contrib/zkt/examples/flat/named.conf


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109

/*****************************************************************
**
**      #(@)    named.conf	(c) 6. May 2004 (hoz)
**
*****************************************************************/

/*****************************************************************
**      logging options
*****************************************************************/
logging {
        channel "named-log" {
                file "/var/log/named" versions 3 size 2m;
                print-time yes;
                print-category yes;
                print-severity yes;
                severity info;
        };
        channel "resolver-log" {
                file "/var/log/named";
                print-time yes;
                print-category yes;
                print-severity yes;
                severity debug 1;
        };
        channel "dnssec-log" {
#                file "/var/log/named-dnssec" ;
                file "/var/log/named" ;
                print-time yes;
                print-category yes;
                print-severity yes;
                severity debug 3;
        };
        category "dnssec" { "dnssec-log"; };
        category "default" { "named-log"; };
        category "resolver" { "resolver-log"; };
        category "client" { "resolver-log"; };
        category "queries" { "resolver-log"; };
};

/*****************************************************************
**      name server options
*****************************************************************/
options {
	directory ".";

	dump-file "/var/log/named_dump.db";
	statistics-file "/var/log/named.stats";

	listen-on-v6 { any; };

	query-source address * port 53;
	transfer-source * port 53;
	notify-source * port 53;

	recursion yes;
	dnssec-enable yes;
	edns-udp-size 4096;

#	dnssec-lookaside "." trust-anchor "trusted-keys.de.";

	querylog yes;

};

/*****************************************************************
**      include shared secrets...
*****************************************************************/
/**      for control sessions ...	**/
controls {
 	inet 127.0.0.1 
 		allow { localhost; };
 	inet ::1 
 		allow { localhost; };
};

/*****************************************************************
**      ... and trusted_keys
*****************************************************************/
# include "trusted-keys.conf" ;

/*****************************************************************
**      root server hints and required 127 stuff
*****************************************************************/
zone "." in {
	type hint;
	file "root.hint";
};

zone "localhost" in {
	type master;
	file "localhost.zone";
};

zone "0.0.127.in-addr.ARPA" in {
	type master;
	file "127.0.0.zone";
};

#include "zone.conf";

zone "example.NET." in {
	type master;
	file "example.net/zone.db.signed";
};

zone "sub.example.NET." in {
	type master;
	file "sub.example.net/zone.db.signed";
};