named.conf revision 1.10
1 # $NetBSD: named.conf,v 1.10 2020/10/11 22:14:55 jnemeth Exp $ 2 3 # boot file for secondary name server 4 # Note that there should be one primary entry for each SOA record. 5 # If you cannot get DNSSEC to work, and you see the following message: 6 # DNSKEY: verify failed due to bad signature (keyid=19036): \ 7 # RRSIG validity period has not begun 8 # Fix your clock. You can comment out the dnssec entries temporarily to 9 # get to an ntp server. 10 11 options { 12 directory "/etc/namedb"; 13 dnssec-enable yes; 14 dnssec-validation auto; 15 managed-keys-directory "keys"; 16 bindkeys-file "bind.keys"; 17 allow-recursion { localhost; localnets; }; 18 max-udp-size 1220; 19 edns-udp-size 1220; 20 21 # 22 # This forces all queries to come from port 53; might be 23 # needed for firewall traversals but should be avoided if 24 # at all possible because of the risk of spoofing attacks. 25 # 26 #query-source address * port 53; 27 }; 28 29 zone "." { 30 type hint; 31 file "root.cache"; 32 }; 33 34 zone "localhost" { 35 type master; 36 file "localhost"; 37 }; 38 39 zone "127.IN-ADDR.ARPA" { 40 type master; 41 file "127"; 42 }; 43 44 zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" { 45 type master; 46 file "loopback.v6"; 47 }; 48 49 # example secondary server config: 50 # 51 # zone "Berkeley.EDU" { 52 # type slave; 53 # file "berkeley.edu.cache"; 54 # masters { 55 # 128.32.130.11; 56 # 128.32.133.1; 57 # }; 58 # }; 59 60 # zone "32.128.IN-ADDR.ARPA" { 61 # type slave; 62 # file "128.32.cache"; 63 # masters { 64 # 128.32.130.11; 65 # 128.32.133.1; 66 # }; 67 # }; 68 69 # example primary server config: 70 # 71 # zone "Berkeley.EDU" { 72 # type master; 73 # file "berkeley.edu"; 74 # }; 75 76 # zone "32.128.IN-ADDR.ARPA" { 77 # type master; 78 # file "128.32"; 79 # }; 80
Indexes created Sun Oct 12 05:10:08 GMT 2025