named.conf revision 1.7.32.1
1 # $NetBSD: named.conf,v 1.7.32.1 2020/03/27 08:43:42 sborrill Exp $ 2 3 # boot file for secondary name server 4 # Note that there should be one primary entry for each SOA record. 5 # If you cannot get DNSSEC to work, and you see the following message: 6 # DNSKEY: verify failed due to bad signature (keyid=19036): \ 7 # RRSIG validity period has not begun 8 # Fix your clock. You can comment out the dnssec entries temporarily to 9 # get to an ntp server. 10 11 options { 12 directory "/etc/namedb"; 13 dnssec-enable yes; 14 dnssec-validation auto; 15 managed-keys-directory "keys"; 16 bindkeys-file "bind.keys"; 17 allow-recursion { localhost; localnets; }; 18 19 # 20 # This forces all queries to come from port 53; might be 21 # needed for firewall traversals but should be avoided if 22 # at all possible because of the risk of spoofing attacks. 23 # 24 #query-source address * port 53; 25 }; 26 27 zone "." { 28 type hint; 29 file "root.cache"; 30 }; 31 32 zone "localhost" { 33 type master; 34 file "localhost"; 35 }; 36 37 zone "127.IN-ADDR.ARPA" { 38 type master; 39 file "127"; 40 }; 41 42 zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" { 43 type master; 44 file "loopback.v6"; 45 }; 46 47 # example secondary server config: 48 # 49 # zone "Berkeley.EDU" { 50 # type slave; 51 # file "berkeley.edu.cache"; 52 # masters { 53 # 128.32.130.11; 54 # 128.32.133.1; 55 # }; 56 # }; 57 58 # zone "32.128.IN-ADDR.ARPA" { 59 # type slave; 60 # file "128.32.cache"; 61 # masters { 62 # 128.32.130.11; 63 # 128.32.133.1; 64 # }; 65 # }; 66 67 # example primary server config: 68 # 69 # zone "Berkeley.EDU" { 70 # type master; 71 # file "berkeley.edu"; 72 # }; 73 74 # zone "32.128.IN-ADDR.ARPA" { 75 # type master; 76 # file "128.32"; 77 # }; 78
Indexes created Mon Oct 13 14:09:54 GMT 2025