HP-UX Reference (11i v3 07/02) - 4 File Formats (vol 8)
n
named.conf(4) named.conf(4)
(BIND 9.3)
stub children of that zone. This meant that, in some cases, users could get away with
configuring child stubs only in the master server for the parent zone. BIND 9 never mixes
together zone data from different zones in this way. Therefore, if a BIND 9 master serving
a parent zone has child stub zones configured, all the slave servers for the parent zone also
need to have the same child stub zones configured.
Stub zones can also be used to force the resolution of a given domain to use a particular set
of authoritative servers. For example, the caching name servers on a private network
using RFC 2157 addressing may be configured with stub zones for
10.in-addr.arpa
to
use a set of internal name servers as the authoritative servers for that domain.
type forward
A forward zone can be used to configure forwarding on a per-domain basis. A zone state-
ment of type forward can contain a forward
and/or forwarders statement, which
will apply to queries within the domain given by the zone name. If no
forwarders state-
ment is present or an empty list of forwarders is given, then no forwarding will be done for
the domain, canceling the effects of any forwarders in the
options statement. Thus, if
you want to use this type of zone to change the behavior of the global
forward option
(that is,
forward first, then forward only, or vice versa, but want to use the
same servers as set globally), you need to respecify the global forwarders.
type hint The initial set of root name servers is specified using a hint zone. When the server starts
up, it uses the root hints to find a root name server and get the most recent list of root
name servers. If no hint zone is specified for class IN, the server uses a compiled-in default
set of root servers hints. Classes other than IN have no built-in defaults hints.
type delegation-only
This is used to enforce the delegation-only status of infrastructure zones (for example,
COM,
NET, ORG). Any answer that is received without a explicit or implicit delegation in the
authority section will be treated as NXDOMAIN. This does not apply to the zone apex.
This should not be applied to leaf zones. delegation-only
has no effect on answers
received from forwarders.
allow-notify
See the description in The options Statement section.
allow-query
See the description in The options Statement section.
allow-transfer
See the description in The options Statement section.
allow-update
Specifies which hosts are allowed to submit Dynamic DNS updates for master zones. The
default is to deny updates from all hosts. Please note that this option is not applicable for
slave zones. See the Dynamic Update Policies section for more details.
allow-update-forwarding
Specifies which hosts are allowed to submit Dynamic DNS updates to slave zones to be for-
warded to the master. The default is {none;}, which means that no update forwarding
will be performed. To enable update forwarding, specify allow-update-forwarding
{any;};
. Specifying values other than {none;} or {any;} is usually counterproduc-
tive, since the responsibility for update access control should rest with the master server,
not the slaves. Note that enabling the update forwarding feature on a slave server may
expose master servers that rely on insecure IP-address-based access control to attacks.
also-notify
Only meaningful if notify is active for this zone. The set of machines that will receive a
DNS NOTIFY message for this zone is made up of all the listed name servers (other than
the primary master) for the zone plus any IP addresses specified with also-notify .A
port may be specified with each also-notify address to send the notify messages to a
port other than the default of 53. also-notify is not meaningful for stub zones. The
default is the empty list.
alt-transfer-source
See the description in The options Statement section.
258 Hewlett-Packard Company − 26 − HP-UX 11i Version 3: February 2007