1/* 2 * Copyright (C) 2004, 2005, 2007, 2009, 2011-2014 Internet Systems Consortium, Inc. ("ISC") 3 * Copyright (C) 2000, 2001 Internet Software Consortium. 4 * 5 * Permission to use, copy, modify, and/or distribute this software for any 6 * purpose with or without fee is hereby granted, provided that the above 7 * copyright notice and this permission notice appear in all copies. 8 * 9 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 10 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 11 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 12 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 13 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 14 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 15 * PERFORMANCE OF THIS SOFTWARE. 16 */ 17 18/* Id: named.conf,v 1.22 2011/07/01 02:25:47 marka Exp */ 19 20controls { /* empty */ }; 21 22options { 23 query-source address 10.53.0.1 dscp 1; 24 notify-source 10.53.0.1 dscp 22; 25 transfer-source 10.53.0.1 dscp 3; 26 port 5300; 27 pid-file "named.pid"; 28 session-keyfile "session.key"; 29 listen-on { 10.53.0.1; 127.0.0.1; }; 30 listen-on-v6 { none; }; 31 recursion no; 32 notify yes; 33}; 34 35key rndc_key { 36 secret "1234abcd8765"; 37 algorithm hmac-sha256; 38}; 39 40controls { 41 inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; 42}; 43 44key altkey { 45 algorithm hmac-md5; 46 secret "1234abcd8765"; 47}; 48 49include "ddns.key"; 50 51zone "example.nil" { 52 type master; 53 file "example.db"; 54 check-integrity no; 55 update-policy { 56 grant ddns-key.example.nil subdomain example.nil ANY; 57 }; 58 allow-transfer { any; }; 59}; 60 61zone "max-ttl.nil" { 62 type master; 63 file "max-ttl.db"; 64 max-zone-ttl 300; 65 check-integrity no; 66 allow-update { any; }; 67 allow-transfer { any; }; 68}; 69 70zone "other.nil" { 71 type master; 72 file "other.db"; 73 check-integrity no; 74 update-policy local; 75 allow-query-on { 10.53.0.1; 127.0.0.1; }; 76 allow-transfer { any; }; 77}; 78 79masters othermasters { 80 10.53.0.2 port 5300; 81 10.53.0.2 port 5300 key altkey; 82}; 83 84zone "update.nil" { 85 type master; 86 file "update.db"; 87 check-integrity no; 88 allow-update { any; }; 89 allow-transfer { any; }; 90 also-notify { othermasters; }; 91}; 92 93zone "unixtime.nil" { 94 type master; 95 file "unixtime.db"; 96 check-integrity no; 97 allow-update { any; }; 98 allow-transfer { any; }; 99 serial-update-method unixtime; 100}; 101 102include "md5.key"; 103include "sha1.key"; 104include "sha224.key"; 105include "sha256.key"; 106include "sha384.key"; 107include "sha512.key"; 108 109zone "keytests.nil" { 110 type master; 111 file "keytests.db"; 112 update-policy { 113 grant md5-key name md5.keytests.nil. ANY; 114 grant sha1-key name sha1.keytests.nil. ANY; 115 grant sha224-key name sha224.keytests.nil. ANY; 116 grant sha256-key name sha256.keytests.nil. ANY; 117 grant sha384-key name sha384.keytests.nil. ANY; 118 grant sha512-key name sha512.keytests.nil. ANY; 119 }; 120}; 121