;
dnssec-loadkeys-interval integer;
dnssec-lookaside ( string trust-anchor
string | auto | no );
dnssec-must-be-secure string boolean;
dnssec-secure-to-insecure boolean;
dnssec-update-mode ( maintain | no-resign );
dnssec-validation ( yes | no | auto );
dscp integer;
dual-stack-servers port integer { ( quoted_string port
integer dscp integer | ipv4_address port
integer dscp integer | ipv6_address port
integer dscp integer ); ... };
dump-file quoted_string;
edns-udp-size integer;
empty-contact string;
empty-server string;
empty-zones-enable boolean;
fetch-quota-params integer fixedpoint
fixedpoint fixedpoint;
fetches-per-server integer ( drop | fail ) ;
fetches-per-zone integer ( drop | fail ) ;
files ( default | unlimited | sizeval );
filter-aaaa { address_match_element; ... };
filter-aaaa-on-v4 ( break-dnssec | boolean );
filter-aaaa-on-v6 ( break-dnssec | boolean );
flush-zones-on-shutdown boolean;
forward ( first | only );
forwarders port integer dscp integer { ( ipv4_address
| ipv6_address ) port integer dscp integer ; ... };
geoip-directory ( quoted_string | none );
heartbeat-interval integer;
hostname ( quoted_string | none );
inline-signing boolean;
interface-interval integer;
ixfr-from-differences ( master | slave | boolean );
key-directory quoted_string;
lame-ttl integer;
listen-on port integer dscp
integer {
address_match_element; ... };
listen-on-v6 port integer dscp
integer {
address_match_element; ... };
managed-keys-directory quoted_string;
masterfile-format ( map | raw | text );
match-mapped-addresses boolean;
max-acache-size size_no_default;
max-cache-size size_no_default;
max-cache-ttl integer;
max-clients-per-query integer;
max-journal-size size_no_default;
max-ncache-ttl integer;
max-records integer;
max-recursion-depth integer;
max-recursion-queries integer;
max-refresh-time integer;
max-retry-time integer;
max-rsa-exponent-size integer;
max-transfer-idle-in integer;
max-transfer-idle-out integer;
max-transfer-time-in integer;
max-transfer-time-out integer;
max-udp-size integer;
max-zone-ttl ( unlimited | ttlval );
memstatistics boolean;
memstatistics-file quoted_string;
min-refresh-time integer;
min-retry-time integer;
minimal-responses boolean;
multi-master boolean;
no-case-compress { address_match_element; ... };
nosit-udp-size integer;, experimental
notify ( explicit | master-only | boolean );
notify-delay integer;
notify-source ( ipv4_address | * ) port ( integer | * )
dscp integer ;
notify-source-v6 ( ipv6_address | * ) port ( integer | * )
dscp integer ;
notify-to-soa boolean;
nsec3-test-zone boolean; // test only
pid-file ( quoted_string | none );
port integer;
preferred-glue string;
prefetch integer integer ;
provide-ixfr boolean;
query-source ( ( address ( ipv4_address | * ) port (
integer | * ) ) | ( address ( ipv4_address | * )
port ( integer | * ) ) ) dscp integer ;
query-source-v6 ( ( address ( ipv6_address | * ) port (
integer | * ) ) | ( address ( ipv6_address | * )
port ( integer | * ) ) ) dscp integer ;
querylog boolean;
random-device quoted_string;
rate-limit {
all-per-second integer;
errors-per-second integer;
exempt-clients { address_match_element; ... };
ipv4-prefix-length integer;
ipv6-prefix-length integer;
log-only boolean;
max-table-size integer;
min-table-size integer;
nodata-per-second integer;
nxdomains-per-second integer;
qps-scale integer;
referrals-per-second integer;
responses-per-second integer;
slip integer;
window integer;
};
recursing-file quoted_string;
recursion boolean;
recursive-clients integer;
request-ixfr boolean;
request-nsid boolean;
request-sit boolean;, experimental
reserved-sockets integer;
resolver-query-timeout integer;
response-policy { zone quoted_string policy ( cname | disabled
| drop | given | no-op | nodata | nxdomain | passthru |
tcp-only quoted_string ) recursive-only boolean
max-policy-ttl integer ; ... } recursive-only boolean
break-dnssec boolean max-policy-ttl integer
min-ns-dots integer qname-wait-recurse boolean ;
root-delegation-only exclude { quoted_string; ... } ;
rrset-order { class string type string name
quoted_string string string; ... };
