bind9配置文件及zone文件各字段总结
2015-12-24 17:15
507 查看
1、bind配置文件@named.conf
acl 定义一个IP地址表列名,用语接入控制和其他用法。
controls 宣告 rnde utility 使用的控制通道(channel)
include 包含一个文件
key 设置密匙信息,它应用在通过 TSIG 进行授权和认证的配置中
logging 设置日志服务器,和日志信息的发送地
options 控制服务器的全局配置选项和为其它语句设置默认值
server 在一个单服务器基础上设置特定的配置选项
trusted-keys 定义信任的 DNSSED 密匙
view 定义一个视图
zone 定义一个域
2、view的语法
view view_name
[class] {
match-clients { address_match_list };
match-destinations { address_match_list };
match-recursive-only yes_or_no ;
[ view_option; ...]
[ zone_statement; ...]
};
3、zone文件的语法
zone zone_name [class] {
type master;
[ allow-query { address_match_list }; ]
[ allow-query-on { address_match_list }; ]
[ allow-transfer { address_match_list }; ]
[ allow-update { address_match_list }; ]
[ update-check-ksk yes_or_no; ]
[ dnssec-dnskey-kskonly yes_or_no; ]
[ dnssec-loadkeys-interval number; ]
[ update-policy local | { update_policy_rule [...] }; ]
[ also-notify { ip_addr [port ip_port] [dscp ip_dscp] ;
[ ip_addr [port ip_port] [dscp ip_dscp] ; ... ] }; ]
[ check-names (warn|fail|ignore) ; ]
[ check-mx (warn|fail|ignore) ; ]
[ check-wildcard yes_or_no; ]
[ check-spf ( warn | ignore ); ]
[ check-integrity yes_or_no ; ]
[ dialup dialup_option ; ]
[ file string ; ]
[ masterfile-format (text|raw|map) ; ]
[ journal string ; ]
[ max-journal-size size_spec; ]
[ forward (only|first) ; ]
[ forwarders { [ ip_addr [port ip_port] [dscp ip_dscp] ; ... ] }; ]
[ ixfr-base string ; ]
[ ixfr-from-differences yes_or_no; ]
[ ixfr-tmp-file string ; ]
[ request-ixfr yes_or_no ; ]
[ maintain-ixfr-base yes_or_no ; ]
[ max-ixfr-log-size number ; ]
[ max-transfer-idle-out number ; ]
[ max-transfer-time-out number ; ]
[ notify yes_or_no | explicit | master-only ; ]
[ notify-delay seconds ; ]
[ notify-to-soa yes_or_no; ]
[ pubkey number number number string ; ]
[ notify-source (ip4_addr | *) [port ip_port] [dscp ip_dscp] ; ]
[ notify-source-v6 (ip6_addr | *) [port ip_port] [dscp ip_dscp] ; ]
[ zone-statistics full | terse | none; ]
[ sig-validity-interval number [number] ; ]
[ sig-signing-nodes number ; ]
[ sig-signing-signatures number ; ]
[ sig-signing-type number ; ]
[ database string ; ]
[ min-refresh-time number ; ]
[ max-refresh-time number ; ]
[ min-retry-time number ; ]
[ max-retry-time number ; ]
[ key-directory path_name; ]
[ auto-dnssec allow|maintain|off; ]
[ inline-signing yes_or_no; ]
[ zero-no-soa-ttl yes_or_no ; ]
[ serial-update-method increment|unixtime; ]
[ max-zone-ttl number ; ]
};
zone zone_name [class] {
type slave;
[ allow-notify { address_match_list }; ]
[ allow-query { address_match_list }; ]
[ allow-query-on { address_match_list }; ]
[ allow-transfer { address_match_list }; ]
[ allow-update-forwarding { address_match_list }; ]
[ dnssec-update-mode ( maintain | no-resign ); ]
[ update-check-ksk yes_or_no; ]
[ dnssec-dnskey-kskonly yes_or_no; ]
[ dnssec-loadkeys-interval number; ]
[ dnssec-secure-to-insecure yes_or_no ; ]
[ try-tcp-refresh yes_or_no; ]
[ also-notify [port ip_port] [dscp ip_dscp] { ( masters_list | ip_addr
