unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (OSF1-V5.1-alpha)
Page:
Section:
Apropos / Subsearch:
optional field



named.conf(4)							named.conf(4)



NAME

  named.conf - named configuration file

SYNOPSIS

  /etc/named.conf

DESCRIPTION

  This file is the default configuration (or boot) file	for the	named server.
  This configuration file replaces the named.boot file.

  The named daemon reads the start-up file when	the named daemon starts	and
  when receiving signal	SIGHUP.

  The statements in the	named.conf file	tell the named daemon what type	of
  server it is,	which domains (or zones	of authority) it has authority over,
  and where to get the data for	initially setting up its database.

  The name server first	needs to know the root name server, which is the
  authority server for the network.  The root name server is established in
  the named.conf file by specifying the	root server filename (named.ca)	as
  the cache for	this name server.

  The named.conf file consists of a sequence of	statements terminated by a
  semi-colon (;) and comments.	Comments can be	specified by any of the	fol-
  lowing:

    +  A number	sign (#)

    +  The C-style /* and */ characters.

    +  The C++-style //	characters

  The types of named.conf statements are as follows:

  acl Defines a	named IP address matching list for access control and other
      uses.

  include
      Includes a file.

  key Specifies	key information	for use	in authentication and authorization.

  logging
      Specifies	the information	that the server	logs and the destination of
      the log messages.

  options
      Controls global server configuration options and sets defaults for
      other statements.

  server
      Sets certain configuration options on a per-server basis.

  zone
      Defines a	zone.

  The logging and options statements can occur only one	time in	a configura-
  tion file.  Many statements contain a	block of substatements,	which are
  also terminated with a semicolon.  See the BIND Configuration	Guide in the
  Tru64	UNIX HTML Documentation	Library	for additional information about the
  description and format of each statement.

  For examples of various ways of using	the named.conf file, see the EXAMPLES
  section.

  See named(8) for additional named.conf file directives.

  Note that the	named daemon does not provide other hosts with the informa-
  tion contained in a cache file.  Cache files are usually used	for listing
  the name servers for domains higher than the local domain.

  These	data files can have any	name.  However,	for convenience	in maintain-
  ing the named	database, they are generally given names in the	following
  form:	/etc/named.extension.  The general format of named data	files is
  described in /etc/named.*.

EXAMPLES

  The following	examples show the various ways to use the named	start-up
  file.

   1.  The /etc/named.conf file	for venus, a master name server	(that which
       used to be called a primary name	server), contains these	entries:
	    // Configuration (boot) file for master name server
	    //
	    zone "." {
		    type hint;
		    file "/etc/named.ca";
	    };

	    zone "abc.aus.osf.com" {
		    type master;
		    file "/etc/named.abcdata";
	    };

	    zone "xyz.aus.osf.com" {
		    type master;
		    file "/etc/named.xyzdata";
	    };

	    zone "201.9.192.in-addr.arpa" {
		    type master;
		    file "/etc/named.abcrev";
	    };

	    zone "100.114.128.in-addr.arpa" {
		    type master;
		    file "/etc/named.xyzrev";
	    };

	    zone "0.0.127.in-addr.arpa"	{
		    type master;
		    file "/etc/named.local";
	    };

       In this example,	the master name	server is venus	and the	Internet
       address is 192.9.201.1.

   2.  The /etc/named.conf file	for kronos, a slave name server	(that which
       used to be called a secondary name server), contains these entries:
	    // Configuration (boot) file for slave name	server
	    //
	    zone "." {
		    type hint;
		    file "/etc/named.ca";
	    };

	    zone "abc.aus.osf.com" {
		    type slave;
		    file "192.9.201.2";
		    masters {
			    192.9.201.1;
		    };
	    };

	    zone "xyz.aus.osf.com" {
		    type slave;
		    file "192.9.201.2";
		    masters {
			    192.9.201.1;
		    };
	    };

	    zone "201.9.192.in-addr.arpa" {
		    type slave;
		    file "192.9.201.2";
		    masters {
			    192.9.201.1;
		    };
	    };

	    zone "100.114.128.in-addr.arpa" {
		    type slave;
		    file "192.9.201.2";
		    masters {
			    192.9.201.1;
		    };
	    };

	    zone "0.0.127.in-addr.arpa"	{
		    type master;
		    file "/etc/named.local";
	    };

       In this example the slave name server is	kronos and the Internet
       address is 192.9.201.2.

   3.  The /etc/named.conf file	for hera, a caching-only name server contains
       these entries:
	    // Configuration (boot) file for caching-only server
	    //
	    zone "." {
		    type hint;
		    file "/etc/named.ca";
	    };

	    zone "0.0.127.in-addr.arpa"	{
		    type master;
		    file "/etc/named.local";
	    };

   4.  The /etc/named.conf file	for titan, an IPv4 master name server that
       accepts secure dynamic updates from new clients,	contains these
       entries:

					Note

	    It is recommended that you do not enable authentication for
	    IPv6 zones that are	dynamically updated.  See
	    bind_manual_setup(7) for more information.

	    // Configuration (boot) file for master name server
	    //
	    include "/etc/namedb/named.keys";

	    zone "." {
		    type hint;
		    file "/etc/named.ca";
	    };

	    zone "dyn.aus.osf.com" {
		    type master;
		    file "/etc/named.dyndata";
		    allow-update {
			    dynnet-titan_update	};
	    };

	    zone "201.9.192.in-addr.arpa" {
		    type master;
		    file "/etc/named.dynrev";
		    allow-update {
			    dynnet-titan_update	};
	    };

	    zone "0.0.127.in-addr.arpa"	{
		    type master;
		    file "/etc/named.local";
	    };

       The allow-update	substatement in	the zone statements specifies that
       dynamic updates to the master DNS database are successful only if they
       are signed with the dynnet-titan_update key.

       The include statement calls named.keys, a file that is read/writable
       only by superuser and contains the following key	configuration state-
       ment:
	    key	dynnet-titan_update {
		algorithm hmac-md5;
		secret "YYnTXprDocI5qizxfT9/A8f9Ec+eq0Oo1DGXvks/Q27kTMMYKw=="
	    };

       You generate a private key for the secret substatement by using the
       dnskeygen command.

       See the Network Administration: Services	manual or
       bind_manual_setup(7) for	more information about configuring secure
       dynamic updates.

RELATED	INFORMATION

  Commands: named(8), dnskeygen(1).

  Files: named.star(4).

  Networking: bind_manual_setup(7).

  Network Administration: Services