Home | History | Annotate | Line # | Download | only in ns1 
      1 /*
      2  * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
      3  *
      4  * SPDX-License-Identifier: MPL-2.0
      5  *
      6  * This Source Code Form is subject to the terms of the Mozilla Public
      7  * License, v. 2.0.  If a copy of the MPL was not distributed with this
      8  * file, you can obtain one at https://mozilla.org/MPL/2.0/.
      9  *
     10  * See the COPYRIGHT file distributed with this work for additional
     11  * information regarding copyright ownership.
     12  */
     13 
     14 options {
     15 	query-source address 10.53.0.1;
     16 	notify-source 10.53.0.1;
     17 	transfer-source 10.53.0.1;
     18 	port @PORT@;
     19 	pid-file "named.pid";
     20 	listen-on { 10.53.0.1; };
     21 	listen-on-v6 { none; };
     22 	recursion yes;
     23 	dnssec-validation no;
     24 	deny-answer-addresses { 192.0.2.0/24; 2001:db8:beef::/48; }
     25 		 except-from { "example.org"; };
     26 	deny-answer-aliases { "example.org"; }
     27 		except-from { "goodcname.example.net";
     28 			      "gooddname.example.net"; };
     29 	allow-query {!10.53.0.8; any; };
     30 	max-zone-ttl unlimited;
     31 	resolver-query-timeout 5000; # 5 seconds
     32 	attach-cache "globalcache";
     33 	max-recursion-queries 100;
     34 };
     35 
     36 
     37 server 10.53.0.3 {
     38 	tcp-only yes;
     39 };
     40 
     41 server 10.42.23.3/32 {
     42      notify-source 10.42.22.1;
     43      query-source address 10.42.22.1 port 0;
     44      transfer-source 10.42.22.1;
     45 };
     46 
     47 server fd92:7065:b8e:ffff::1000 {
     48      notify-source-v6 fd92:7065:b8e:ffff::1001;
     49      query-source-v6 address fd92:7065:b8e:ffff::1001 port 0;
     50      transfer-source-v6 fd92:7065:b8e:ffff::1001;
     51 };
     52 
     53 /*
     54  * Must be first view so that there is a CH cache with name
     55  * "globalcache" before the recursive "default"/IN view is configured.
     56  */
     57 view "class" chaos {
     58 	zone "chaostest" CHAOS {
     59                 type primary;
     60                 file "chaostest.db";
     61         };
     62 };
     63 
     64 /*
     65  * Must be second view so that so that we can check we don't attach to the
     66  * "globalcache"/CH cache.
     67  */
     68 view "default" {
     69 	zone "." {
     70 		type hint;
     71 		file "root.hint";
     72 	};
     73 };
     74 
     75 view "alternative" {
     76 	zone "." {
     77 		type hint;
     78 		file "root.hint";
     79 	};
     80 };
     81 
     82 key rndc_key {
     83 	secret "1234abcd8765";
     84 	algorithm @DEFAULT_HMAC@;
     85 };
     86 
     87 controls {
     88 	inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
     89 };
     90