[port ip_port]
[dscp ip_dscp]
[key key] ) ; [...] }; ]
[ check-names (warn|fail|ignore) ; ]
[ dialup dialup_option ; ]
[ file string ; ]
[ masterfile-format (text|raw|map) ; ]
[ journal string ; ]
[ max-journal-size size_spec; ]
[ forward (only|first) ; ]
[ forwarders { [ ip_addr [port ip_port] [dscp ip_dscp] ; ... ] }; ]
[ ixfr-base string ; ]
[ ixfr-from-differences yes_or_no; ]
[ ixfr-tmp-file string ; ]
[ maintain-ixfr-base yes_or_no ; ]
[ masters [port ip_port] [dscp ip_dscp] { ( masters_list | ip_addr
[port ip_port]
[dscp ip_dscp]
[key key] ) ; [...] }; ]
[ max-ixfr-log-size number ; ]
[ max-transfer-idle-in number ; ]
[ max-transfer-idle-out number ; ]
[ max-transfer-time-in number ; ]
[ max-transfer-time-out number ; ]
[ notify yes_or_no | explicit | master-only ; ]
[ notify-delay seconds ; ]
[ notify-to-soa yes_or_no; ]
[ pubkey number number number string ; ]
[ transfer-source (ip4_addr | *) [port ip_port] [dscp ip_dscp] ; ]
[ transfer-source-v6 (ip6_addr | *) [port ip_port] [dscp ip_dscp] ; ]
[ alt-transfer-source (ip4_addr | *) [port ip_port] [dscp ip_dscp] ; ]
[ alt-transfer-source-v6 (ip6_addr | *)
[port ip_port]
[dscp ip_dscp] ; ]
[ use-alt-transfer-source yes_or_no; ]
[ notify-source (ip4_addr | *) [port ip_port] [dscp ip_dscp] ; ]
[ notify-source-v6 (ip6_addr | *) [port ip_port] [dscp ip_dscp] ; ]
[ zone-statistics full | terse | none; ]
[ sig-validity-interval number [number] ; ]
[ sig-signing-nodes number ; ]
[ sig-signing-signatures number ; ]
[ sig-signing-type number ; ]
[ database string ; ]
[ min-refresh-time number ; ]
[ max-refresh-time number ; ]
[ min-retry-time number ; ]
[ max-retry-time number ; ]
[ key-directory path_name; ]
[ auto-dnssec allow|maintain|off; ]
[ inline-signing yes_or_no; ]
[ multi-master yes_or_no ; ]
[ zero-no-soa-ttl yes_or_no ; ]
};
zone zone_name [class] {
type hint;
file string ;
[ delegation-only yes_or_no ; ]
[ check-names (warn|fail|ignore) ; ] // Not Implemented.
};
zone zone_name [class] {
type stub;
[ allow-query { address_match_list }; ]
[ allow-query-on { address_match_list }; ]
[ check-names (warn|fail|ignore) ; ]
[ dialup dialup_option ; ]
[ delegation-only yes_or_no ; ]
[ file string ; ]
[ masterfile-format (text|raw|map) ; ]
[ forward (only|first) ; ]
[ forwarders { [ ip_addr [port ip_port] [dscp ip_dscp] ; ... ] }; ]
[ masters [port ip_port] [dscp ip_dscp] { ( masters_list | ip_addr
[port ip_port]
[dscp ip_dscp]
[key key] ) ; [...] }; ]
[ max-transfer-idle-in number ; ]
[ max-transfer-time-in number ; ]
[ pubkey number number number string ; ]
[ transfer-source (ip4_addr | *) [port ip_port] [dscp ip_dscp] ; ]
[ transfer-source-v6 (ip6_addr | *)
[port ip_port] [dscp ip_dscp] ; ]
[ alt-transfer-source (ip4_addr | *) [port ip_port] [dscp ip_dscp] ; ]
[ alt-transfer-source-v6 (ip6_addr | *)
[port ip_port] [dscp ip_dscp] ; ]
[ use-alt-transfer-source yes_or_no; ]
[ zone-statistics yes_or_no ; ]
[ database string ; ]
[ min-refresh-time number ; ]
[ max-refresh-time number ; ]
