named.conf revision 35947
135947Speter// $Id: named.conf,v 1.1 1998/05/07 23:42:33 ache Exp $ 235947Speter// 335832Sache// Refer to the named(8) man page for details. If you are ever going 435832Sache// to setup a primary server, make sure you've understood the hairy 535832Sache// details of how DNS is working. Even with simple mistakes, you can 635832Sache// break connectivity for affected parties, or cause huge amount of 735832Sache// useless Internet traffic. 835832Sache 935832Sacheoptions { 1035832Sache directory "/etc/namedb"; 1135832Sache 1235832Sache// In addition to the "forwarders" clause, you can force your name 1335832Sache// server to never initiate queries of its own, but always ask its 1435832Sache// forwarders only, by enabling the following line: 1535947Speter// 1635832Sache// forward only; 1735832Sache 1835947Speter// If you've got a DNS server around at your upstream provider, enter 1935832Sache// its IP address here, and enable the line below. This will make you 2035832Sache// benefit from its cache, thus reduce overall DNS traffic in the Internet. 2135832Sache/* 2235832Sache forwarders { 2335832Sache 127.0.0.1; 2435832Sache }; 2535832Sache*/ 2635832Sache /* 2735832Sache * If there is a firewall between you and nameservers you want 2835832Sache * to talk to, you might need to uncomment the query-source 2935832Sache * directive below. Previous versions of BIND always asked 3035832Sache * questions using port 53, but BIND 8.1 uses an unprivileged 3135832Sache * port by default. 3235832Sache */ 3335832Sache // query-source address * port 53; 3435832Sache}; 3535832Sache 3635832Sache// Note: the following will be supported in a future release. 3735832Sache/* 3835832Sachehost { any; } { 3935832Sache topology { 4035832Sache 127.0.0.0/8; 4135832Sache }; 4235832Sache}; 4335832Sache*/ 4435832Sache 4535832Sache// Setting up secondaries is way easier and the rough picture for this 4635832Sache// is explained below. 4735947Speter// 4835832Sache// If you enable a local name server, don't forget to enter 127.0.0.1 4935832Sache// into your /etc/resolv.conf so this server will be queried first. 5035832Sache// Also, make sure to enable it in /etc/rc.conf. 5135832Sache 5235832Sachezone "." { 5335832Sache type hint; 5435832Sache file "named.root"; 5535832Sache}; 5635832Sache 5735832Sachezone "0.0.127.IN-ADDR.ARPA" { 5835832Sache type master; 5935832Sache file "localhost.rev"; 6035832Sache}; 6135832Sache 6235832Sache// NB: Do not use the IP addresses below, they are faked, and only 6335832Sache// serve demonstration/documentation purposes! 6435947Speter// 6535832Sache// Example secondary config entries. It can be convenient to become 6635947Speter// a secondary at least for the zone where your own domain is in. Ask 6735947Speter// your network administrator for the IP address of the responsible 6835947Speter// primary. 6935947Speter// 7035832Sache// Never forget to include the reverse lookup (IN-ADDR.ARPA) zone! 7135947Speter// (This is the first bytes of the respective IP address, in reverse 7235947Speter// order, with ".IN-ADDR.ARPA" appended.) 7335947Speter// 7435832Sache// Before starting to setup a primary zone, better make sure you fully 7535947Speter// understand how DNS and BIND works, however. There are sometimes 7635832Sache// unobvious pitfalls. Setting up a secondary is comparably simpler. 7735947Speter// 7835832Sache// NB: Don't blindly enable the examples below. :-) Use actual names 7935947Speter// and addresses instead. 8035832Sache 8135832Sache/* 8235832Sachezone "domain.com" { 8335832Sache type slave; 8435832Sache file "domain.com.bak"; 8535832Sache masters { 8635832Sache 192.168.1.1; 8735832Sache }; 8835832Sache}; 8935832Sache 9035832Sachezone "0.168.192.in-addr.arpa" { 9135832Sache type slave; 9235832Sache file "0.168.192.in-addr.arpa.bak"; 9335832Sache masters { 9435832Sache 192.168.1.1; 9535832Sache }; 9635832Sache}; 9735832Sache*/ 9835832Sache 99