named.conf のオプション
BIND 8 と BIND 9 の named.conf のオプションの違いを次に一覧表示します。変更の簡単な説明も記載しています。「変更」の欄の「変更なし」は、BIND 9 バージョンの named でオプションの機能に変更がないことを表します。
BIND 9 の文
この項では、BIND 8 と BIND 9 の文の相違点について説明します。
Controls 文
unix が ndc のデフォルトであり、引数のすべてがコンパイルされます。inet が rndc の唯一のオプションであり、この場合、何もコンパイルされません。
Syntax
controls {
[ inet ip_addr
port ip_port
allow { address_match_list; }; ] OK
[ unix path_name
perm number
owner number
group number; ] Not Implemented
};
|
ロギング構文は大幅に変更されました。named.conf オプションのリストは、「named.conf のオプション」を参照してください。
Zone 文
BIND 8 の named.conf マニュアルページに示されているゾーン文の構文は、次を除いた大部分が BIND 9 でサポートされます。
[ pubkey number number number string; ] Obsolete [ check-names ( warn | fail | ignore ); ] Not Implemented |
ACL 文
BIND 9 で変更なく機能します。
Syntax
acl name {
address_match_list
};
|
Key 文
BIND 9 で変更なく機能します。
Syntax
key key_id {
algorithm algorithm_id;
secret secret_string;
};
|
Trusted-Keys 文
変更なく機能しますが、この文を使用するコードは BIND 9.2.4 で使われなくなりました。
Syntax
trusted-keys {
[ domain_name flags protocol algorithm key; ]
};
|
Server 文
support-ixfr は廃止されましたが、次のオプションのすべては BIND 9 で変更なく機能します。transfer-format のデフォルトは変更されました。
Syntax
server ip_addr {
[ bogus yes_or_no; ]
[ transfers number; ]
[ transfer-format ( one-answer | many-answers ); ]
[ keys { key_id [ key_id ... ] }; ]
[ edns yes_or_no; ]
};
|
Include 文
BIND 9 で変更なく機能します。
Syntax
include path_name;
|
named.conf のオプションの概要
BIND 9.2.4 には named.conf の詳細なマニュアルページが含まれていません。BIND 9.2.4 でサポートされる named.conf のオプションの概要を次に示します。
options {
blackhole { <address_match_element>; ... };
coresize <size>;
datasize <size>;
deallocate-on-exit <boolean>; // obsolete
directory <quoted_string>;
dump-file <quoted_string>;
fake-iquery <boolean>; // obsolete
files <size>;
has-old-clients <boolean>; // obsolete
heartbeat-interval <integer>;
host-statistics <boolean>; // not implemented
host-statistics-max <integer>; // not implemented
interface-interval <integer>;
listen-on [ port <integer> ] { <address_match_element>; ... };
listen-on-v6 [ port <integer> ] { <address_match_element>; ... };
match-mapped-addresses <boolean>;
memstatistics-file <quoted_string>; // not implemented
multiple-cnames <boolean>; // obsolete
named-xfer <quoted_string>; // obsolete
pid-file <quoted_string>;
port <integer>;
random-device <quoted_string>;
recursive-clients <integer>;
rrset-order { [ class <string> ] [ type <string> ] [ name
<quoted_string> ] <string> <string>; ... }; // not implemented
serial-queries <integer>; // obsolete
serial-query-rate <integer>;
stacksize <size>;
statistics-file <quoted_string>;
statistics-interval <integer>; // not yet implemented
tcp-clients <integer>;
tkey-dhkey <quoted_string> <integer>;
tkey-gssapi-credential <quoted_string>;
tkey-domain <quoted_string>;
transfers-per-ns <integer>;
transfers-in <integer>;
transfers-out <integer>;
treat-cr-as-space <boolean>; // obsolete
use-id-pool <boolean>; // obsolete
use-ixfr <boolean>;
version <quoted_string>;
allow-recursion { <address_match_element>; ... };
allow-v6-synthesis { <address_match_element>; ... };
sortlist { <address_match_element>; ... };
topology { <address_match_element>; ... }; // not implemented
auth-nxdomain <boolean>; // default changed
minimal-responses <boolean>;
recursion <boolean>;
provide-ixfr <boolean>;
request-ixfr <boolean>;
fetch-glue <boolean>; // obsolete
rfc2308-type1 <boolean>; // not yet implemented
additional-from-auth <boolean>;
additional-from-cache <boolean>;
query-source <querysource4>;
query-source-v6 <querysource6>;
cleaning-interval <integer>;
min-roots <integer>; // not implemented
lame-ttl <integer>;
max-ncache-ttl <integer>;
max-cache-ttl <integer>;
transfer-format ( many-answers | one-answer );
max-cache-size <size_no_default>;
check-names <string> <string>; // not implemented
cache-file <quoted_string>;