[ min-retry-time number ; ]
[ max-retry-time number ; ]
[ multi-master yes_or_no ; ]
};
zone zone_name [class] {
type static-stub;
[ allow-query { address_match_list }; ]
[ server-addresses { [ ip_addr ; ... ] }; ]
[ server-names { [ namelist ] }; ]
[ zone-statistics yes_or_no ; ]
};
zone zone_name [class] {
type forward;
[ forward (only|first) ; ]
[ forwarders { [ ip_addr [port ip_port] [dscp ip_dscp] ; ... ] }; ]
[ delegation-only yes_or_no ; ]
};
zone "." [class] {
type redirect;
file string ;
[ masterfile-format (text|raw|map) ; ]
[ allow-query { address_match_list }; ]
[ max-zone-ttl number ; ]
};
zone zone_name [class] {
type delegation-only;
};
zone zone_name [class] {
[ in-view string ; ]
};
4、资源记录( RR)组成:
Owner name 所有者名称,指定域名对应记录的位置
Type 一个16位编码的值用来设定这个源记录中的源的类型.类型涉及到抽象记录
TTL 定义 RR 记录的生存时间.这个字段是一个以秒计算 32 位整数,主要设置该记录在缓存里的保留时间.
Class 一个 16 位编码值定义一组协议或者一协议示例
RDATA 描述源头的类型和独立类的数据.
5、options的语法
options {
[ version version_string; ]
[ directory path_name; ]
[ named-xfer path_name; ]
[ tkey-domain domainname; ]
[ tkey-dhkey key_name key_tag; ]
[ dump-file path_name; ]
[ memstatistics-file path_name; ]
[ pid-file path_name; ]
[ statistics-file path_name; ]
[ zone-statistics yes_or_no; ]
[ auth-nxdomain yes_or_no; ]
[ deallocate-on-exit yes_or_no; ]
[ dialup dialup_option; ]
[ fake-iquery yes_or_no; ]
[ fetch-glue yes_or_no; ]
[ has-old-clients yes_or_no; ]
[ host-statistics yes_or_no; ]
[ minimal-responses yes_or_no; ]
[ multiple-cnames yes_or_no; ]
[ notify yes_or_no | explicit; ]
[ recursion yes_or_no; ]
[ rfc2308-type1 yes_or_no; ]
[ use-id-pool yes_or_no; ]
[ maintain-ixfr-base yes_or_no; ]
[ forward ( only | first ); ]
[ forwarders { ip_addr [port ip_port] ; [ ip_addr [port ip_port] ; ... ] }; ]
[ check-names ( master | slave | response )( warn | fail | ignore ); ]
[ allow-notify { address_match_list }; ]
[ allow-query { address_match_list }; ]
[ allow-transfer { address_match_list }; ]
[ allow-recursion { address_match_list }; ]
[ allow-v6-synthesis { address_match_list }; ]
[ blackhole { address_match_list }; ]
[ listen-on [ port ip_port ] { address_match_list }; ]
[ listen-on-v6 [ port ip_port ] { address_match_list }; ]
[ query-source [ address ( ip_addr | * ) ] [ port ( ip_port | * ) ]; ]
[ max-transfer-time-in number; ]
[ max-transfer-time-out number; ]
[ max-transfer-idle-in number; ]
[ max-transfer-idle-out number; ]
[ tcp-clients number; ]
[ recursive-clients number; ]
[ serial-query-rate number; ]
[ serial-queries number; ]
[ transfer-format ( one-answer | many-answers ); ]
[ transfers-in number; ]
[ transfers-out number; ]
[ transfers-per-ns number; ]
[ transfer-source (ip4_addr | *) [port ip_port] ; ]
[ transfer-source-v6 (ip6_addr | *) [port ip_port] ; ]
[ notify-source (ip4_addr | *) [port ip_port] ; ]
[ notify-source-v6 (ip6_addr | *) [port ip_port] ; ]
[ alsonotify { ip_addr [port ip_port] ; [ ip_addr [port ip_port] ; ... ] }; ]
[ max-ixfr-log-size number; ]
[ coresize size_spec ; ]
[ datasize size_spec ; ]
[ files size_spec ; ]
