DekGenius.com
I l@ve RuBoard Previous Section Next Section

E.3 BIND 8 Configuration File Statements

E.3.1 acl

Function:

Creates a named address match list

Syntax:
acl name {
   address_match_list;
};

Covered in Chapter 10, and Chapter 11.

E.3.2 controls (8.2+)

Function:

Configures a channel used by ndc to control the name server

Syntax:
controls {
   [ inet ( ip_addr | * ) port ip_port allow address_match_list; ]
   [ unix path_name perm number owner number group number; ]
};

Covered in Chapter 7.

E.3.3 include

Function:

Inserts the specified file at the point that the include statement is encountered

Syntax:
include path_name;

Covered in Chapter 7.

E.3.4 key (8.2+)

Function:

Defines a key ID that can be used in a server statement or an address match list to associate a TSIG key with a particular name server

Syntax:
key key_id {
  algorithm algorithm_id;
  secret secret_string;
};

Covered in Chapter 10, and Chapter 11.

E.3.5 logging

Function:

Configures the name server's logging behavior

Syntax:
logging {
  [ channel channel_name {
    ( file path_name
       [ versions ( number | unlimited ) ]
       [ size size_spec ]
     | syslog ( kern | user | mail | daemon | auth | syslog | lpr |
                news | uucp | cron | authpriv | ftp |
                local0 | local1 | local2 | local3 |
                local4 | local5 | local6 | local7 )
     | null );

    [ severity ( critical | error | warning | notice |
                 info  | debug [ level ] | dynamic ); ]
    [ print-category yes_or_no; ]
    [ print-severity yes_or_no; ]
    [ print-time yes_or_no; ]
  }; ]

  [ category category_name {
    channel_name; [ channel_name; ... ]
  }; ]
  ...
};

Covered in Chapter 7.

E.3.6 options

Function:

Configures global options

Syntax:
options {
  [ allow-query { address_match_list }; ]
  [ allow-recursion { address_match_list }; ]
  [ allow-transfer { address_match_list }; ]
  [ also-notify { ip_addr; [ ip_addr; ... ] }; ]
  [ auth-nxdomain yes_or_no; ]
  [ blackhole { address_match_list }; ]
  [ check-names ( master | slave | response ) ( warn | fail | ignore ); ]
  [ cleaning-interval number; ]
  [ coresize size_spec; ]
  [ datasize size_spec; ]
  [ deallocate-on-exit yes_or_no; ]
  [ dialup yes_or_no; ]
  [ directory path_name; ]
  [ dump-file path_name; ]
  [ fake-iquery yes_or_no; ]
  [ fetch-glue yes_or_no; ]
  [ files size_spec; ]
  [ forward ( only | first ); ]
  [ forwarders { [ ip_addr ; [ ip_addr ; ... ] ] }; ]
  [ has-old-clients yes_or_no; ]
  [ heartbeat-interval number; ]
  [ host-statistics yes_or_no; ]
  [ interface-interval number; ]
  [ lame-ttl number; ]
  [ listen-on [ port ip_port ] { address_match_list }; ]
  [ maintain-ixfr-base yes_or_no; ]
  [ max-ixfr-log-size number; ]
  [ max-ncache-ttl number; ]
  [ max-transfer-time-in number; ]
  [ memstatistics-file path_name; ]
  [ min-roots number; ]
  [ multiple-cnames yes_or_no; ]
  [ named-xfer path_name; ]
  [ notify yes_or_no; ]
  [ pid-file path_name; ]
  [ query-source [ address ( ip_addr | * ) ] [ port ( ip_port | * ) ]; ]
  [ recursion yes_or_no; ]
  [ rfc2308-type1 yes_or_no; ]
  [ rrset-order { order_spec; [ order_spec; ... ] }; ]
  [ serial-queries number; ]
  [ sortlist { address_match_list }; ]
  [ stacksize size_spec; ]
  [ statistics-file path_name; ]
  [ statistics-interval number; ]
  [ topology { address_match_list }; ]
  [ transfer-format ( one-answer | many-answers ); ]
  [ transfer-source ( ip_addr | * ); ]
  [ transfers-in  number; ]
  [ transfers-per-ns number; ]
  [ treat-cr-as-space yes_or_no; ]
  [ use-id-pool yes_or_no; ]
  [ use-ixfr yes_or_no; ]
  [ version version_string; ]
};

Covered in Chapter 4, Chapter 10, Chapter 11, and Chapter 16.

