named.conf revision 1.6.12.1
1 # $NetBSD: named.conf,v 1.6.12.1 2013/06/23 06:26:21 tls Exp $ 2 3 # boot file for secondary name server 4 # Note that there should be one primary entry for each SOA record. 5 # If you cannot get DNSSEC to work, and you see the following message: 6 # DNSKEY: verify failed due to bad signature (keyid=19036): \ 7 # RRSIG validity period has not begun 8 # Fix your clock. You can comment out the dnssec entries temporarily to 9 # get to an ntp server. 10 11 options { 12 directory "/etc/namedb"; 13 dnssec-enable yes; 14 dnssec-validation auto; 15 dnssec-lookaside auto; 16 managed-keys-directory "keys"; 17 bindkeys-file "bind.keys"; 18 allow-recursion { localhost; localnets; }; 19 20 # 21 # This forces all queries to come from port 53; might be 22 # needed for firewall traversals but should be avoided if 23 # at all possible because of the risk of spoofing attacks. 24 # 25 #query-source address * port 53; 26 }; 27 28 zone "." { 29 type hint; 30 file "root.cache"; 31 }; 32 33 zone "localhost" { 34 type master; 35 file "localhost"; 36 }; 37 38 zone "127.IN-ADDR.ARPA" { 39 type master; 40 file "127"; 41 }; 42 43 zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" { 44 type master; 45 file "loopback.v6"; 46 }; 47 48 # example secondary server config: 49 # 50 # zone "Berkeley.EDU" { 51 # type slave; 52 # file "berkeley.edu.cache"; 53 # masters { 54 # 128.32.130.11; 55 # 128.32.133.1; 56 # }; 57 # }; 58 59 # zone "32.128.IN-ADDR.ARPA" { 60 # type slave; 61 # file "128.32.cache"; 62 # masters { 63 # 128.32.130.11; 64 # 128.32.133.1; 65 # }; 66 # }; 67 68 # example primary server config: 69 # 70 # zone "Berkeley.EDU" { 71 # type master; 72 # file "berkeley.edu"; 73 # }; 74 75 # zone "32.128.IN-ADDR.ARPA" { 76 # type master; 77 # file "128.32"; 78 # }; 79
Indexes created Sun Oct 12 09:09:55 GMT 2025