Previous Section
 < Day Day Up > 
Next Section


named.conf

The configuration file for the named daemon is named.conf, located in the /etc directory. It uses a flexible syntax similar to C programs. The format enables easy configuration of selected zones, enabling features such as access control lists and categorized logging. The named.conf file consists of BIND configuration statements with attached blocks within which specific options are listed. A configuration statement is followed by arguments and a block that is delimited with braces. Within the block are lines of option and feature entries. Each entry is terminated with a semicolon. Comments can use the C, C++, or Shell/Perl syntax: enclosing /* */, preceding //, or preceding #. The following example shows a zone statement followed by the zone name and a block of options that begin with an opening brace, {. Each option entry ends with a semicolon. The entire block ends with a closing brace, also followed by a semicolon. The format for a named.conf entry is shown here, along with the different kinds of comments allowed. Tables 35-5, 35-6, and 35-7 list several commonly used statements and options.

// comments
/* comments */
# comments
   
statements {
 options and features; //comments
};

The following example shows a simple caching server entry:

// a caching only nameserver config
//
zone "." {
       type hint;
       file "named.ca";
       };
Note 

The named.conf file is a new feature implemented with BIND version 8.x and 9.x. The older BIND 4.x versions use a file called named.boot. This file is no longer used by version 8.x. The syntaxes used in these configuration files differ radically. If you upgrade to 8.x, you can use the named-bootconf.pl Perl script provided with the BIND software to convert your named.boot file to a named.conf file.

zone Statement

The zone statement is used to specify the domains the name server will service. You enter the keyword zone, followed by the name of the domain placed within double quotes. Do not place a period at the end of the domain name. In the following example, a period is within the domain name, but not at the end, "mytrek.com"; this differs from the zone file, which requires a period at the end of a complete domain name.

After the zone name, you can specify the class in, which stands for Internet. You can also leave it out, in which case in is assumed (there are only a few other esoteric classes that are rarely used). Within the zone block, you can place several options (see Table 34-6 later in this chapter). Two essential options are type and file. The type option is used to specify the zone's type. The file option is used to specify the name of the zone file to be used for this zone. You can choose from several types of zones: master, slave, stub, forward, and hint. Master specifies that the zone holds master information and is authorized to act on it. A master server was called a primary server in the older 4.x BIND configuration. Slave indicates that the zone needs to update its data periodically from a specified master name server. You use this entry if your name server is operating as a secondary server for another primary (master) DNS server. A stub zone copies only other name server entries, instead of the entire zone. A forward zone directs all queries to name servers specified in a forwarders statement. A hint zone specifies the set of root name servers used by all Internet DNS servers. You can also specify several options that can override any global options set with the options statement. Table 34-4 lists the BIND zone types. The following example shows a simple zone statement for the mytrek.com domain. Its class is Internet (in) and its type is master. The name of its zone file is usually the same as the zone name, in this case, "mytrek.com."

Table 34-4: DNS BIND Zone Types

Type

Description

master

Primary DNS zone

slave

Slave DNS server; controlled by a master DNS server

hint

Set of root DNS Internet servers

forward

Forwards any queries in it to other servers

stub

Like a slave zone, but holds only names of DNS servers

zone "mytrek.com" in {
       type master;
       file "mytrek.com";
       };

Configuration Statements

Other statements, such as acl, server, options, and logging, enable you to configure different features for your name server (see Table 34-5). The server statement defines the characteristics to be associated with a remote name server, such as the transfer method and key ID for transaction security. The control statement defines special control channels. The key statement defines a key ID to be used in a server statement that associates an authentication method with a particular name server (see "DNSSEC" later in this chapter). The logging statement is used to configure logging options for the name server, such as the maximum size of the log file and a severity level for messages. Table 34-5 lists the BIND statements. The sortlists statement lets you specify preferences to be used when a query returns multiple responses. For example, you could give preference to your localhost network or to a private local network such a 192.168.0.0.

Table 34-5: BIND Configuration Statements

Statements

Description

/* comment */

BIND comment in C syntax.

// comment

BIND comment in C++ syntax.

# comment

BIND comment in Unix shell and Perl syntax.

acl

Defines a named IP address matching list.

include

Includes a file, interpreting it as part of the named.conf file.

key

Specifies key information for use in authentication and authorization.

logging

Specifies what the server logs and where the log messages are sent.

options

Global server configuration options and defaults for other statements.

controls

Declares control channels to be used by the ndc utility.

server

Sets certain configuration options for the specified server basis.

sortlists

Gives preference to specified networks according to a queries source.

trusted-keys

Defines DNSSEC keys preconfigured into the server and implicitly trusted.

zone

Defines a zone.

view

Defines a view.

Table 34-6: Zone Options

Options

Description

type

Specifies a zone type.

file

Specifies the zone file for the zone.

directory

Specifies a directory for zone files.

forwarders

Lists hosts for DNS servers where requests are to be forwarded.

masters

Lists hosts for DNS master servers for a slave server.

notify

Allows master servers to notify their slave servers when the master zone data changes and updates are needed.

allow-transfer

Specifies which hosts are allowed to receive zone transfers.

allow-query

Specifies hosts that are allowed to make queries.

allow-recursion

Specifies hosts that are allowed to perform recursive queries on the server.



Previous Section
 < Day Day Up > 
Next Section
This HTML Help has been published using the chm2web software.