Return to named.conf CVS log | Up to [cvs.NetBSD.org] / src / etc |
File: [cvs.NetBSD.org] / src / etc / named.conf (download)
Revision 1.5.10.1, Sun Jan 16 13:00:39 2011 UTC (13 years, 3 months ago) by bouyer
Pull up following revision(s) (requested by spz in ticket #1528): etc/named.conf: revision 1.6 etc/mtree/special: revision 1.133 Enable dnssec, and populate managed-keys.bind Add directory for bind's managed keys. |
# $NetBSD: named.conf,v 1.5.10.1 2011/01/16 13:00:39 bouyer Exp $ # boot file for secondary name server # Note that there should be one primary entry for each SOA record. options { directory "/etc/namedb"; dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; managed-keys-directory "keys"; allow-recursion { localhost; localnets; }; # # This forces all queries to come from port 53; might be # needed for firewall traversals but should be avoided if # at all possible because of the risk of spoofing attacks. # #query-source address * port 53; }; zone "." { type hint; file "root.cache"; }; zone "localhost" { type master; file "localhost"; }; zone "127.IN-ADDR.ARPA" { type master; file "127"; }; zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" { type master; file "loopback.v6"; }; # example secondary server config: # # zone "Berkeley.EDU" { # type slave; # file "berkeley.edu.cache"; # masters { # 128.32.130.11; # 128.32.133.1; # }; # }; # zone "32.128.IN-ADDR.ARPA" { # type slave; # file "128.32.cache"; # masters { # 128.32.130.11; # 128.32.133.1; # }; # }; # example primary server config: # # zone "Berkeley.EDU" { # type master; # file "berkeley.edu"; # }; # zone "32.128.IN-ADDR.ARPA" { # type master; # file "128.32"; # };