Home | History | Annotate | Line # | Download | only in ns2 
      1 /*
      2  * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
      3  *
      4  * SPDX-License-Identifier: MPL-2.0
      5  *
      6  * This Source Code Form is subject to the terms of the Mozilla Public
      7  * License, v. 2.0.  If a copy of the MPL was not distributed with this
      8  * file, you can obtain one at https://mozilla.org/MPL/2.0/.
      9  *
     10  * See the COPYRIGHT file distributed with this work for additional
     11  * information regarding copyright ownership.
     12  */
     13 
     14 include "../../_common/rndc.key";
     15 
     16 controls {
     17 	inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
     18 };
     19 
     20 tls local {
     21 	key-file "../self-signed-key.pem";
     22 	cert-file "../self-signed-cert.pem";
     23 };
     24 
     25 options {
     26 	query-source address 10.53.0.2;
     27 	notify-source 10.53.0.2;
     28 	transfer-source 10.53.0.2;
     29 	port @PORT@;
     30 	tls-port @TLSPORT@;
     31 	pid-file "named.pid";
     32 	listen-on { 10.53.0.2; };
     33 	listen-on tls local { 10.53.0.2; };             // DoT
     34 	listen-on-v6 { none; };
     35 	recursion no;
     36 	notify no;
     37 	ixfr-from-differences yes;
     38 	check-integrity no;
     39 	dnssec-validation no;
     40 };
     41 
     42 
     43 zone "." {
     44 	type hint;
     45 	file "../../_common/root.hint";
     46 };
     47 
     48 tls tls-v1.3 {
     49 	protocols { TLSv1.3; };
     50 	cipher-suites "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256";
     51 	prefer-server-ciphers no;
     52 };
     53 
     54 zone "example" {
     55 	type secondary;
     56 	primaries { 10.53.0.1 tls tls-v1.3; };
     57 	file "example.db";
     58 	allow-transfer { any; };
     59 };
     60 
     61 tls tls-v1.3-aes-128 {
     62 	protocols { TLSv1.3; };
     63 	cipher-suites "TLS_AES_128_GCM_SHA256";
     64 	prefer-server-ciphers no;
     65 };
     66 
     67 zone "example-aes-128" {
     68 	type secondary;
     69 	primaries port @EXTRAPORT1@ { 10.53.0.1 tls tls-v1.3-aes-128; };
     70 	file "example-aes-128.db";
     71 	allow-transfer { any; };
     72 };
     73 
     74 zone "example-aes-256" {
     75 	type secondary;
     76 	primaries port @EXTRAPORT2@ { 10.53.0.1 tls tls-v1.3-aes-128; };
     77 	file "example-aes-256.db";
     78 	allow-transfer { any; };
     79 };
     80 
     81 zone "example-chacha-20" {
     82 	type secondary;
     83 	primaries port @EXTRAPORT3@ { 10.53.0.1 tls tls-v1.3-aes-128; };
     84 	file "example-chacha-20.db";
     85 	allow-transfer { any; };
     86 };
     87