 |
Index for
Section 4 |
|
 |
Alphabetical
listing for N |
|
 |
Bottom of
page |
|
named.conf(4)
NAME
named.conf - named configuration file
SYNOPSIS
/etc/namedb/named.conf
DESCRIPTION
This file is the default configuration (or boot) file for the named server.
This configuration file replaces the named.boot file.
The named daemon reads the start-up file when the named daemon starts and
when receiving signal SIGHUP.
The statements in the named.conf file tell the named daemon what type of
server it is, which domains (or zones of authority) it has authority over,
and where to get the data for initially setting up its database.
The name server first needs to know the root name server, which is the
authority server for the network. The root name server is established in
the named.conf file by specifying the root server filename (named.ca) as
the cache for this name server.
The named.conf file consists of a sequence of statements terminated by a
semi-colon (;) and comments. Comments can be specified by any of the
following:
· A number sign (#)
· The C-style /* and */ characters.
· The C++-style // characters
The types of named.conf statements are as follows:
acl Defines a named IP address matching list for access control and other
uses.
include
Includes a file.
key Specifies key information for use in authentication and authorization.
logging
Specifies the information that the server logs and the destination of
the log messages.
options
Controls global server configuration options and sets defaults for
other statements.
server
Sets certain configuration options on a per-server basis.
zone
Defines a zone.
The logging and options statements can occur only one time in a
configuration file. Many statements contain a block of substatements,
which are also terminated with a semicolon. See the BIND Configuration
Guide in the Tru64 UNIX HTML Documentation Library for additional
information about the description and format of each statement.
For examples of various ways of using the named.conf file, see the EXAMPLES
section.
See named(8) for additional named.conf file directives.
Note
If you manually edit the named.conf file and later modify your BIND
configuration with the SysMan Menu (see bindconfig(8)), your changes
will be overwritten.
EXAMPLES
The following examples show the various ways to use the named start-up
file.
1. The /etc/namedb/named.conf file for venus, a master name server (that
which used to be called a primary name server), contains these
entries:
// Configuration (boot) file for master name server
//
zone "." {
type hint;
file "/etc/named.ca";
};
zone "abc.aus.osf.com" {
type master;
file "/etc/named.abcdata";
};
zone "xyz.aus.osf.com" {
type master;
file "/etc/named.xyzdata";
};
zone "201.9.192.in-addr.arpa" {
type master;
file "/etc/named.abcrev";
};
zone "100.114.128.in-addr.arpa" {
type master;
file "/etc/named.xyzrev";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "/etc/named.local";
};
In this example, the master name server is venus and the Internet
address is 192.9.201.1.
2. The /etc/namedb/named.conf file for kronos, a slave name server (that
which used to be called a secondary name server), contains these
entries:
// Configuration (boot) file for slave name server
//
zone "." {
type hint;
file "/etc/named.ca";
};
zone "abc.aus.osf.com" {
type slave;
file "192.9.201.2";
masters {
192.9.201.1;
};
};
zone "xyz.aus.osf.com" {
type slave;
file "192.9.201.2";
masters {
192.9.201.1;
};
};
zone "201.9.192.in-addr.arpa" {
type slave;
file "192.9.201.2";
masters {
192.9.201.1;
};
};
zone "100.114.128.in-addr.arpa" {
type slave;
file "192.9.201.2";
masters {
192.9.201.1;
};
};
zone "0.0.127.in-addr.arpa" {
type master;
file "/etc/named.local";
};
In this example the slave name server is kronos and the Internet
address is 192.9.201.2.
3. The /etc/namedb/named.conf file for hera, a caching-only name server
contains these entries:
// Configuration (boot) file for caching-only server
//
zone "." {
type hint;
file "/etc/named.ca";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "/etc/named.local";
};
4. The /etc/namedb/named.conf file for titan, an IPv4 master name server
that accepts secure dynamic updates from new clients, contains these
entries:
Note
It is recommended that you do not enable authentication for IPv6
zones that are dynamically updated. See bind_manual_setup(7) for
more information.
// Configuration (boot) file for master name server
//
include "/etc/namedb/named.keys";
zone "." {
type hint;
file "/etc/named.ca";
};
zone "dyn.aus.osf.com" {
type master;
file "/etc/named.dyndata";
allow-update {
dynnet-titan_update };
};
zone "201.9.192.in-addr.arpa" {
type master;
file "/etc/named.dynrev";
allow-update {
dynnet-titan_update };
};
zone "0.0.127.in-addr.arpa" {
type master;
file "/etc/named.local";
};
The allow-update substatement in the zone statements specifies that
dynamic updates to the master DNS database are successful only if they
are signed with the dynnet-titan_update key.
The include statement calls named.keys, a file that is read/writable
only by superuser and contains the following key configuration
statement:
key dynnet-titan_update {
algorithm hmac-md5;
secret "YYnTXprDocI5qizxfT9/A8f9Ec+eq0Oo1DGXvks/Q27kTMMYKw=="
};
You generate a private key for the secret substatement by using the
dnskeygen command.
See the Network Administration: Services manual or
bind_manual_setup(7) for more information about configuring secure
dynamic updates.
SEE ALSO
Commands: bindconfig(8), named(8), dnskeygen(1)
Networking: bind_manual_setup(7)
Network Administration: Services
|
Index for
Section 4 |
|
|
Alphabetical
listing for N |
|
 |
Top of
page |
|