Aug 13, 2004 named.conf 5 BIND9 named.conf configuration file for named named.conf DESCRIPTION named.conf is the configuration file for named. Statements are enclosed in braces and terminated with a semi-colon. Clauses in the statements are also semi-colon terminated. The usual comment styles are supported: C style: /* */ C++ style: // to end of line Unix style: # to end of line ACL acl string { address_match_element; ... }; KEY key domain_name { algorithm string; secret string; }; MASTERS masters string port integer { ( masters | ipv4_address port integer | ipv6_address port integer ) key string ; ... }; SERVER server ( ipv4_address | ipv6_address ) { bogus boolean; edns boolean; provide-ixfr boolean; request-ixfr boolean; keys server_key; transfers integer; transfer-format ( many-answers | one-answer ); transfer-source ( ipv4_address | * ) port ( integer | * ) ; transfer-source-v6 ( ipv6_address | * ) port ( integer | * ) ; support-ixfr boolean; // obsolete }; TRUSTED-KEYS trusted-keys { domain_name flags protocol algorithm key; ... }; CONTROLS controls { inet ( ipv4_address | ipv6_address | * ) port ( integer | * ) allow { address_match_element; ... } keys { string; ... } ; unix unsupported; // not implemented }; LOGGING logging { channel string { file log_file; syslog optional_facility; null; stderr; severity log_severity; print-time boolean; print-severity boolean; print-category boolean; }; category string { string; ... }; }; LWRES lwres { listen-on port integer { ( ipv4_address | ipv6_address ) port integer ; ... }; view string optional_class; search { string; ... }; ndots integer; }; OPTIONS options { avoid-v4-udp-ports { port; ... }; avoid-v6-udp-ports { port; ... }; blackhole { address_match_element; ... }; coresize size; datasize size; directory quoted_string; dump-file quoted_string; files size; heartbeat-interval integer; host-statistics boolean; // not implemented hostname ( quoted_string | none ); interface-interval integer; listen-on port integer { address_match_element; ... }; listen-on-v6 port integer { address_match_element; ... }; match-mapped-addresses boolean; memstatistics-file quoted_string; pid-file ( quoted_string | none ); port integer; querylog boolean; recursing-file quoted_string; random-device quoted_string; recursive-clients integer; serial-query-rate integer; server-id ( quoted_string | none |; stacksize size; statistics-file quoted_string; statistics-interval integer; // not yet implemented tcp-clients integer; tcp-listen-queue integer; tkey-dhkey quoted_string integer; tkey-gssapi-credential quoted_string; tkey-domain quoted_string; transfers-per-ns integer; transfers-in integer; transfers-out integer; use-ixfr boolean; version ( quoted_string | none ); allow-recursion { address_match_element; ... }; sortlist { address_match_element; ... }; topology { address_match_element; ... }; // not implemented auth-nxdomain boolean; // default changed minimal-responses boolean; recursion boolean; rrset-order { class string type string name quoted_string string string; ... }; provide-ixfr boolean; request-ixfr boolean; rfc2308-type1 boolean; // not yet implemented additional-from-auth boolean; additional-from-cache boolean; query-source querysource4; query-source-v6 querysource6; cleaning-interval integer; min-roots integer; // not implemented lame-ttl integer; max-ncache-ttl integer; max-cache-ttl integer; transfer-format ( many-answers | one-answer ); max-cache-size size_no_default; check-names ( master | slave | response ) ( fail | warn | ignore ); cache-file quoted_string; suppress-initial-notify boolean; // not yet implemented preferred-glue string; dual-stack-servers port integer { ( quoted_string port integer | ipv4_address port integer | ipv6_address port integer ); ... } edns-udp-size integer; root-delegation-only exclude { quoted_string; ... } ; disable-algorithms string { string; ... }; dnssec-enable boolean; dnssec-lookaside string trust-anchor string; dnssec-must-be-secure string boolean; dialup dialuptype; ixfr-from-differences ixfrdiff; allow-query { address_match_element; ... }; allow-transfer { address_match_element; ... }; allow-update-forwarding { address_match_element; ... }; notify notifytype; notify-source ( ipv4_address | * ) port ( integer | * ) ; notify-source-v6 ( ipv6_address | * ) port ( integer | * ) ; also-notify port integer { ( ipv4_address | ipv6_address ) port integer ; ... }; allow-notify { address_match_element; ... }; forward ( first | only ); forwarders port integer { ( ipv4_address | ipv6_address ) port integer ; ... }; max-journal-size size_no_default; max-transfer-time-in integer; max-transfer-time-out integer; max-transfer-idle-in integer; max-transfer-idle-out integer; max-retry-time integer; min-retry-time integer; max-refresh-time integer; min-refresh-time integer; multi-master boolean; sig-validity-interval integer; transfer-source ( ipv4_address | * ) port ( integer | * ) ; transfer-source-v6 ( ipv6_address | * ) port ( integer | * ) ; alt-transfer-source ( ipv4_address | * ) port ( integer | * ) ; alt-transfer-source-v6 ( ipv6_address | * ) port ( integer | * ) ; use-alt-transfer-source boolean; zone-statistics boolean; key-directory quoted_string; allow-v6-synthesis { address_match_element; ... }; // obsolete deallocate-on-exit boolean; // obsolete fake-iquery