Statements in BIND 9

This section describes any differences between BIND 8 and BIND 9 statements.

The Controls Statement

unix is the default for ndc and all of the arguments are compiled in. inet is the only option for rndc and nothing is compiled in.

  Syntax
     controls {
       [ inet ip_addr
         port ip_port
         allow { address_match_list; }; ]	OK
       [ unix path_name
         perm number
         owner number
         group number; ]			Not Implemented
     };

Logging syntax has changed significantly. See The named.conf Options for a list of named.conf options.

The Zone Statement

The syntax for the zone statement in the BIND 8 named.conf man page is.mostly supported for BIND 9 except for the following:

  [ pubkey number number number string; ]	Obsolete
  [ check-names ( warn | fail | ignore ); ]	Not Implemented

The ACL Statement

Works unchanged in BIND 9.

  Syntax
     acl name {
       address_match_list
     };

The Key Statement

Works unchanged in BIND 9.

  Syntax
     key key_id {
       algorithm algorithm_id;
       secret secret_string;
     };

The Trusted-Keys Statement

Works unchanged, however the code to use this statement has been turned off in BIND 9.2.4.

  Syntax
     trusted-keys {
       [ domain_name flags protocol algorithm key; ]
     };

The Server Statement

support-ixfr is obsolete, however all of the following options work unchanged in BIND 9. Note the default for transfer-format has changed.

  Syntax
     server ip_addr {
       [ bogus yes_or_no; ]
       [ transfers number; ]
       [ transfer-format ( one-answer | many-answers ); ]
       [ keys { key_id [ key_id ... ] }; ]
       [ edns yes_or_no; ]
     };

The Include Statement

Works unchanged in BIND 9.

  Syntax
     include path_name;