[ stacksize size_spec ; ]
[ cleaning-interval number; ]
[ heartbeat-interval number; ]
[ interface-interval number; ]
[ statistics-interval number; ]
[ topology { address_match_list }];
[ sortlist { address_match_list }];
[ rrset-order { order_spec ; [ order_spec ; ... ] } };
[ lame-ttl number; ]
[ max-ncache-ttl number; ]
[ max-cache-ttl number; ]
[ sig-validity-interval number ; ]
[ min-roots number; ]
[ use-ixfr yes_or_no ; ]
[ provide-ixfr yes_or_no; ]
[ request-ixfr yes_or_no; ]
[ treat-cr-as-space yes_or_no ; ]
[ min-refresh-time number ; ]
[ max-refresh-time number ; ]
[ min-retry-time number ; ]
[ max-retry-time number ; ]
[ port ip_port; ]
[ additional-from-auth yes_or_no ; ]
[ additional-from-cache yes_or_no ; ]
[ random-device path_name ; ]
[ max-cache-size size_spec ; ]
[ match-mapped-addresses yes_or_no; ]
};
6、key语法
key key_id {
algorithm algorithm_id;
secret secret_string;
};
7、logging Statement Grammar
logging {
[ channel channel_name {
( file path_name
[ versions ( number | unlimited ) ]
[ size size_spec ]
| syslog syslog_facility
| stderr
| null );
[ severity (critical | error | warning | notice |
info | debug [ level ] | dynamic ); ]
[ print-category yes or no; ]
[ print-severity yes or no; ]
[ print-time yes or no; ]
}; ]
[ category category_name {
channel_name ; [ channel_name ; ... ]
}; ]
...
};
8、server Statement Grammar
server ip_addr[/prefixlen] {
[ bogus yes_or_no ; ]
[ provide-ixfr yes_or_no ; ]
[ request-ixfr yes_or_no ; ]
[ request-nsid yes_or_no ; ]
[ request-sit yes_or_no ; ]
[ edns yes_or_no ; ]
[ edns-udp-size number ; ]
[ nosit-udp-size number ; ]
[ max-udp-size number ; ]
[ transfers number ; ]
[ transfer-format ( one-answer | many-answers ) ; ]]
[ keys { key_id }; ]
[ transfer-source (ip4_addr | *) [port ip_port] [dscp ip_dscp] ; ]
[ transfer-source-v6 (ip6_addr | *) [port ip_port] [dscp ip_dscp] ; ]
[ query-source [ address ( ip_addr | * ) ]
[ port ( ip_port | * ) ] [dscp ip_dscp] ; ]
[ use-queryport-pool yes_or_no; ]
[ queryport-pool-ports number; ]
[ queryport-pool-updateinterval number; ]
};
9、controls Statement Grammar
controls {
[ inet ( ip_addr | * ) [ port ip_port ]
allow { address_match_list }
keys { key_list }; ]
[ inet ...; ]
[ unix path perm number owner number group number
keys { key_list }; ]
[ unix ...; ]
};
10、lwres:定义named为一个轻量级的解析进程
lwres {
[ listen-on { ip_addr[port ip_port] ; [ ip_addr [port ip_port] ; ... ] }; ]
[ view view_name; ]
[ search { domain_name ; [domain_name ; ... ] }; ]
[ ndots number; ]
};
11、acl:定义IP地址表的名字,用于访问控制等
acl acl-name {
address_match_list;
}
acl 定义一个IP地址表列名,用语接入控制和其他用法。
controls 宣告 rnde utility 使用的控制通道(channel)
include 包含一个文件
key 设置密匙信息,它应用在通过 TSIG 进行授权和认证的配置中
logging 设置日志服务器,和日志信息的发送地
options 控制服务器的全局配置选项和为其它语句设置默认值
server 在一个单服务器基础上设置特定的配置选项
trusted-keys 定义信任的 DNSSED 密匙
view 定义一个视图
zone 定义一个域
2、view的语法
view view_name
[class] {
match-clients { address_match_list };
match-destinations { address_match_list };
match-recursive-only yes_or_no ;
[ view_option; ...]
