1 /* 2 * Copyright (C) Internet Systems Consortium, Inc. ("ISC") 3 * 4 * SPDX-License-Identifier: MPL-2.0 5 * 6 * This Source Code Form is subject to the terms of the Mozilla Public 7 * License, v. 2.0. If a copy of the MPL was not distributed with this 8 * file, you can obtain one at https://mozilla.org/MPL/2.0/. 9 * 10 * See the COPYRIGHT file distributed with this work for additional 11 * information regarding copyright ownership. 12 */ 13 14 // NS5 15 16 key rndc_key { 17 secret "1234abcd8765"; 18 algorithm @DEFAULT_HMAC@; 19 }; 20 21 controls { 22 inet 10.53.0.5 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; 23 }; 24 25 key "sha1" { 26 algorithm "hmac-sha1"; 27 secret "FrSt77yPTFx6hTs4i2tKLB9LmE0="; 28 }; 29 30 key "sha224" { 31 algorithm "hmac-sha224"; 32 secret "hXfwwwiag2QGqblopofai9NuW28q/1rH4CaTnA=="; 33 }; 34 35 key "sha256" { 36 algorithm "hmac-sha256"; 37 secret "R16NojROxtxH/xbDl//ehDsHm5DjWTQ2YXV+hGC2iBY="; 38 }; 39 40 dnssec-policy "test" { 41 keys { 42 csk key-directory lifetime 0 algorithm 14; 43 }; 44 }; 45 46 options { 47 query-source address 10.53.0.5; 48 port @PORT@; 49 pid-file "named.pid"; 50 listen-on { 10.53.0.5; }; 51 listen-on-v6 { none; }; 52 allow-transfer { any; }; 53 recursion no; 54 dnssec-policy "none"; 55 dnssec-validation no; 56 }; 57 58 view "inherit" { 59 match-clients { key "sha1"; }; 60 61 /* Inherit dnssec-policy 'none' */ 62 zone "inherit.inherit.unsigned" { 63 type primary; 64 file "inherit.inherit.unsigned.db"; 65 }; 66 67 /* Override dnssec-policy */ 68 zone "override.inherit.unsigned" { 69 type primary; 70 file "override.inherit.unsigned.db"; 71 dnssec-policy "default"; 72 }; 73 74 /* Unset dnssec-policy */ 75 zone "none.inherit.unsigned" { 76 type primary; 77 file "none.inherit.unsigned.db"; 78 dnssec-policy "none"; 79 }; 80 }; 81 82 view "override" { 83 match-clients { key "sha224"; }; 84 dnssec-policy "default"; 85 86 /* Inherit dnssec-policy 'default' */ 87 zone "inherit.override.unsigned" { 88 type primary; 89 file "inherit.override.unsigned.db"; 90 }; 91 92 /* Override dnssec-policy */ 93 zone "override.override.unsigned" { 94 type primary; 95 file "override.override.unsigned.db"; 96 dnssec-policy "test"; 97 }; 98 99 /* Unset dnssec-policy */ 100 zone "none.override.unsigned" { 101 type primary; 102 file "none.override.unsigned.db"; 103 dnssec-policy "none"; 104 }; 105 }; 106 107 view "none" { 108 match-clients { key "sha256"; }; 109 dnssec-policy "none"; 110 111 /* Inherit dnssec-policy 'none' */ 112 zone "inherit.none.unsigned" { 113 type primary; 114 file "inherit.none.unsigned.db"; 115 }; 116 117 /* Override dnssec-policy */ 118 zone "override.none.unsigned" { 119 type primary; 120 file "override.none.unsigned.db"; 121 dnssec-policy "test"; 122 }; 123 124 /* Unset dnssec-policy */ 125 zone "none.none.unsigned" { 126 type primary; 127 file "none.none.unsigned.db"; 128 dnssec-policy "none"; 129 }; 130 }; 131
Indexes created Mon Mar 02 05:31:46 UTC 2026