1 /* 2 * Copyright (C) Internet Systems Consortium, Inc. ("ISC") 3 * 4 * SPDX-License-Identifier: MPL-2.0 5 * 6 * This Source Code Form is subject to the terms of the Mozilla Public 7 * License, v. 2.0. If a copy of the MPL was not distributed with this 8 * file, you can obtain one at https://mozilla.org/MPL/2.0/. 9 * 10 * See the COPYRIGHT file distributed with this work for additional 11 * information regarding copyright ownership. 12 */ 13 14 include "../../_common/rndc.key"; 15 16 controls { 17 inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; 18 }; 19 20 tls tls-perfect-forward-secrecy { 21 protocols { TLSv1.3; }; 22 cipher-suites "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256"; 23 key-file "../self-signed-key.pem"; 24 cert-file "../self-signed-cert.pem"; 25 session-tickets no; 26 }; 27 28 tls tls-pfs-aes256 { 29 protocols { TLSv1.3; }; 30 cipher-suites "TLS_AES_256_GCM_SHA384"; 31 key-file "../self-signed-key.pem"; 32 cert-file "../self-signed-cert.pem"; 33 session-tickets no; 34 }; 35 36 tls tls-pfs-aes128 { 37 protocols { TLSv1.3; }; 38 cipher-suites "TLS_AES_128_GCM_SHA256"; 39 key-file "../self-signed-key.pem"; 40 cert-file "../self-signed-cert.pem"; 41 session-tickets no; 42 }; 43 44 tls tls-pfs-chacha20 { 45 protocols { TLSv1.3; }; 46 cipher-suites "TLS_CHACHA20_POLY1305_SHA256"; 47 key-file "../self-signed-key.pem"; 48 cert-file "../self-signed-cert.pem"; 49 session-tickets no; 50 }; 51 52 options { 53 port @PORT@; 54 tls-port @TLSPORT@; 55 pid-file "named.pid"; 56 listen-on-v6 { none; }; 57 listen-on { 10.53.0.1; }; 58 listen-on tls tls-perfect-forward-secrecy { 10.53.0.1; }; 59 listen-on port @EXTRAPORT1@ tls tls-pfs-aes128 { 10.53.0.1; }; 60 listen-on port @EXTRAPORT2@ tls tls-pfs-aes256 { 10.53.0.1; }; 61 listen-on port @EXTRAPORT3@ tls tls-pfs-chacha20 { 10.53.0.1; }; 62 recursion no; 63 notify explicit; 64 also-notify { 10.53.0.2 port @PORT@; }; 65 statistics-file "named.stats"; 66 dnssec-validation no; 67 tcp-initial-timeout 1200; 68 transfers-in 100; 69 transfers-out 100; 70 }; 71 72 73 zone "." { 74 type primary; 75 file "root.db"; 76 allow-transfer port @TLSPORT@ transport tls { any; }; 77 }; 78 79 zone "example" { 80 type primary; 81 file "example.db"; 82 allow-transfer port @TLSPORT@ transport tls { any; }; 83 }; 84 85 zone "example-aes-128" { 86 type primary; 87 file "example.db"; 88 allow-transfer port @EXTRAPORT1@ transport tls { any; }; 89 }; 90 91 zone "example-aes-256" { 92 type primary; 93 file "example.db"; 94 allow-transfer port @EXTRAPORT2@ transport tls { any; }; 95 }; 96 97 zone "example-chacha-20" { 98 type primary; 99 file "example.db"; 100 allow-transfer port @EXTRAPORT3@ transport tls { any; }; 101 }; 102
Indexes created Sun Mar 01 05:31:48 UTC 2026