1/*
2 * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
3 *
4 * SPDX-License-Identifier: MPL-2.0
5 *
6 * This Source Code Form is subject to the terms of the Mozilla Public
7 * License, v. 2.0.  If a copy of the MPL was not distributed with this
8 * file, you can obtain one at https://mozilla.org/MPL/2.0/.
9 *
10 * See the COPYRIGHT file distributed with this work for additional
11 * information regarding copyright ownership.
12 */
13
14include "../../_common/rndc.key";
15
16controls {
17	inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
18};
19
20tls self-signed {
21	cert-file "../self-signed-cert.pem";
22	key-file "../self-signed-key.pem";
23};
24
25options {
26	pid-file "named.pid";
27	##
28	# generic test
29	listen-on port @PORT@ { 10.53.0.1; };
30	listen-on port @TLSPORT@ tls self-signed { 10.53.0.1; };
31	# test #1
32	listen-on port @EXTRAPORT1@ { 10.53.0.1; };
33	listen-on port @EXTRAPORT1@ tls self-signed { 10.53.0.2; };
34	listen-on port @EXTRAPORT2@ { 10.53.0.1; };
35	listen-on port @EXTRAPORT2@ tls self-signed { 10.53.0.2; };
36	# test #2
37	listen-on port @EXTRAPORT1@ { 10.53.0.3; };
38	listen-on port @EXTRAPORT2@ { 10.53.0.3; };
39	listen-on port @EXTRAPORT1@ tls self-signed { 10.53.0.4; };
40	listen-on port @EXTRAPORT2@ tls self-signed { 10.53.0.4; };
41	# test #3
42	listen-on port @EXTRAPORT3@ tls self-signed { 10.53.0.3; };
43	listen-on port @EXTRAPORT4@ tls self-signed { 10.53.0.3; };
44	listen-on port @EXTRAPORT3@ { 10.53.0.4; };
45	listen-on port @EXTRAPORT4@ { 10.53.0.4; };
46	# test #4
47	listen-on port @EXTRAPORT1@ { 10.53.0.5; };
48	listen-on port @EXTRAPORT2@ { 10.53.0.5; };
49	listen-on port @EXTRAPORT1@ tls self-signed { 10.53.0.6; };
50	# test #5
51	listen-on port @EXTRAPORT3@ tls self-signed { 10.53.0.1; };
52	listen-on port @EXTRAPORT4@ tls self-signed { 10.53.0.1; };
53	listen-on port @EXTRAPORT3@ { 10.53.0.2; };
54	# test #6
55	listen-on port @EXTRAPORT5@ { 10.53.0.1; };
56	# test #7
57	listen-on port @EXTRAPORT6@ tls self-signed  { 10.53.0.1; };
58	# test #7
59	listen-on port @EXTRAPORT7@ tls self-signed  { 10.53.0.1; };
60	# test #8
61	listen-on port @EXTRAPORT8@ { 10.53.0.1; };
62	##
63	listen-on-v6 { none; };
64	recursion no;
65	notify explicit;
66	statistics-file "named.stats";
67	dnssec-validation yes;
68	tcp-initial-timeout 1200;
69};
70
71zone "example0" {
72	type primary;
73	file "example.db";
74	allow-transfer port @TLSPORT@ transport tls { any; };
75};
76
77zone "example1" {
78	type primary;
79	file "example.db";
80	allow-transfer port @EXTRAPORT1@ { any; };
81};
82
83zone "example2" {
84	type primary;
85	file "example.db";
86	allow-transfer transport tcp { any; };
87};
88
89zone "example3" {
90	type primary;
91	file "example.db";
92	allow-transfer transport tls { any; };
93};
94
95zone "example4" {
96	type primary;
97	file "example.db";
98	allow-transfer port @EXTRAPORT1@ transport tcp { any; };
99};
100
101zone "example5" {
102	type primary;
103	file "example.db";
104	allow-transfer port @EXTRAPORT3@ transport tls { any; };
105};
106
107zone "example6" {
108	type primary;
109	file "example.db";
110	allow-transfer port @EXTRAPORT5@ transport tcp { 10.53.0.7; 10.53.0.8; 10.53.0.9; };
111};
112
113zone "example7" {
114	type primary;
115	file "example.db";
116	allow-transfer port @EXTRAPORT6@ transport tls { 10.53.0.7; 10.53.0.8; 10.53.0.9; };
117};
118
119zone "example8" {
120	type primary;
121	file "example.db";
122	allow-transfer port @EXTRAPORT7@ transport tls { 10.53.0.1; 10.53.0.2; 10.53.0.3; };
123};
124
125zone "example9" {
126	type primary;
127	file "example.db";
128	allow-transfer port @EXTRAPORT8@ transport tcp { 10.53.0.7; !10.53.0.8; 10.53.0.9; };
129};
130