secroots-file quoted_string;
serial-query-rate integer;
serial-update-method ( increment | unixtime );
server-id ( quoted_string | none | hostname );
session-keyalg string;
session-keyfile ( quoted_string | none );
session-keyname string;
sig-signing-nodes integer;
sig-signing-signatures integer;
sig-signing-type integer;
sig-validity-interval integer integer ;
sit-secret string;, experimental
sortlist { address_match_element; ... };
stacksize ( default | unlimited | sizeval );
statistics-file quoted_string;
tcp-clients integer;
tcp-listen-queue integer;
tkey-dhkey quoted_string integer;
tkey-domain quoted_string;
tkey-gssapi-credential quoted_string;
tkey-gssapi-keytab quoted_string;
transfer-format ( many-answers | one-answer );
transfer-source ( ipv4_address | * ) port ( integer | * )
dscp integer ;
transfer-source-v6 ( ipv6_address | * ) port ( integer | * )
dscp integer ;
transfers-in integer;
transfers-out integer;
transfers-per-ns integer;
trust-anchor-telemetry boolean; // experimental
try-tcp-refresh boolean;
update-check-ksk boolean;
use-alt-transfer-source boolean;
use-v4-udp-ports { portrange; ... };
use-v6-udp-ports { portrange; ... };
version ( quoted_string | none );
zero-no-soa-ttl boolean;
zero-no-soa-ttl-cache boolean;
zone-statistics ( full | terse | none | boolean );
};
SERVER
server netprefix {
bogus boolean;
edns boolean;
edns-udp-size integer;
keys server_key;
max-udp-size integer;
notify-source ( ipv4_address | * ) port ( integer | * )
dscp integer ;
notify-source-v6 ( ipv6_address | * ) port ( integer | * )
dscp integer ;
provide-ixfr boolean;
query-source ( ( address ( ipv4_address | * ) port (
integer | * ) ) | ( address ( ipv4_address | * )
port ( integer | * ) ) ) dscp integer ;
query-source-v6 ( ( address ( ipv6_address | * ) port (
integer | * ) ) | ( address ( ipv6_address | * )
port ( integer | * ) ) ) dscp integer ;
request-ixfr boolean;
request-nsid boolean;
request-sit boolean;, experimental
tcp-only boolean;
transfer-format ( many-answers | one-answer );
transfer-source ( ipv4_address | * ) port ( integer | * )
dscp integer ;
transfer-source-v6 ( ipv6_address | * ) port ( integer | * )
dscp integer ;
transfers integer;
};
STATISTICS-CHANNELS
statistics-channels {
inet ( ipv4_address | ipv6_address |
* ) port ( integer | * )
allow { address_match_element; ...
} ;
};
TRUSTED-KEYS
trusted-keys { string integer integer
integer quoted_string; ... };
VIEW
view string class {
acache-cleaning-interval integer;
acache-enable boolean;
additional-from-auth boolean;
additional-from-cache boolean;
allow-new-zones boolean;
allow-notify { address_match_element; ... };
allow-query { address_match_element; ... };
allow-query-cache { address_match_element; ... };
allow-query-cache-on { address_match_element; ... };
allow-query-on { address_match_element; ... };
allow-recursion { address_match_element; ... };
allow-recursion-on { address_match_element; ... };
allow-transfer { address_match_element; ... };
allow-update { address_match_element; ... };
allow-update-forwarding { address_match_element; ... };
also-notify port integer dscp integer { ( masters |
ipv4_address port integer | ipv6_address port
integer ) key string ; ... };
alt-transfer-source ( ipv4_address | * ) port ( integer | * )
dscp integer ;
alt-transfer-source-v6 ( ipv6_address | * ) port ( integer |
* ) dscp integer ;
attach-cache string;
auth-nxdomain boolean; // default changed
auto-dnssec ( allow | maintain | off );
cache-file quoted_string;
check-dup-records ( fail | warn | ignore );
check-integrity boolean;
check-mx ( fail | warn | ignore );
check-mx-cname ( fail | warn | ignore );
check-names ( master | slave | response
) ( fail | warn | ignore );
check-sibling boolean;
check-spf ( warn | ignore );
check-srv-cname ( fail | warn | ignore );
check-wildcard boolean;
cleaning-interval integer;
clients-per-query integer;
deny-answer-addresses { address_match_element; ... }
except-from { quoted_string; ... } ;
deny-answer-aliases { quoted_string; ... } except-from {
quoted_string; ... } ;
dialup ( notify | notify-passive | passive | refresh | boolean );
