HP-UX Reference (11i v3 07/02) - 4 File Formats (vol 8)

ManualsBrandsHP ManualsSoftwareHP-UX Reference Manuals

251

252

253

254

255

256

257

258

259

260

named.conf(4) named.conf(4)

(BIND 9.3)

sortlist {

{ localhost; localnets; };

{ localnets; };

};

Tuning Options

edns-udp-size

Sets the advertised Extended DNS (EDNS) UDP buffer size in bytes. Valid values are 512

to 4096 (values outside this range will be silently adjusted). The default value is 4096. The

usual reason for setting edns-udp-size

to a nondefault value is to get UDP answers to

pass through broken ﬁrewalls that block fragmented packets and/or block UDP packets

that are greater than 512 bytes.

lame-ttl Sets the number of seconds to cache a lame server indication. 0 disables caching. (This is

not recommended.) The default is 600 (10 minutes). The maximum value is 1800 (30

minutes). (See the

lame-servers keyword in The Category Phrase section.)

max-cache-ttl

Sets the maximum time in seconds for which the server will cache ordinary (positive)

answers. The default is one week (7 days).

max-ncache-ttl

To reduce network trafﬁc and increase performance, the server stores negative answers.

max-ncache-ttl is used to set a maximum retention time for these answers in the

server in seconds. The default is 10800 seconds (3 hours). The maximum is 7 days and will

be truncated to 7 days if set to a greater value.

max-refresh-time

, max-retry-time, min-refresh-time, min-retry-time

These options control the server’s behavior on refreshing a zone (querying for SOA changes)

or retrying failed transfers. Usually the SOA values for the zone are used, but these values

are set by the master, giving slave server administrators little control over their contents.

These options allow the administrator to set a minimum and maximum refresh and retry

time either per-zone, per-view, or per-server. These options are valid for master, slave and

stub zones, and clamp the SOA refresh and retry times to the speciﬁed values.

sig-validity-interval

Speciﬁes the number of days into the future when DNSSEC signatures that were automati-

cally generated as a result of dynamic updates will expire. The default is 30 days. The

maximum is 10 years (3660 days). The signature inception time is unconditionally set to

one hour before the current time to allow for a limited amount of clock skew.

Zone Transfer Options

BIND has mechanisms in place to facilitate zone transfers and set limits on the amount of load that

transfers place on the system. The following options apply to zone transfers.

also-notify

Deﬁnes a global list of IP addresses of name servers that are also sent NOTIFY messages

whenever a fresh copy of the zone is loaded, in addition to the servers listed in the zone’s

NS records. This helps to ensure that copies of the zones will quickly converge on stealth

servers. If an also-notify list is given in a zone statement, it will override the

options also-notify statement. When a zone notify statement is set to no, the

IP addresses in the global also-notify list will not be sent NOTIFY messages for that

zone. The default is the empty list (no global notiﬁcation list).

alt-transfer-source

An alternate transfer source if the one listed in transfer-source fails and use-

alt-transfer-source

is set.

alt-transfer-source-v6

An alternate transfer source if the one listed in transfer-source-v6 fails and use-

alt-transfer-source

is set.

max-transfer-idle-in

Inbound zone transfers making no progress in this many minutes will be terminated. The

default is 60 minutes (1 hour). The maximum value is 28 days (40320 minutes).

252 Hewlett-Packard Company − 20 − HP-UX 11i Version 3: February 2007