E.3.7 server

Function:

Defines the characteristics to be associated with a remote name server

Syntax:
server ip_addr {
  [ bogus yes_or_no; ]
  [ keys { key_id [ key_id ... ] }; ]
  [ support-ixfr yes_or_no; ]
  [ transfer-format ( one-answer | many-answers ); ]
};

Covered in Chapter 10, and Chapter 11.

E.3.8 trusted-keys (8.2+)

Function:

Configures the public keys of security roots for use in DNSSEC

Syntax:
trusted-keys {
  domain-name flags protocol_id algorithm_id public_key_string;
  [ domain-name flags protocol_id algorithm_id public_key_string; [ ... ] ]
};

Covered in Chapter 11.

E.3.9 zone

Function:

Configures the zones maintained by the name server

Syntax:
zone "domain_name" [ ( in | hs | hesiod | chaos ) ] {
  type master;
  file path_name;
  [ allow-query { address_match_list }; ]
  [ allow-transfer { address_match_list }; ]
  [ allow-update { address_match_list }; ]
  [ also-notify { ip_addr; [ ip_addr; ... ]     
  [ check-names ( warn | fail | ignore ); ]
  [ dialup yes_or_no | notify; ]
  [ forward ( only | first ); ]
  [ forwarders { [ ip_addr; [ ip_addr; ... ] ] }; ]
  [ ixfr-base path_name; ]
  [ ixfr-tmp-file path_name; ]
  [ maintain-ixfr-base yes_or_no; ]
  [ notify yes_or_no; ]
  [ pubkey flags protocol_id algorithm_id public_key_string; ]
};

zone "domain_name" [ ( in | hs | hesiod | chaos ) ] {
  type slave;
  masters [ port ip_port ] { ip_addr; [ ip_addr; ... ] };
  [ allow-query { address_match_list }; ]
  [ allow-transfer { address_match_list }; ]
  [ allow-update { address_match_list }; ]
  [ also-notify { ip_addr; [ ip_addr; ... ] };
  [ check-names ( warn | fail | ignore ); ]
  [ dialup yes_or_no; ]
  [ file path_name; ]
  [ forward ( only | first ); ]
  [ forwarders { [ ip_addr; [ ip_addr; ... ] ] }; ]
  [ ixfr-base path_name; ]
  [ max-transfer-time-in number; ]
  [ notify yes_or_no; ]
  [ pubkey flags protocol_id algorithm_id public_key_string; ]
  [ transfer-source ip_addr; ]
};

zone "domain_name" [ ( in | hs | hesiod | chaos ) ] {
  type stub;
  masters [ port ip_port ] { ip_addr; [ ip_addr; ... ] };
  [ allow-query { address_match_list }; ]
  [ allow-transfer { address_match_list }; ]
  [ allow-update { address_match_list }; ]
  [ check-names ( warn | fail | ignore ); ]
  [ dialup yes_or_no; ]
  [ file path_name; ]
  [ forward ( only | first ); ]
  [ forwarders { [ ip_addr ; [ ip_addr ; ... ] ] }; ]
  [ max-transfer-time-in number; ]
  [ pubkey flags protocol_id algorithm_id public_key_string; ]
  [ transfer-source ip_addr; ]
};

zone "domain_name" [ ( in | hs | hesiod | chaos ) ] {
  type forward;
  [ forward ( only | first ); ]
  [ forwarders { [ ip_addr ; [ ip_addr ; ... ] ] }; ]
};

zone "." [ ( in | hs | hesiod | chaos ) ] {
  type hint;
  file path_name;
  [ check-names ( warn | fail | ignore ); ]
};

Covered in Chapter 4, and Chapter 10.

    I l@ve RuBoard Previous Section Next Section