[ zone_statement; ...]
};
3、zone文件的语法
zone zone_name [class] {
type master;
[ allow-query { address_match_list }; ]
[ allow-query-on { address_match_list }; ]
[ allow-transfer { address_match_list }; ]
[ allow-update { address_match_list }; ]
[ update-check-ksk yes_or_no; ]
[ dnssec-dnskey-kskonly yes_or_no; ]
[ dnssec-loadkeys-interval number; ]
[ update-policy local | { update_policy_rule [...] }; ]
[ also-notify { ip_addr [port ip_port] [dscp ip_dscp] ;
[ ip_addr [port ip_port] [dscp ip_dscp] ; ... ] }; ]
[ check-names (warn|fail|ignore) ; ]
[ check-mx (warn|fail|ignore) ; ]
[ check-wildcard yes_or_no; ]
[ check-spf ( warn | ignore ); ]
[ check-integrity yes_or_no ; ]
[ dialup dialup_option ; ]
[ file string ; ]
[ masterfile-format (text|raw|map) ; ]
[ journal string ; ]
[ max-journal-size size_spec; ]
[ forward (only|first) ; ]
[ forwarders { [ ip_addr [port ip_port] [dscp ip_dscp] ; ... ] }; ]
[ ixfr-base string ; ]
[ ixfr-from-differences yes_or_no; ]
[ ixfr-tmp-file string ; ]
[ request-ixfr yes_or_no ; ]
[ maintain-ixfr-base yes_or_no ; ]
[ max-ixfr-log-size number ; ]
[ max-transfer-idle-out number ; ]
[ max-transfer-time-out number ; ]
[ notify yes_or_no | explicit | master-only ; ]
[ notify-delay seconds ; ]
[ notify-to-soa yes_or_no; ]
[ pubkey number number number string ; ]
[ notify-source (ip4_addr | *) [port ip_port] [dscp ip_dscp] ; ]
[ notify-source-v6 (ip6_addr | *) [port ip_port] [dscp ip_dscp] ; ]
[ zone-statistics full | terse | none; ]
[ sig-validity-interval number [number] ; ]
[ sig-signing-nodes number ; ]
[ sig-signing-signatures number ; ]
[ sig-signing-type number ; ]
[ database string ; ]
[ min-refresh-time number ; ]
[ max-refresh-time number ; ]
[ min-retry-time number ; ]
[ max-retry-time number ; ]
[ key-directory path_name; ]
[ auto-dnssec allow|maintain|off; ]
[ inline-signing yes_or_no; ]
[ zero-no-soa-ttl yes_or_no ; ]
[ serial-update-method increment|unixtime; ]
[ max-zone-ttl number ; ]
};
zone zone_name [class] {
type slave;
[ allow-notify { address_match_list }; ]
[ allow-query { address_match_list }; ]
[ allow-query-on { address_match_list }; ]
[ allow-transfer { address_match_list }; ]
[ allow-update-forwarding { address_match_list }; ]
[ dnssec-update-mode ( maintain | no-resign ); ]
[ update-check-ksk yes_or_no; ]
[ dnssec-dnskey-kskonly yes_or_no; ]
[ dnssec-loadkeys-interval number; ]
[ dnssec-secure-to-insecure yes_or_no ; ]
[ try-tcp-refresh yes_or_no; ]
[ also-notify [port ip_port] [dscp ip_dscp] { ( masters_list | ip_addr
[port ip_port]
[dscp ip_dscp]
[key key] ) ; [...] }; ]
[ check-names (warn|fail|ignore) ; ]
[ dialup dialup_option ; ]
[ file string ; ]
[ masterfile-format (text|raw|map) ; ]
[ journal string ; ]
[ max-journal-size size_spec; ]
[ forward (only|first) ; ]
[ forwarders { [ ip_addr [port ip_port] [dscp ip_dscp] ; ... ] }; ]
[ ixfr-base string ; ]
[ ixfr-from-differences yes_or_no; ]
[ ixfr-tmp-file string ; ]
[ maintain-ixfr-base yes_or_no ; ]
[ masters [port ip_port] [dscp ip_dscp] { ( masters_list | ip_addr
[port ip_port]
[dscp ip_dscp]
[key key] ) ; [...] }; ]
[ max-ixfr-log-size number ; ]
[ max-transfer-idle-in number ; ]
[ max-transfer-idle-out number ; ]
