HP-UX Reference (11i v3 07/02) - 4 File Formats (vol 8)

n
named.conf(4) named.conf(4)
(BIND 9.3)
specified, the transfer-format
specified by the
options statement is used.
transfer-source
, transfer-source-v6
Specify the IPv4 and IPv6 source address to be used for zone transfer with the remote
server, respectively. For an IPv4 remote server, only
transfer-source can be
specified. Similarly, for an IPv6 remote server, only
transfer-source-v6
can be
specified.
transfers Limits the number of concurrent inbound zone transfers from the specified server. If no
transfers clause is specified, the limit is set according to the
transfers-per-ns
option.
The trusted-keys Statement
trusted-keys Statement Grammar
trusted-keys {
( domain_name flags protocol algorithm key_data ; )...
};
trusted-keys Statement Definition and Usage
The
trusted-keys statement defines DNSSEC security roots. A security root is defined when the pub-
lic key for a nonauthoritative zone is known, but cannot be securely obtained through DNS, either because
it is the DNS root zone or its parent zone is unsigned. Once a key has been configured as a trusted key, it
is treated as if it had been validated and proven secure. The resolver attempts DNSSEC validation on all
DNS data in subdomains of a security root.
The trusted-keys statement can contain multiple key entries, each consisting of the key’s five parame-
ters: domain_name (string), flags (number), protocol (number), algorithm (number), and the base-64
representation of the key_data (string).
The view Statement
view Statement Grammar
view view_name [ class ] {
[ match-clients { address_match_list };]
[ match-destinations { address_match_list };]
[ match-recursive-only { yes_or_no };]
[ view_option ; ]...
[ zone_statement ; ]...
};
view Statement Definition and Usage
The
view statement lets a name server answer a DNS query differently depending on who is asking. It is
particularly useful for implementing split DNS setups without having to run multiple servers. Each view
statement defines a view of the DNS name space that will be seen by a subset of clients. The order of the
view statements is significant; a client request will be resolved in the context of the first view that it
matches.
view_name A name for the view.
class Views are class-specific. If no class is given, class IN is assumed. Note that all non-IN
views must contain a hint zone, since only the IN class has compiled-in default hints.
match-clients, match-destinations
A client matches a view if its source IP address matches the address_match_list of the
view statement’s match-clients clause and its destination IP address matches the
address_match_list of the view statement’s match-destinations
clause.
If not specified,
match-clients and match-destinations
each default to match-
ing all addresses.
match-recursive-only
Means that only recursive requests from matching clients match that view.
view_option Many of the options given in the options statement can also be used within a view
statement, and then apply only when resolving queries with that view. When no view-
specific value is given, the value in the options statement is used as a default. Also,
HP-UX 11i Version 3: February 2007 23 Hewlett-Packard Company 255