named.conf.in revision 1.1.1.4
1/* 2 * Copyright (C) Internet Systems Consortium, Inc. ("ISC") 3 * 4 * SPDX-License-Identifier: MPL-2.0 5 * 6 * This Source Code Form is subject to the terms of the Mozilla Public 7 * License, v. 2.0. If a copy of the MPL was not distributed with this 8 * file, you can obtain one at https://mozilla.org/MPL/2.0/. 9 * 10 * See the COPYRIGHT file distributed with this work for additional 11 * information regarding copyright ownership. 12 */ 13 14options { 15 query-source address 10.53.0.1 dscp 1; 16 notify-source 10.53.0.1 dscp 22; 17 transfer-source 10.53.0.1 dscp 3; 18 port @PORT@; 19 pid-file "named.pid"; 20 session-keyfile "session.key"; 21 listen-on { 10.53.0.1; 127.0.0.1; }; 22 listen-on-v6 { none; }; 23 recursion no; 24 notify yes; 25 minimal-responses no; 26 update-quota 1; 27}; 28 29acl named-acl { 30 any; 31}; 32 33key rndc_key { 34 secret "1234abcd8765"; 35 algorithm hmac-sha256; 36}; 37 38controls { 39 inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; 40}; 41 42key altkey { 43 algorithm hmac-md5; 44 secret "1234abcd8765"; 45}; 46 47key restricted.example.nil { 48 algorithm hmac-md5; 49 secret "1234abcd8765"; 50}; 51 52key zonesub-key.example.nil { 53 algorithm hmac-md5; 54 secret "1234subk8765"; 55}; 56 57include "ddns.key"; 58 59zone "example.nil" { 60 type primary; 61 file "example.db"; 62 check-integrity no; 63 check-mx ignore; 64 update-policy { 65 grant zonesub-key.example.nil zonesub TXT; 66 grant ddns-key.example.nil subdomain example.nil ANY; 67 grant restricted.example.nil subdomain restricted.example.nil ANY; 68 }; 69 allow-transfer { any; }; 70}; 71 72zone "max-ttl.nil" { 73 type primary; 74 file "max-ttl.db"; 75 max-zone-ttl 300; 76 check-integrity no; 77 allow-update { named-acl; }; 78 allow-transfer { any; }; 79}; 80 81zone "other.nil" { 82 type primary; 83 file "other.db"; 84 check-integrity no; 85 check-mx warn; 86 update-policy local; 87 allow-query { !10.53.0.2; any; }; 88 allow-query-on { 10.53.0.1; 127.0.0.1; }; 89 allow-transfer { any; }; 90}; 91 92primaries others { 93 10.53.0.2 port @PORT@; 94 10.53.0.2 port @PORT@ key altkey; 95}; 96 97zone "update.nil" { 98 type primary; 99 file "update.db"; 100 check-integrity no; 101 check-mx fail; 102 allow-update { any; }; 103 allow-transfer { any; }; 104 also-notify { others; }; 105}; 106 107zone "unixtime.nil" { 108 type primary; 109 file "unixtime.db"; 110 check-integrity no; 111 allow-update { any; }; 112 allow-transfer { any; }; 113 serial-update-method unixtime; 114}; 115 116zone "yyyymmddvv.nil" { 117 type primary; 118 file "yyyymmddvv.db"; 119 check-integrity no; 120 allow-update { any; }; 121 allow-transfer { any; }; 122 serial-update-method date; 123}; 124 125include "md5.key"; 126include "sha1.key"; 127include "sha224.key"; 128include "sha256.key"; 129include "sha384.key"; 130include "sha512.key"; 131 132zone "keytests.nil" { 133 type primary; 134 file "keytests.db"; 135 update-policy { 136 grant md5-key name md5.keytests.nil. ANY; 137 grant sha1-key name sha1.keytests.nil. ANY; 138 grant sha224-key name sha224.keytests.nil. ANY; 139 grant sha256-key name sha256.keytests.nil. ANY; 140 grant sha384-key name sha384.keytests.nil. ANY; 141 grant sha512-key name sha512.keytests.nil. ANY; 142 }; 143}; 144 145zone "many.test" { 146 type primary; 147 allow-update { any; }; 148 file "many.test.db"; 149}; 150 151zone "sample" { 152 type primary; 153 allow-update { any; }; 154 file "sample.db"; 155}; 156 157zone "maxjournal.test" { 158 type primary; 159 allow-update { any; }; 160 file "maxjournal.db"; 161 max-journal-size default; 162}; 163