disable-algorithms string { string;
... };
disable-ds-digests string { string;
... };
disable-empty-zone string;
dlz string {
database string;
search boolean;
};
dns64 netprefix {
break-dnssec boolean;
clients { address_match_element; ... };
exclude { address_match_element; ... };
mapped { address_match_element; ... };
recursive-only boolean;
suffix ipv6_address;
};
dns64-contact string;
dns64-server string;
dnssec-accept-expired boolean;
dnssec-dnskey-kskonly boolean;
dnssec-enable boolean;
dnssec-loadkeys-interval integer;
dnssec-lookaside ( string trust-anchor
string | auto | no );
dnssec-must-be-secure string boolean;
dnssec-secure-to-insecure boolean;
dnssec-update-mode ( maintain | no-resign );
dnssec-validation ( yes | no | auto );
dual-stack-servers port integer { ( quoted_string port
integer dscp integer | ipv4_address port
integer dscp integer | ipv6_address port
integer dscp integer ); ... };
edns-udp-size integer;
empty-contact string;
empty-server string;
empty-zones-enable boolean;
fetch-quota-params integer fixedpoint
fixedpoint fixedpoint;
fetches-per-server integer ( drop | fail ) ;
fetches-per-zone integer ( drop | fail ) ;
filter-aaaa { address_match_element; ... };
filter-aaaa-on-v4 ( break-dnssec | boolean );
filter-aaaa-on-v6 ( break-dnssec | boolean );
forward ( first | only );
forwarders port integer dscp integer { ( ipv4_address
| ipv6_address ) port integer dscp integer ; ... };
inline-signing boolean;
ixfr-from-differences ( master | slave | boolean );
key string {
algorithm string;
secret string;
};
key-directory quoted_string;
lame-ttl integer;
managed-keys { string string
integer integer integer
quoted_string; ... };
masterfile-format ( map | raw | text );
match-clients { address_match_element; ... };
match-destinations { address_match_element; ... };
match-recursive-only boolean;
max-acache-size size_no_default;
max-cache-size size_no_default;
max-cache-ttl integer;
max-clients-per-query integer;
max-journal-size size_no_default;
max-ncache-ttl integer;
max-records integer;
max-recursion-depth integer;
max-recursion-queries integer;
max-refresh-time integer;
max-retry-time integer;
max-transfer-idle-in integer;
max-transfer-idle-out integer;
max-transfer-time-in integer;
max-transfer-time-out integer;
max-udp-size integer;
max-zone-ttl ( unlimited | ttlval );
min-refresh-time integer;
min-retry-time integer;
minimal-responses boolean;
multi-master boolean;
no-case-compress { address_match_element; ... };
nosit-udp-size integer;, experimental
notify ( explicit | master-only | boolean );
notify-delay integer;
notify-source ( ipv4_address | * ) port ( integer | * )
dscp integer ;
notify-source-v6 ( ipv6_address | * ) port ( integer | * )
dscp integer ;
notify-to-soa boolean;
nsec3-test-zone boolean; // test only
preferred-glue string;
prefetch integer integer ;
provide-ixfr boolean;
query-source ( ( address ( ipv4_address | * ) port (
integer | * ) ) | ( address ( ipv4_address | * )
port ( integer | * ) ) ) dscp integer ;
query-source-v6 ( ( address ( ipv6_address | * ) port (
integer | * ) ) | ( address ( ipv6_address | * )
port ( integer | * ) ) ) dscp integer ;
rate-limit {
all-per-second integer;
errors-per-second integer;
exempt-clients { address_match_element; ... };
ipv4-prefix-length integer;
ipv6-prefix-length integer;
log-only boolean;
max-table-size integer;
min-table-size integer;
nodata-per-second integer;
nxdomains-per-second integer;
qps-scale integer;
referrals-per-second integer;
responses-per-second integer;
slip integer;
window integer;
};
recursion boolean;
request-ixfr boolean;
request-nsid boolean;
request-sit boolean;, experimental
resolver-query-timeout integer;
response-policy { zone quoted_string policy ( cname | disabled
| drop | given | no-op | nodata | nxdomain | passthru |
tcp-only quoted_string ) recursive-only boolean
max-policy-ttl integer ; ... } recursive-only boolean
break-dnssec boolean max-policy-ttl integer
min-ns-dots integer qname-wait-recurse boolean ;
root-delegation-only exclude { quoted_string; ... } ;
rrset-order { class string type string name
quoted_string string string; ... };
