# # $Id: named.conf,v 1.2 2003/01/15 05:23:47 elkner Exp $ # # file: /etc/named.conf # # example boot file for an intranet name server for the domain my.dom.ain # with an address pool of 192.168.0.0/16 # # last change: ... acl "trusted" { 127.0.0.1; localhost; 192.168.100.1; 192.168.100.2; }; acl "bogos" { 0.0.0.0/8; # // Null address 1.0.0.0/8; # // IANA reserved, popular fakes 2.0.0.0/8; 192.0.2.0/24; # // Test address 224.0.0.0/3; # // Multicast addresses # // Enterprise networks may or may not be bogus. 10.0.0.0/8; 172.16.0.0/12; # 192.168.0.0/16; # not bogus - the intranet }; options { directory "/var/named"; # here we store all files pid-file "/var/run/named.pid"; dump-file "/var/log/named/dump.db"; statistics-file "/var/log/named/stats"; # memstatistics-file "/var/log/named/memstats"; datasize 20M; # deallocate-on-exit yes; # check-names master warn; # recursion no; # fetch-glue no; notify yes; allow-query { any; }; allow-transfer { trusted; }; blackhole { bogos; }; # forwarders { IP-Address-of-the-name-server-for-non-intranet-hosts; }; listen-on { 127.0.0.1; 192.168.100.1; }; }; logging { channel my_default { file "/var/log/named/default" versions 3 size 10m; print-time yes; print-category yes; print-severity yes; severity info; }; channel my_general { file "/var/log/named/general" versions 3 size 10m; print-time yes; print-category yes; print-severity yes; severity info; }; channel my_database { file "/var/log/named/database" versions 3 size 10m; print-time yes; print-category yes; print-severity yes; severity info; }; channel my_security { file "/var/log/named/security" versions 3 size 10m; print-time yes; print-category yes; print-severity yes; }; channel my_resolver { file "/var/log/named/resolver" versions 3 size 10m; print-time yes; print-category yes; print-severity yes; severity info; }; channel my_xfer-in { file "/var/log/named/xfer_in" versions 3 size 10m; print-time yes; print-category yes; print-severity yes; severity info; }; channel my_xfer-out { file "/var/log/named/xfer_out" versions 3 size 10m; print-time yes; print-category yes; print-severity yes; severity info; }; channel my_notify { file "/var/log/named/notify" versions 3 size 10m; print-time yes; print-category yes; print-severity yes; severity info; }; channel my_client { file "/var/log/named/client" versions 3 size 10m; print-time yes; print-category yes; print-severity yes; severity info; }; channel my_network { file "/var/log/named/network" versions 3 size 10m; print-time yes; print-category yes; print-severity yes; severity info; }; channel my_update { file "/var/log/named/update" versions 3 size 10m; print-time yes; print-category yes; print-severity yes; severity info; }; channel my_config { file "/var/log/named/config" versions 3 size 10m; print-time yes; print-category yes; print-severity yes; severity info; }; category "default" { "default_debug"; "my_default";}; category "general" { "my_general"; }; # category "database { "my_database"; }; category "security" { "default_syslog"; "my_security"; }; category "config" { "my_config"; }; category "resolver" { "my_resolver"; }; category "xfer-in" { "my_xfer-in"; }; category "xfer-out" { "my_xfer-out"; }; category "notify" { "my_notify"; }; category "client" { "my_client"; }; category "network" { "my_network"; }; category "update" { "my_update"; }; }; zone "." { type hint; file "root.caches"; }; # primary service # --------------- zone "localhost" IN { type master; file "localhost"; # check-names fail; allow-update { none; }; allow-transfer { any; }; }; zone "0.0.127.in-addr.arpa" { type master; file "127.0.0.1"; # // Every DNS server should be a master for 127.0.0.0/24 allow-transfer { none; }; # check-names fail; allow-update { none; }; }; # # primaries service # ----------------- # zone "my.dom.ain" { type master; file "master/my.dom.ain"; allow-query { any; }; allow-transfer { localhost; trusted; }; }; zone "100.168.192.in-addr.arpa" { type master; file "master/192.168.100.0"; allow-query { any; }; allow-transfer { localhost; trusted; }; }; # # secondary service # ----------------- # zone "another.dom.ain" { type slave; file "secondaries/another.dom.ain"; masters { IP-address-of-the-primary-name-server; }; allow-query { any; }; allow-transfer { localhost; trusted; }; };