named.conf.4 (2010 09)
n
named.conf(4) named.conf(4)
(BIND 9.3)
The rules for legal host names and mail domains are derived from RFC 952 and RFC 821
as modified by RFC 1123.
check-names applies to the owner names of
A, AAAA, and MX records. It also applies
to the domain names in the rrdata of
NS, SOA, and MX, records. It also applies to the
rrdata of
PTR records where the owner name indicated that it is a reverse lookup of a
host name (the owner name ends in IN-ADDR.ARPA
, IP6.ARPA, IP6.INT).
dialup If yes, then the server treats all zones as if they are doing zone transfers across a dial-
on-demand dialup link, which can be brought up by traffic originating from this server.
This has different effects according to zone type and concentrates the zone maintenance
so that it all happens in a short interval, once every
heartbeat-interval
and hope-
fully during the one call. It also suppresses some of the normal zone maintenance traffic.
The default is
no.
The
dialup option may also be specified in
view and zone statements, in which case,
it overrides the global dialup option.
If the zone is a master zone, then the server will send out a NOTIFY request to all the
slaves. This will trigger the zone serial number check in the slave (provided it supports
NOTIFY), allowing the slave to verify the zone while the connection is active.
If the zone is a slave or stub zone, then the server will suppress the regular "zone up to
date" (refresh) queries and only perform them when the
heartbeat-interval
expires in addition to sending NOTIFY requests.
Finer control can be achieved by using
notify, which only sends NOTIFY messages;
notify-passive, which sends NOTIFY messages and suppresses the normal refresh
queries; refresh, which suppresses normal refresh processing and sends refresh
queries when the heartbeat-interval expires; and
passive, which just disables normal
refresh processing.
dnssec-enable
Enable DNSSEC support in named. Unless set to yes, named behaves as if it does not
support DNSSEC. The default is no.
flush-zones-on-shutdown
If yes, flush any pending zone writes when the name server exits due to receiving a
SIGTERM. The default is no, do not flush on SIGTERM.
match-mapped-addresses
If yes, then an IPv4-mapped IPv6 address will match any address match list entries that
match the corresponding IPv4 address.
minimal-responses
If yes, the server will only add records to the authority when generating responses and
additional data sections when they are required (for example, delegations, negative
responses). This may improve the performance of the server. The default is no.
notify If yes (the default), DNS NOTIFY messages are sent when a zone for which the server is
authoritative, changes. The messages are sent to the servers listed in the zone’s NS
records (except the master server identified in the SOA MNAME field), and to any servers
listed in the also-notify option. If explicit is specified, NOTIFY messages are
sent only to servers explicitly listed using also-notify.Ifno, no NOTIFY messages
are sent.
The
notify option may also be specified in the zone statement, in which case it over-
rides the notify specified in the options statement. It needs to be turned off only
when the slaves crash.
provide-ixfr
Determines whether the local server, acting as master, will respond with an incremental
zone transfer when the given remote server, a slave, requests it. If yes, an incremental
transfer will be provided whenever possible. If no, all transfers to the remote server will
be nonincremental. If not set in a server statement, the value of the provide-ixfr
option in the view or global options statement is used as a default.
querylog If yes, start query logging when named starts. If no, do not start query logging when
named starts. If querylog is not specified, query logging is determined from the
14 Hewlett-Packard Company − 14 − HP-UX 11i Version 3: September 2010