serial-update-method ( increment | unixtime );
server netprefix {
bogus boolean;
edns boolean;
edns-udp-size integer;
keys server_key;
max-udp-size integer;
notify-source ( ipv4_address | * ) port ( integer | *
) dscp integer ;
notify-source-v6 ( ipv6_address | * ) port ( integer
| * ) dscp integer ;
provide-ixfr boolean;
query-source ( ( address ( ipv4_address | * ) port
( integer | * ) ) | ( address (
ipv4_address | * ) port ( integer | * ) ) )
dscp integer ;
query-source-v6 ( ( address ( ipv6_address | * )
port ( integer | * ) ) | ( address (
ipv6_address | * ) port ( integer | * ) ) )
dscp integer ;
request-ixfr boolean;
request-nsid boolean;
request-sit boolean;, experimental
tcp-only boolean;
transfer-format ( many-answers | one-answer );
transfer-source ( ipv4_address | * ) port ( integer |
* ) dscp integer ;
transfer-source-v6 ( ipv6_address | * ) port (
integer | * ) dscp integer ;
transfers integer;
};
sig-signing-nodes integer;
sig-signing-signatures integer;
sig-signing-type integer;
sig-validity-interval integer integer ;
sortlist { address_match_element; ... };
transfer-format ( many-answers | one-answer );
transfer-source ( ipv4_address | * ) port ( integer | * )
dscp integer ;
transfer-source-v6 ( ipv6_address | * ) port ( integer | * )
dscp integer ;
trust-anchor-telemetry boolean; // experimental
trusted-keys { string integer
integer integer quoted_string;
... };
try-tcp-refresh boolean;
update-check-ksk boolean;
use-alt-transfer-source boolean;
zero-no-soa-ttl boolean;
zero-no-soa-ttl-cache boolean;
zone string class {
allow-notify { address_match_element; ... };
allow-query { address_match_element; ... };
allow-query-on { address_match_element; ... };
allow-transfer { address_match_element; ... };
allow-update { address_match_element; ... };
allow-update-forwarding { address_match_element; ... };
also-notify port integer dscp integer { (
masters | ipv4_address port integer |
ipv6_address port integer ) key string ;
... };
alt-transfer-source ( ipv4_address | * ) port (
integer | * ) dscp integer ;
alt-transfer-source-v6 ( ipv6_address | * ) port (
integer | * ) dscp integer ;
auto-dnssec ( allow | maintain | off );
check-dup-records ( fail | warn | ignore );
check-integrity boolean;
check-mx ( fail | warn | ignore );
check-mx-cname ( fail | warn | ignore );
check-names ( fail | warn | ignore );
check-sibling boolean;
check-spf ( warn | ignore );
check-srv-cname ( fail | warn | ignore );
check-wildcard boolean;
database string;
delegation-only boolean;
dialup ( notify | notify-passive | passive | refresh |
boolean );
dlz string;
dnssec-dnskey-kskonly boolean;
dnssec-loadkeys-interval integer;
dnssec-secure-to-insecure boolean;
dnssec-update-mode ( maintain | no-resign );
file quoted_string;
forward ( first | only );
forwarders port integer dscp integer { (
ipv4_address | ipv6_address ) port integer
dscp integer ; ... };
in-view string;
inline-signing boolean;
ixfr-from-differences boolean;
journal quoted_string;
key-directory quoted_string;
masterfile-format ( map | raw | text );
masters port integer dscp integer { ( masters
| ipv4_address port integer | ipv6_address
port integer ) key string ; ... };
max-ixfr-log-size ( default | unlimited |
max-journal-size size_no_default;
max-records integer;
max-refresh-time integer;
max-retry-time integer;
max-transfer-idle-in integer;
max-transfer-idle-out integer;
max-transfer-time-in integer;
max-transfer-time-out integer;
max-zone-ttl ( unlimited | ttlval );
min-refresh-time integer;
min-retry-time integer;
multi-master boolean;
notify ( explicit | master-only | boolean );
notify-delay integer;
notify-source ( ipv4_address | * ) port ( integer | *
) dscp integer ;
notify-source-v6 ( ipv6_address | * ) port ( integer
| * ) dscp integer ;
notify-to-soa boolean;
nsec3-test-zone boolean; // test only
pubkey integer
integer
integer
request-ixfr boolean;
serial-update-method ( increment | unixtime );
server-addresses { ( ipv4_address | ipv6_address )
port integer ; ... };
server-names { quoted_string; ... };
sig-signing-nodes integer;
sig-signing-signatures integer;