[ max-transfer-time-in number ; ]
[ max-transfer-time-out number ; ]
[ notify yes_or_no | explicit | master-only ; ]
[ notify-delay seconds ; ]
[ notify-to-soa yes_or_no; ]
[ pubkey number number number string ; ]
[ transfer-source (ip4_addr | *) [port ip_port] [dscp ip_dscp] ; ]
[ transfer-source-v6 (ip6_addr | *) [port ip_port] [dscp ip_dscp] ; ]
[ alt-transfer-source (ip4_addr | *) [port ip_port] [dscp ip_dscp] ; ]
[ alt-transfer-source-v6 (ip6_addr | *)
[port ip_port]
[dscp ip_dscp] ; ]
[ use-alt-transfer-source yes_or_no; ]
[ notify-source (ip4_addr | *) [port ip_port] [dscp ip_dscp] ; ]
[ notify-source-v6 (ip6_addr | *) [port ip_port] [dscp ip_dscp] ; ]
[ zone-statistics full | terse | none; ]
[ sig-validity-interval number [number] ; ]
[ sig-signing-nodes number ; ]
[ sig-signing-signatures number ; ]
[ sig-signing-type number ; ]
[ database string ; ]
[ min-refresh-time number ; ]
[ max-refresh-time number ; ]
[ min-retry-time number ; ]
[ max-retry-time number ; ]
[ key-directory path_name; ]
[ auto-dnssec allow|maintain|off; ]
[ inline-signing yes_or_no; ]
[ multi-master yes_or_no ; ]
[ zero-no-soa-ttl yes_or_no ; ]
};
zone zone_name [class] {
type hint;
file string ;
[ delegation-only yes_or_no ; ]
[ check-names (warn|fail|ignore) ; ] // Not Implemented.
};
zone zone_name [class] {
type stub;
[ allow-query { address_match_list }; ]
[ allow-query-on { address_match_list }; ]
[ check-names (warn|fail|ignore) ; ]
[ dialup dialup_option ; ]
[ delegation-only yes_or_no ; ]
[ file string ; ]
[ masterfile-format (text|raw|map) ; ]
[ forward (only|first) ; ]
[ forwarders { [ ip_addr [port ip_port] [dscp ip_dscp] ; ... ] }; ]
[ masters [port ip_port] [dscp ip_dscp] { ( masters_list | ip_addr
[port ip_port]
[dscp ip_dscp]
[key key] ) ; [...] }; ]
[ max-transfer-idle-in number ; ]
[ max-transfer-time-in number ; ]
[ pubkey number number number string ; ]
[ transfer-source (ip4_addr | *) [port ip_port] [dscp ip_dscp] ; ]
[ transfer-source-v6 (ip6_addr | *)
[port ip_port] [dscp ip_dscp] ; ]
[ alt-transfer-source (ip4_addr | *) [port ip_port] [dscp ip_dscp] ; ]
[ alt-transfer-source-v6 (ip6_addr | *)
[port ip_port] [dscp ip_dscp] ; ]
[ use-alt-transfer-source yes_or_no; ]
[ zone-statistics yes_or_no ; ]
[ database string ; ]
[ min-refresh-time number ; ]
[ max-refresh-time number ; ]
[ min-retry-time number ; ]
[ max-retry-time number ; ]
[ multi-master yes_or_no ; ]
};
zone zone_name [class] {
type static-stub;
[ allow-query { address_match_list }; ]
[ server-addresses { [ ip_addr ; ... ] }; ]
[ server-names { [ namelist ] }; ]
[ zone-statistics yes_or_no ; ]
};
zone zone_name [class] {
type forward;
[ forward (only|first) ; ]
[ forwarders { [ ip_addr [port ip_port] [dscp ip_dscp] ; ... ] }; ]
[ delegation-only yes_or_no ; ]
};
zone "." [class] {
type redirect;
file string ;
[ masterfile-format (text|raw|map) ; ]
[ allow-query { address_match_list }; ]
[ max-zone-ttl number ; ]
};
zone zone_name [class] {
type delegation-only;
};
zone zone_name [class] {
[ in-view string ; ]
};
4、资源记录( RR)组成:
Owner name 所有者名称,指定域名对应记录的位置
Type 一个16位编码的值用来设定这个源记录中的源的类型.类型涉及到抽象记录
TTL 定义 RR 记录的生存时间.这个字段是一个以秒计算 32 位整数,主要设置该记录在缓存里的保留时间.
