named.conf revision 149797 
1// $FreeBSD: head/etc/namedb/named.conf 149797 2005-09-05 13:42:22Z dougb $
2//
3// Refer to the named.conf(5) and named(8) man pages, and the documentation
4// in /usr/share/doc/bind9 for more details.
5//
6// If you are going to set up an authoritative server, make sure you
7// understand the hairy details of how DNS works.  Even with
8// simple mistakes, you can break connectivity for affected parties,
9// or cause huge amounts of useless Internet traffic.
10
11options {
12	directory	"/etc/namedb";
13	pid-file	"/var/run/named/pid";
14	dump-file	"/var/dump/named_dump.db";
15	statistics-file	"/var/stats/named.stats";
16
17// If named is being used only as a local resolver, this is a safe default.
18// For named to be accessible to the network, comment this option, specify
19// the proper IP address, or delete this option.
20	listen-on	{ 127.0.0.1; };
21
22// If you have IPv6 enabled on this system, uncomment this option for
23// use as a local resolver.  To give access to the network, specify
24// an IPv6 address, or the keyword "any".
25//	listen-on-v6	{ ::1; };
26
27// In addition to the "forwarders" clause, you can force your name
28// server to never initiate queries of its own, but always ask its
29// forwarders only, by enabling the following line:
30//
31//      forward only;
32
33// If you've got a DNS server around at your upstream provider, enter
34// its IP address here, and enable the line below.  This will make you
35// benefit from its cache, thus reduce overall DNS traffic in the Internet.
36/*
37	forwarders {
38		127.0.0.1;
39	};
40*/
41	/*
42	 * If there is a firewall between you and nameservers you want
43	 * to talk to, you might need to uncomment the query-source
44	 * directive below.  Previous versions of BIND always asked
45	 * questions using port 53, but BIND versions 8 and later
46	 * use a pseudo-random unprivileged UDP port by default.
47	 */
48	// query-source address * port 53;
49};
50
51// If you enable a local name server, don't forget to enter 127.0.0.1
52// first in your /etc/resolv.conf so this server will be queried.
53// Also, make sure to enable it in /etc/rc.conf.
54
55zone "." {
56	type hint;
57	file "named.root";
58};
59
60zone "0.0.127.IN-ADDR.ARPA" {
61	type master;
62	file "master/localhost.rev";
63};
64
65// RFC 3152
66zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA" {
67	type master;
68	file "master/localhost-v6.rev";
69};
70
71// NB: Do not use the IP addresses below, they are faked, and only
72// serve demonstration/documentation purposes!
73//
74// Example slave zone config entries.  It can be convenient to become
75// a slave at least for the zone your own domain is in.  Ask
76// your network administrator for the IP address of the responsible
77// primary.
78//
79// Never forget to include the reverse lookup (IN-ADDR.ARPA) zone!
80// (This is named after the first bytes of the IP address, in reverse
81// order, with ".IN-ADDR.ARPA" appended.)
82//
83// Before starting to set up a primary zone, make sure you fully
84// understand how DNS and BIND works.  There are sometimes
85// non-obvious pitfalls.  Setting up a slave zone is simpler.
86//
87// NB: Don't blindly enable the examples below. :-)  Use actual names
88// and addresses instead.
89
90/* An example master zone
91zone "example.net" {
92	type master;
93	file "master/example.net";
94};
95*/
96
97/* An example dynamic zone
98key "exampleorgkey" {
99        algorithm hmac-md5;
100        secret "sf87HJqjkqh8ac87a02lla==";
101};
102zone "example.org" {
103	type master;
104	allow-update {
105		key "exampleorgkey";
106	};
107	file "dynamic/example.org";
108};
109*/
110
111/* Examples of forward and reverse slave zones
112zone "example.com" {
113	type slave;
114	file "slave/example.com";
115	masters {
116		192.168.1.1;
117	};
118};
119zone "1.168.192.in-addr.arpa" {
120	type slave;
121	file "slave/1.168.192.in-addr.arpa";
122	masters {
123		192.168.1.1;
124	};
125};
126*/
127
128