named.conf.in revision 1.1.1.5
1/* 2 * Copyright (C) Internet Systems Consortium, Inc. ("ISC") 3 * 4 * SPDX-License-Identifier: MPL-2.0 5 * 6 * This Source Code Form is subject to the terms of the Mozilla Public 7 * License, v. 2.0. If a copy of the MPL was not distributed with this 8 * file, you can obtain one at https://mozilla.org/MPL/2.0/. 9 * 10 * See the COPYRIGHT file distributed with this work for additional 11 * information regarding copyright ownership. 12 */ 13 14options { 15 query-source address 10.53.0.1; 16 notify-source 10.53.0.1; 17 transfer-source 10.53.0.1; 18 port @PORT@; 19 pid-file "named.pid"; 20 session-keyfile "session.key"; 21 listen-on { 10.53.0.1; 127.0.0.1; }; 22 listen-on-v6 { none; }; 23 recursion no; 24 notify yes; 25 minimal-responses no; 26 update-quota 1; 27 dnssec-validation no; 28}; 29 30acl named-acl { 31 any; 32}; 33 34key rndc_key { 35 secret "1234abcd8765"; 36 algorithm @DEFAULT_HMAC@; 37}; 38 39controls { 40 inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; 41}; 42 43key altkey { 44 algorithm hmac-md5; 45 secret "1234abcd8765"; 46}; 47 48key restricted.example.nil { 49 algorithm hmac-md5; 50 secret "1234abcd8765"; 51}; 52 53key zonesub-key.example.nil { 54 algorithm hmac-md5; 55 secret "1234subk8765"; 56}; 57 58include "ddns.key"; 59 60zone "example.nil" { 61 type primary; 62 file "example.db"; 63 check-integrity no; 64 check-mx ignore; 65 update-policy { 66 grant zonesub-key.example.nil zonesub TXT; 67 grant ddns-key.example.nil subdomain example.nil ANY; 68 grant restricted.example.nil subdomain restricted.example.nil ANY; 69 }; 70 allow-transfer { any; }; 71}; 72 73zone "max-ttl.nil" { 74 type primary; 75 file "max-ttl.db"; 76 max-zone-ttl 300; 77 check-integrity no; 78 allow-update { named-acl; }; 79 allow-transfer { any; }; 80}; 81 82zone "other.nil" { 83 type primary; 84 file "other.db"; 85 check-integrity no; 86 check-mx warn; 87 update-policy local; 88 allow-query { !10.53.0.2; any; }; 89 allow-query-on { 10.53.0.1; 127.0.0.1; }; 90 allow-transfer { any; }; 91}; 92 93primaries others { 94 10.53.0.2 port @PORT@; 95 10.53.0.2 port @PORT@ key altkey; 96}; 97 98zone "update.nil" { 99 type primary; 100 file "update.db"; 101 check-integrity no; 102 check-mx fail; 103 allow-update { any; }; 104 allow-transfer { any; }; 105 also-notify { others; }; 106}; 107 108zone "unixtime.nil" { 109 type primary; 110 file "unixtime.db"; 111 check-integrity no; 112 allow-update { any; }; 113 allow-transfer { any; }; 114 serial-update-method unixtime; 115}; 116 117zone "yyyymmddvv.nil" { 118 type primary; 119 file "yyyymmddvv.db"; 120 check-integrity no; 121 allow-update { any; }; 122 allow-transfer { any; }; 123 serial-update-method date; 124}; 125 126include "md5.key"; 127include "sha1.key"; 128include "sha224.key"; 129include "sha256.key"; 130include "sha384.key"; 131include "sha512.key"; 132include "legacy157.key"; 133include "legacy161.key"; 134include "legacy162.key"; 135include "legacy163.key"; 136include "legacy164.key"; 137include "legacy165.key"; 138 139zone "keytests.nil" { 140 type primary; 141 file "keytests.db"; 142 update-policy { 143 grant md5-key name md5.keytests.nil. ANY; 144 grant sha1-key name sha1.keytests.nil. ANY; 145 grant sha224-key name sha224.keytests.nil. ANY; 146 grant sha256-key name sha256.keytests.nil. ANY; 147 grant sha384-key name sha384.keytests.nil. ANY; 148 grant sha512-key name sha512.keytests.nil. ANY; 149 grant legacy-157 name 157.keytests.nil. ANY; 150 grant legacy-161 name 161.keytests.nil. ANY; 151 grant legacy-162 name 162.keytests.nil. ANY; 152 grant legacy-163 name 163.keytests.nil. ANY; 153 grant legacy-164 name 164.keytests.nil. ANY; 154 grant legacy-165 name 165.keytests.nil. ANY; 155 }; 156}; 157 158zone "many.test" { 159 type primary; 160 allow-update { any; }; 161 file "many.test.db"; 162}; 163 164zone "sample" { 165 type primary; 166 allow-update { any; }; 167 file "sample.db"; 168}; 169 170zone "maxjournal.test" { 171 type primary; 172 allow-update { any; }; 173 file "maxjournal.db"; 174 max-journal-size default; 175}; 176