Class 一个 16 位编码值定义一组协议或者一协议示例
RDATA 描述源头的类型和独立类的数据.
5、options的语法
options {
[ version version_string; ]
[ directory path_name; ]
[ named-xfer path_name; ]
[ tkey-domain domainname; ]
[ tkey-dhkey key_name key_tag; ]
[ dump-file path_name; ]
[ memstatistics-file path_name; ]
[ pid-file path_name; ]
[ statistics-file path_name; ]
[ zone-statistics yes_or_no; ]
[ auth-nxdomain yes_or_no; ]
[ deallocate-on-exit yes_or_no; ]
[ dialup dialup_option; ]
[ fake-iquery yes_or_no; ]
[ fetch-glue yes_or_no; ]
[ has-old-clients yes_or_no; ]
[ host-statistics yes_or_no; ]
[ minimal-responses yes_or_no; ]
[ multiple-cnames yes_or_no; ]
[ notify yes_or_no | explicit; ]
[ recursion yes_or_no; ]
[ rfc2308-type1 yes_or_no; ]
[ use-id-pool yes_or_no; ]
[ maintain-ixfr-base yes_or_no; ]
[ forward ( only | first ); ]
[ forwarders { ip_addr [port ip_port] ; [ ip_addr [port ip_port] ; ... ] }; ]
[ check-names ( master | slave | response )( warn | fail | ignore ); ]
[ allow-notify { address_match_list }; ]
[ allow-query { address_match_list }; ]
[ allow-transfer { address_match_list }; ]
[ allow-recursion { address_match_list }; ]
[ allow-v6-synthesis { address_match_list }; ]
[ blackhole { address_match_list }; ]
[ listen-on [ port ip_port ] { address_match_list }; ]
[ listen-on-v6 [ port ip_port ] { address_match_list }; ]
[ query-source [ address ( ip_addr | * ) ] [ port ( ip_port | * ) ]; ]
[ max-transfer-time-in number; ]
[ max-transfer-time-out number; ]
[ max-transfer-idle-in number; ]
[ max-transfer-idle-out number; ]
[ tcp-clients number; ]
[ recursive-clients number; ]
[ serial-query-rate number; ]
[ serial-queries number; ]
[ transfer-format ( one-answer | many-answers ); ]
[ transfers-in number; ]
[ transfers-out number; ]
[ transfers-per-ns number; ]
[ transfer-source (ip4_addr | *) [port ip_port] ; ]
[ transfer-source-v6 (ip6_addr | *) [port ip_port] ; ]
[ notify-source (ip4_addr | *) [port ip_port] ; ]
[ notify-source-v6 (ip6_addr | *) [port ip_port] ; ]
[ alsonotify { ip_addr [port ip_port] ; [ ip_addr [port ip_port] ; ... ] }; ]
[ max-ixfr-log-size number; ]
[ coresize size_spec ; ]
[ datasize size_spec ; ]
[ files size_spec ; ]
[ stacksize size_spec ; ]
[ cleaning-interval number; ]
[ heartbeat-interval number; ]
[ interface-interval number; ]
[ statistics-interval number; ]
[ topology { address_match_list }];
[ sortlist { address_match_list }];
[ rrset-order { order_spec ; [ order_spec ; ... ] } };
[ lame-ttl number; ]
[ max-ncache-ttl number; ]
[ max-cache-ttl number; ]
[ sig-validity-interval number ; ]
[ min-roots number; ]
[ use-ixfr yes_or_no ; ]
[ provide-ixfr yes_or_no; ]