sig-signing-type integer;
sig-validity-interval integer integer ;
transfer-source ( ipv4_address | * ) port ( integer |
* ) dscp integer ;
transfer-source-v6 ( ipv6_address | * ) port (
integer | * ) dscp integer ;
try-tcp-refresh boolean;
type ( delegation-only | forward | hint | master | redirect
| slave | static-stub | stub );
update-check-ksk boolean;
update-policy ( local | { ( deny | grant ) string (
6to4-self | external | krb5-self | krb5-subdomain |
ms-self | ms-subdomain | name | self | selfsub |
selfwild | subdomain | tcp-self | wildcard | zonesub )
string rrtypelist; ... };
use-alt-transfer-source boolean;
zero-no-soa-ttl boolean;
zone-statistics ( full | terse | none | boolean );
};
zone-statistics ( full | terse | none | boolean );
};
ZONE
zone string class {
allow-notify { address_match_element; ... };
allow-query { address_match_element; ... };
allow-query-on { address_match_element; ... };
allow-transfer { address_match_element; ... };
allow-update { address_match_element; ... };
allow-update-forwarding { address_match_element; ... };
also-notify port integer dscp integer { ( masters |
ipv4_address port integer | ipv6_address port
integer ) key string ; ... };
alt-transfer-source ( ipv4_address | * ) port ( integer | * )
dscp integer ;
alt-transfer-source-v6 ( ipv6_address | * ) port ( integer |
* ) dscp integer ;
auto-dnssec ( allow | maintain | off );
check-dup-records ( fail | warn | ignore );
check-integrity boolean;
check-mx ( fail | warn | ignore );
check-mx-cname ( fail | warn | ignore );
check-names ( fail | warn | ignore );
check-sibling boolean;
check-spf ( warn | ignore );
check-srv-cname ( fail | warn | ignore );
check-wildcard boolean;
database string;
delegation-only boolean;
dialup ( notify | notify-passive | passive | refresh | boolean );
dlz string;
dnssec-dnskey-kskonly boolean;
dnssec-loadkeys-interval integer;
dnssec-secure-to-insecure boolean;
dnssec-update-mode ( maintain | no-resign );
file quoted_string;
forward ( first | only );
forwarders port integer dscp integer { ( ipv4_address
| ipv6_address ) port integer dscp integer ; ... };
in-view string;
inline-signing boolean;
ixfr-from-differences boolean;
journal quoted_string;
key-directory quoted_string;
masterfile-format ( map | raw | text );
masters port integer dscp integer { ( masters |
ipv4_address port integer | ipv6_address port
integer ) key string ; ... };
max-journal-size size_no_default;
max-records integer;
max-refresh-time integer;
max-retry-time integer;
max-transfer-idle-in integer;
max-transfer-idle-out integer;
max-transfer-time-in integer;
max-transfer-time-out integer;
max-zone-ttl ( unlimited | ttlval );
min-refresh-time integer;
min-retry-time integer;
multi-master boolean;
notify ( explicit | master-only | boolean );
notify-delay integer;
notify-source ( ipv4_address | * ) port ( integer | * )
dscp integer ;
notify-source-v6 ( ipv6_address | * ) port ( integer | * )
dscp integer ;
notify-to-soa boolean;
nsec3-test-zone boolean; // test only
pubkey integer integer
request-ixfr boolean;
serial-update-method ( increment | unixtime );
server-addresses { ( ipv4_address | ipv6_address ) port
integer ; ... };
server-names { quoted_string; ... };
sig-signing-nodes integer;
sig-signing-signatures integer;
sig-signing-type integer;
sig-validity-interval integer integer ;
transfer-source ( ipv4_address | * ) port ( integer | * )
dscp integer ;
transfer-source-v6 ( ipv6_address | * ) port ( integer | * )
dscp integer ;
try-tcp-refresh boolean;
type ( delegation-only | forward | hint | master | redirect | slave
| static-stub | stub );
update-check-ksk boolean;
update-policy ( local | { ( deny | grant ) string ( 6to4-self |
external | krb5-self | krb5-subdomain | ms-self | ms-subdomain
| name | self | selfsub | selfwild | subdomain | tcp-self |
wildcard | zonesub ) string rrtypelist; ... };
use-alt-transfer-source boolean;
zero-no-soa-ttl boolean;
zone-statistics ( full | terse | none | boolean );
};
FILES
/etc/named.conf
SEE ALSO
ddns-confgen8
,
named8
,
named-checkconf8
,
rndc8
,
rndc-confgen8
,
BIND 9 Administrator Reference Manual.