allow-query { <address_match_element>; ... };
allow-transfer { <address_match_element>; ... };
allow-update-forwarding { <address_match_element>; ... };
allow-notify { <address_match_element>; ... };
notify <notifytype>;
notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
also-notify [ port <integer> ] { ( <ipv4_address> | <ipv6_address>
) [ port <integer> ]; ... };
dialup <dialuptype>;
forward ( first | only );
forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> )
[ port <integer> ]; ... };
maintain-ixfr-base <boolean>; // obsolete
max-ixfr-log-size <size>; // obsolete
transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
max-transfer-time-in <integer>;
max-transfer-time-out <integer>;
max-transfer-idle-in <integer>;
max-transfer-idle-out <integer>;
max-retry-time <integer>;
min-retry-time <integer>;
max-refresh-time <integer>;
min-refresh-time <integer>;
sig-validity-interval <integer>;
zone-statistics <boolean>;
};
controls {
inet ( <ipv4_address> | <ipv6_address> | * ) [ port ( <integer> | *
) ] allow { <address_match_element>; ... } [ keys { <string>; ... } ];
unix <unsupported>; // not implemented
};
acl <string> { <address_match_element>; ... };
logging {
channel <string> {
file <logfile>;
syslog <optional_facility>;
null;
stderr;
severity <logseverity>;
print-time <boolean>;
print-severity <boolean>;
print-category <boolean>;
};
category <string> { <string>; ... };
};
view <string> <optional_class> {
match-clients { <address_match_element>; ... };
match-destinations { <address_match_element>; ... };
match-recursive-only <boolean>;
key <string> {
algorithm <string>;
secret <string>;
};
zone <string> <optional_class> {
type ( master | slave | stub | hint | forward );
allow-update { <address_match_element>; ... };
file <quoted_string>;
ixfr-base <quoted_string>; // obsolete
ixfr-tmp-file <quoted_string>; // obsolete
masters [ port <integer> ] { ( <ipv4_address> |
<ipv6_address> ) [ port <integer> ] [ key <string> ]; ... };
pubkey <integer> <integer> <integer> <quoted_string>; //
obsolete
update-policy { ( grant | deny ) <string> ( name |
subdomain | wildcard | self ) <string> <rrtypelist>; ... };
database <string>;
check-names <string>; // not implemented
allow-query { <address_match_element>; ... };
allow-transfer { <address_match_element>; ... };
allow-update-forwarding { <address_match_element>; ... };
allow-notify { <address_match_element>; ... };
notify <notifytype>;
notify-source ( <ipv4_address> | * ) [ port ( <integer> | *
) ];
notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer>
| * ) ];
also-notify [ port <integer> ] { ( <ipv4_address> |
<ipv6_address> ) [ port <integer> ]; ... };
dialup <dialuptype>;
forward ( first | only );
forwarders [ port <integer> ] { ( <ipv4_address> |
<ipv6_address> ) [ port <integer> ]; ... };
maintain-ixfr-base <boolean>; // obsolete
max-ixfr-log-size <size>; // obsolete
transfer-source ( <ipv4_address> | * ) [ port ( <integer> |
* ) ];
transfer-source-v6 ( <ipv6_address> | * ) [ port (
<integer> | * ) ];
max-transfer-time-in <integer>;
max-transfer-time-out <integer>;
max-transfer-idle-in <integer>;
max-transfer-idle-out <integer>;
max-retry-time <integer>;
min-retry-time <integer>;
max-refresh-time <integer>;
min-refresh-time <integer>;
sig-validity-interval <integer>;
zone-statistics <boolean>;
};
server {
bogus <boolean>;
provide-ixfr <boolean>;
request-ixfr <boolean>;
support-ixfr <boolean>; // obsolete
transfers <integer>;
transfer-format ( many-answers | one-answer );
keys <server_key>;
edns <boolean>;
};
trusted-keys { <string> <integer> <integer> <integer>
<quoted_string>; ... };
allow-recursion { <address_match_element>; ... };
allow-v6-synthesis { <address_match_element>; ... };
sortlist { <address_match_element>; ... };
