named.conf.in revision 1.1.1.3
1/* 2 * Copyright (C) Internet Systems Consortium, Inc. ("ISC") 3 * 4 * SPDX-License-Identifier: MPL-2.0 5 * 6 * This Source Code Form is subject to the terms of the Mozilla Public 7 * License, v. 2.0. If a copy of the MPL was not distributed with this 8 * file, you can obtain one at https://mozilla.org/MPL/2.0/. 9 * 10 * See the COPYRIGHT file distributed with this work for additional 11 * information regarding copyright ownership. 12 */ 13 14options { 15 query-source address 10.53.0.1 dscp 1; 16 notify-source 10.53.0.1 dscp 22; 17 transfer-source 10.53.0.1 dscp 3; 18 port @PORT@; 19 pid-file "named.pid"; 20 session-keyfile "session.key"; 21 listen-on { 10.53.0.1; 127.0.0.1; }; 22 listen-on-v6 { none; }; 23 recursion no; 24 notify yes; 25 minimal-responses no; 26}; 27 28acl named-acl { 29 any; 30}; 31 32key rndc_key { 33 secret "1234abcd8765"; 34 algorithm hmac-sha256; 35}; 36 37controls { 38 inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; 39}; 40 41key altkey { 42 algorithm hmac-md5; 43 secret "1234abcd8765"; 44}; 45 46key restricted.example.nil { 47 algorithm hmac-md5; 48 secret "1234abcd8765"; 49}; 50 51key zonesub-key.example.nil { 52 algorithm hmac-md5; 53 secret "1234subk8765"; 54}; 55 56include "ddns.key"; 57 58zone "example.nil" { 59 type primary; 60 file "example.db"; 61 check-integrity no; 62 check-mx ignore; 63 update-policy { 64 grant zonesub-key.example.nil zonesub TXT; 65 grant ddns-key.example.nil subdomain example.nil ANY; 66 grant restricted.example.nil subdomain restricted.example.nil ANY; 67 }; 68 allow-transfer { any; }; 69}; 70 71zone "max-ttl.nil" { 72 type primary; 73 file "max-ttl.db"; 74 max-zone-ttl 300; 75 check-integrity no; 76 allow-update { named-acl; }; 77 allow-transfer { any; }; 78}; 79 80zone "other.nil" { 81 type primary; 82 file "other.db"; 83 check-integrity no; 84 check-mx warn; 85 update-policy local; 86 allow-query-on { 10.53.0.1; 127.0.0.1; }; 87 allow-transfer { any; }; 88}; 89 90primaries others { 91 10.53.0.2 port @PORT@; 92 10.53.0.2 port @PORT@ key altkey; 93}; 94 95zone "update.nil" { 96 type primary; 97 file "update.db"; 98 check-integrity no; 99 check-mx fail; 100 allow-update { any; }; 101 allow-transfer { any; }; 102 also-notify { others; }; 103}; 104 105zone "unixtime.nil" { 106 type primary; 107 file "unixtime.db"; 108 check-integrity no; 109 allow-update { any; }; 110 allow-transfer { any; }; 111 serial-update-method unixtime; 112}; 113 114zone "yyyymmddvv.nil" { 115 type primary; 116 file "yyyymmddvv.db"; 117 check-integrity no; 118 allow-update { any; }; 119 allow-transfer { any; }; 120 serial-update-method date; 121}; 122 123include "md5.key"; 124include "sha1.key"; 125include "sha224.key"; 126include "sha256.key"; 127include "sha384.key"; 128include "sha512.key"; 129 130zone "keytests.nil" { 131 type primary; 132 file "keytests.db"; 133 update-policy { 134 grant md5-key name md5.keytests.nil. ANY; 135 grant sha1-key name sha1.keytests.nil. ANY; 136 grant sha224-key name sha224.keytests.nil. ANY; 137 grant sha256-key name sha256.keytests.nil. ANY; 138 grant sha384-key name sha384.keytests.nil. ANY; 139 grant sha512-key name sha512.keytests.nil. ANY; 140 }; 141}; 142 143zone "many.test" { 144 type primary; 145 allow-update { any; }; 146 file "many.test.db"; 147}; 148 149zone "sample" { 150 type primary; 151 allow-update { any; }; 152 file "sample.db"; 153}; 154 155zone "maxjournal.test" { 156 type primary; 157 allow-update { any; }; 158 file "maxjournal.db"; 159 max-journal-size default; 160}; 161