[ request-ixfr yes_or_no; ]
[ treat-cr-as-space yes_or_no ; ]
[ min-refresh-time number ; ]
[ max-refresh-time number ; ]
[ min-retry-time number ; ]
[ max-retry-time number ; ]
[ port ip_port; ]
[ additional-from-auth yes_or_no ; ]
[ additional-from-cache yes_or_no ; ]
[ random-device path_name ; ]
[ max-cache-size size_spec ; ]
[ match-mapped-addresses yes_or_no; ]
};
6、key语法
key key_id {
algorithm algorithm_id;
secret secret_string;
};
7、logging Statement Grammar
logging {
[ channel channel_name {
( file path_name
[ versions ( number | unlimited ) ]
[ size size_spec ]
| syslog syslog_facility
| stderr
| null );
[ severity (critical | error | warning | notice |
info | debug [ level ] | dynamic ); ]
[ print-category yes or no; ]
[ print-severity yes or no; ]
[ print-time yes or no; ]
}; ]
[ category category_name {
channel_name ; [ channel_name ; ... ]
}; ]
...
};
8、server Statement Grammar
server ip_addr[/prefixlen] {
[ bogus yes_or_no ; ]
[ provide-ixfr yes_or_no ; ]
[ request-ixfr yes_or_no ; ]
[ request-nsid yes_or_no ; ]
[ request-sit yes_or_no ; ]
[ edns yes_or_no ; ]
[ edns-udp-size number ; ]
[ nosit-udp-size number ; ]
[ max-udp-size number ; ]
[ transfers number ; ]
[ transfer-format ( one-answer | many-answers ) ; ]]
[ keys { key_id }; ]
[ transfer-source (ip4_addr | *) [port ip_port] [dscp ip_dscp] ; ]
[ transfer-source-v6 (ip6_addr | *) [port ip_port] [dscp ip_dscp] ; ]
[ query-source [ address ( ip_addr | * ) ]
[ port ( ip_port | * ) ] [dscp ip_dscp] ; ]
[ use-queryport-pool yes_or_no; ]
[ queryport-pool-ports number; ]
[ queryport-pool-updateinterval number; ]
};
9、controls Statement Grammar
controls {
[ inet ( ip_addr | * ) [ port ip_port ]
allow { address_match_list }
keys { key_list }; ]
[ inet ...; ]
[ unix path perm number owner number group number
keys { key_list }; ]
[ unix ...; ]
};
10、lwres:定义named为一个轻量级的解析进程
lwres {
[ listen-on { ip_addr[port ip_port] ; [ ip_addr [port ip_port] ; ... ] }; ]
[ view view_name; ]
[ search { domain_name ; [domain_name ; ... ] }; ]
[ ndots number; ]
};
11、acl:定义IP地址表的名字,用于访问控制等
acl acl-name {
address_match_list;
}
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 新下载kettle不能启动问题
- workerman性能测试
- db2数据库 相关
- 生成JSON数据对象
- 自动化selenium开发
- 老李推荐:第4章3节《MonkeyRunner源码剖析》ADB协议及服务: ADB协议概览
- Jsoup数据抓取
- PHP删除文件夹下所有文件
- devstack 部署openstack 开发环境
- Android开发官方文档---Capturing Photos
- Python logRegres
- ALSA声卡驱动中的DAPM详解之四:在驱动程序中初始化并注册widget和route
- 本地文件缓存
- SVN常用命令
- 第六章:Foundation框架详解
- BigDecimal用法详解
- Centos7编译安装MySQL5.5
- 关于IOS9 网络适配
- 老李推荐:第4章1节《MonkeyRunner源码剖析》ADB协议及服务: ADB协议概览 2
- 老李推荐:第4章1节《MonkeyRunner源码剖析》ADB协议及服务: ADB协议概览 1