topology { <address_match_element>; ... }; // not implemented
auth-nxdomain <boolean>; // default changed
minimal-responses <boolean>;
recursion <boolean>;
provide-ixfr <boolean>;
request-ixfr <boolean>;
fetch-glue <boolean>; // obsolete
rfc2308-type1 <boolean>; // not yet implemented
additional-from-auth <boolean>;
additional-from-cache <boolean>;
query-source <querysource4>;
query-source-v6 <querysource6>;
cleaning-interval <integer>;
min-roots <integer>; // not implemented
lame-ttl <integer>;
max-ncache-ttl <integer>;
max-cache-ttl <integer>;
transfer-format ( many-answers | one-answer );
max-cache-size <size_no_default>;
check-names <string> <string>; // not implemented
cache-file <quoted_string>;
allow-query { <address_match_element>; ... };
allow-transfer { <address_match_element>; ... };
allow-update-forwarding { <address_match_element>; ... };
allow-notify { <address_match_element>; ... };
notify <notifytype>;
notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
also-notify [ port <integer> ] { ( <ipv4_address> | <ipv6_address>
) [ port <integer> ]; ... };
dialup <dialuptype>;
forward ( first | only );
forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> )
[ port <integer> ]; ... };
maintain-ixfr-base <boolean>; // obsolete
max-ixfr-log-size <size>; // obsolete
transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
max-transfer-time-in <integer>;
max-transfer-time-out <integer>;
max-transfer-idle-in <integer>;
max-transfer-idle-out <integer>;
max-retry-time <integer>;
min-retry-time <integer>;
max-refresh-time <integer>;
min-refresh-time <integer>;
sig-validity-interval <integer>;
zone-statistics <boolean>;
};
lwres {
listen-on [ port <integer> ] { ( <ipv4_address> | <ipv6_address> )
[ port <integer> ]; ... };
view <string> <optional_class>;
search { <string>; ... };
ndots <integer>;
};
key <string> {
algorithm <string>;
secret <string>;
};
zone <string> <optional_class> {
type ( master | slave | stub | hint | forward );
allow-update { <address_match_element>; ... };
file <quoted_string>;
ixfr-base <quoted_string>; // obsolete
ixfr-tmp-file <quoted_string>; // obsolete
masters [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) [
port <integer> ] [ key <string> ]; ... };
pubkey <integer> <integer> <integer> <quoted_string>; // obsolete
update-policy { ( grant | deny ) <string> ( name | subdomain |
wildcard | self ) <string> <rrtypelist>; ... };
database <string>;
check-names <string>; // not implemented
allow-query { <address_match_element>; ... };
allow-transfer { <address_match_element>; ... };
allow-update-forwarding { <address_match_element>; ... };
allow-notify { <address_match_element>; ... };
notify <notifytype>;
notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
also-notify [ port <integer> ] { ( <ipv4_address> | <ipv6_address>
) [ port <integer> ]; ... };
dialup <dialuptype>;
forward ( first | only );
forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> )
[ port <integer> ]; ... };
maintain-ixfr-base <boolean>; // obsolete
max-ixfr-log-size <size>; // obsolete
transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
max-transfer-time-in <integer>;
max-transfer-time-out <integer>;
max-transfer-idle-in <integer>;
max-transfer-idle-out <integer>;
max-retry-time <integer>;
min-retry-time <integer>;
max-refresh-time <integer>;
min-refresh-time <integer>;
sig-validity-interval <integer>;
zone-statistics <boolean>;
};
server {
bogus <boolean>;
provide-ixfr <boolean>;
request-ixfr <boolean>;
support-ixfr <boolean>; // obsolete
transfers <integer>;
transfer-format ( many-answers | one-answer );
keys <server_key>;
edns <boolean>;
};
trusted-keys { <string> <integer> <integer> <integer> <quoted_string>; ... };
|
- © 2010, Oracle Corporation and/or its affiliates