boolean; // obsolete fetch-glue boolean; // obsolete has-old-clients boolean; // obsolete maintain-ixfr-base boolean; // obsolete max-ixfr-log-size size; // obsolete multiple-cnames boolean; // obsolete named-xfer quoted_string; // obsolete serial-queries integer; // obsolete treat-cr-as-space boolean; // obsolete use-id-pool boolean; // obsolete }; VIEW view string optional_class { match-clients { address_match_element; ... }; match-destinations { address_match_element; ... }; match-recursive-only boolean; key string { algorithm string; secret string; }; zone string optional_class { ... }; server ( ipv4_address | ipv6_address ) { ... }; trusted-keys { string integer integer integer quoted_string; ... }; allow-recursion { address_match_element; ... }; sortlist { address_match_element; ... }; topology { address_match_element; ... }; // not implemented auth-nxdomain boolean; // default changed minimal-responses boolean; recursion boolean; rrset-order { class string type string name quoted_string string string; ... }; provide-ixfr boolean; request-ixfr boolean; rfc2308-type1 boolean; // not yet implemented additional-from-auth boolean; additional-from-cache boolean; query-source querysource4; query-source-v6 querysource6; cleaning-interval integer; min-roots integer; // not implemented lame-ttl integer; max-ncache-ttl integer; max-cache-ttl integer; transfer-format ( many-answers | one-answer ); max-cache-size size_no_default; check-names ( master | slave | response ) ( fail | warn | ignore ); cache-file quoted_string; suppress-initial-notify boolean; // not yet implemented preferred-glue string; dual-stack-servers port integer { ( quoted_string port integer | ipv4_address port integer | ipv6_address port integer ); ... }; edns-udp-size integer; root-delegation-only exclude { quoted_string; ... } ; disable-algorithms string { string; ... }; dnssec-enable boolean; dnssec-lookaside string trust-anchor string; dnssec-must-be-secure string boolean; dialup dialuptype; ixfr-from-differences ixfrdiff; allow-query { address_match_element; ... }; allow-transfer { address_match_element; ... }; allow-update-forwarding { address_match_element; ... }; notify notifytype; notify-source ( ipv4_address | * ) port ( integer | * ) ; notify-source-v6 ( ipv6_address | * ) port ( integer | * ) ; also-notify port integer { ( ipv4_address | ipv6_address ) port integer ; ... }; allow-notify { address_match_element; ... }; forward ( first | only ); forwarders port integer { ( ipv4_address | ipv6_address ) port integer ; ... }; max-journal-size size_no_default; max-transfer-time-in integer; max-transfer-time-out integer; max-transfer-idle-in integer; max-transfer-idle-out integer; max-retry-time integer; min-retry-time integer; max-refresh-time integer; min-refresh-time integer; multi-master boolean; sig-validity-interval integer; transfer-source ( ipv4_address | * ) port ( integer | * ) ; transfer-source-v6 ( ipv6_address | * ) port ( integer | * ) ; alt-transfer-source ( ipv4_address | * ) port ( integer | * ) ; alt-transfer-source-v6 ( ipv6_address | * ) port ( integer | * ) ; use-alt-transfer-source boolean; zone-statistics boolean; key-directory quoted_string; allow-v6-synthesis { address_match_element; ... }; // obsolete fetch-glue boolean; // obsolete maintain-ixfr-base boolean; // obsolete max-ixfr-log-size size; // obsolete }; ZONE zone string optional_class { type ( master | slave | stub | hint | forward | delegation-only ); file quoted_string; masters port integer { ( masters | ipv4_address port integer | ipv6_address port integer ) key string ; ... }; database string; delegation-only boolean; check-names ( fail | warn | ignore ); dialup dialuptype; ixfr-from-differences boolean; allow-query { address_match_element; ... }; allow-transfer { address_match_element; ... }; allow-update { address_match_element; ... }; allow-update-forwarding { address_match_element; ... }; update-policy { ( grant | deny ) string ( name | subdomain | wildcard | self ) string rrtypelist; ... }; notify notifytype; notify-source ( ipv4_address | * ) port ( integer | * ) ; notify-source-v6 ( ipv6_address | * ) port ( integer | * ) ; also-notify port integer { ( ipv4_address | ipv6_address ) port integer ; ... }; allow-notify { address_match_element; ... }; forward ( first | only ); forwarders port integer { ( ipv4_address | ipv6_address ) port integer ; ... }; max-journal-size size_no_default; max-transfer-time-in integer; max-transfer-time-out integer; max-transfer-idle-in integer; max-transfer-idle-out integer; max-retry-time integer; min-retry-time integer; max-refresh-time integer; min-refresh-time integer; multi-master boolean; sig-validity-interval integer; transfer-source ( ipv4_address | * ) port ( integer | * ) ; transfer-source-v6 ( ipv6_address | * ) port ( integer | * ) ; alt-transfer-source ( ipv4_address | * ) port ( integer | * ) ; alt-transfer-source-v6 ( ipv6_address | * ) port ( integer | * ) ; use-alt-transfer-source boolean; zone-statistics boolean; key-directory quoted_string; ixfr-base quoted_string; // obsolete ixfr-tmp-file quoted_string; // obsolete maintain-ixfr-base boolean; // obsolete max-ixfr-log-size size; // obsolete pubkey integer integer integer quoted_string; // obsolete }; FILES /etc/named.conf SEE ALSO named8 , rndc8 , BIND 9 Adminstrators Reference Manual .