named.conf revision 87262
1// $FreeBSD: head/etc/namedb/named.conf 87262 2001-12-03 08:05:52Z cjc $ 2// 3// Refer to the named.conf(5) and named(8) man pages for details. If 4// you are ever going to setup a primary server, make sure you've 5// understood the hairy details of how DNS is working. Even with 6// simple mistakes, you can break connectivity for affected parties, 7// or cause huge amount of useless Internet traffic. 8 9options { 10 directory "/etc/namedb"; 11 pid-file "/var/run/named/pid"; 12 13// In addition to the "forwarders" clause, you can force your name 14// server to never initiate queries of its own, but always ask its 15// forwarders only, by enabling the following line: 16// 17// forward only; 18 19// If you've got a DNS server around at your upstream provider, enter 20// its IP address here, and enable the line below. This will make you 21// benefit from its cache, thus reduce overall DNS traffic in the Internet. 22/* 23 forwarders { 24 127.0.0.1; 25 }; 26*/ 27 /* 28 * If there is a firewall between you and nameservers you want 29 * to talk to, you might need to uncomment the query-source 30 * directive below. Previous versions of BIND always asked 31 * questions using port 53, but BIND 8.1 uses an unprivileged 32 * port by default. 33 */ 34 // query-source address * port 53; 35 36 /* 37 * If running in a sandbox, you may have to specify a different 38 * location for the dumpfile. 39 */ 40 // dump-file "s/named_dump.db"; 41}; 42 43// Note: the following will be supported in a future release. 44/* 45host { any; } { 46 topology { 47 127.0.0.0/8; 48 }; 49}; 50*/ 51 52// Setting up secondaries is way easier and the rough picture for this 53// is explained below. 54// 55// If you enable a local name server, don't forget to enter 127.0.0.1 56// into your /etc/resolv.conf so this server will be queried first. 57// Also, make sure to enable it in /etc/rc.conf. 58 59zone "." { 60 type hint; 61 file "named.root"; 62}; 63 64zone "0.0.127.IN-ADDR.ARPA" { 65 type master; 66 file "localhost.rev"; 67}; 68 69zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.INT" { 70 type master; 71 file "localhost.rev"; 72}; 73 74// NB: Do not use the IP addresses below, they are faked, and only 75// serve demonstration/documentation purposes! 76// 77// Example secondary config entries. It can be convenient to become 78// a secondary at least for the zone where your own domain is in. Ask 79// your network administrator for the IP address of the responsible 80// primary. 81// 82// Never forget to include the reverse lookup (IN-ADDR.ARPA) zone! 83// (This is the first bytes of the respective IP address, in reverse 84// order, with ".IN-ADDR.ARPA" appended.) 85// 86// Before starting to setup a primary zone, better make sure you fully 87// understand how DNS and BIND works, however. There are sometimes 88// unobvious pitfalls. Setting up a secondary is comparably simpler. 89// 90// NB: Don't blindly enable the examples below. :-) Use actual names 91// and addresses instead. 92// 93// NOTE!!! FreeBSD can run bind in a sandbox (see named_flags in rc.conf). 94// The directory containing the secondary zones must be write accessible 95// to bind. The following sequence is suggested: 96// 97// mkdir /etc/namedb/s 98// chown bind:bind /etc/namedb/s 99// chmod 750 /etc/namedb/s 100 101/* 102zone "domain.com" { 103 type slave; 104 file "s/domain.com.bak"; 105 masters { 106 192.168.1.1; 107 }; 108}; 109 110zone "0.168.192.in-addr.arpa" { 111 type slave; 112 file "s/0.168.192.in-addr.arpa.bak"; 113 masters { 114 192.168.1.1; 115 }; 116}; 117*/ 118 119