1/* 2 * Copyright (C) 2009-2011, 2013 Internet Systems Consortium, Inc. ("ISC") 3 * 4 * Permission to use, copy, modify, and/or distribute this software for any 5 * purpose with or without fee is hereby granted, provided that the above 6 * copyright notice and this permission notice appear in all copies. 7 * 8 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 9 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 10 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 11 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 12 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 13 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 14 * PERFORMANCE OF THIS SOFTWARE. 15 */ 16 17/* Id: named.conf,v 1.7 2011/04/29 23:47:17 tbox Exp */ 18 19// NS2 20 21controls { /* empty */ }; 22 23options { 24 query-source address 10.53.0.2; 25 notify-source 10.53.0.2; 26 transfer-source 10.53.0.2; 27 port 5300; 28 pid-file "named.pid"; 29 listen-on { 10.53.0.2; }; 30 listen-on-v6 { none; }; 31 recursion no; 32 notify yes; 33 dnssec-enable yes; 34 dnssec-validation yes; 35 dnssec-loadkeys-interval 30; 36}; 37 38key rndc_key { 39 secret "1234abcd8765"; 40 algorithm hmac-sha256; 41}; 42 43controls { 44 inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; 45}; 46 47zone "." { 48 type hint; 49 file "../../common/root.hint"; 50}; 51 52zone "example" { 53 type master; 54 file "example.db"; 55 allow-query { any; }; 56 allow-transfer { any; }; 57 allow-update { any; }; 58 auto-dnssec maintain; 59}; 60 61zone "bar" { 62 type master; 63 file "bar.db"; 64 allow-query { any; }; 65 allow-transfer { any; }; 66 allow-update { any; }; 67 auto-dnssec maintain; 68 dnssec-dnskey-kskonly yes; 69}; 70 71zone "private.secure.example" { 72 type master; 73 file "private.secure.example.db"; 74 allow-query { any; }; 75 allow-transfer { any; }; 76 allow-update { any; }; 77 auto-dnssec maintain; 78}; 79 80zone "insecure.secure.example" { 81 type master; 82 file "insecure.secure.example.db"; 83 allow-query { any; }; 84 allow-transfer { any; }; 85 allow-update { any; }; 86 auto-dnssec maintain; 87}; 88 89zone "child.nsec3.example" { 90 type master; 91 file "child.nsec3.example.db"; 92 allow-query { any; }; 93 allow-transfer { any; }; 94 allow-update { any; }; 95 auto-dnssec maintain; 96}; 97 98zone "child.optout.example" { 99 type master; 100 file "child.optout.example.db"; 101 allow-query { any; }; 102 allow-transfer { any; }; 103 allow-update { any; }; 104 auto-dnssec maintain; 105}; 106 107include "trusted.conf"; 108