System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP)

Statements in BIND 9

This section describes any differences between BIND 8 and BIND 9 statements.

The Controls Statement

unix is the default for ndc and all of the arguments are compiled in. inet is the only option for rndc and nothing is compiled in.

     controls {
       [ inet ip_addr
         port ip_port
         allow { address_match_list; }; ]	OK
       [ unix path_name
         perm number
         owner number
         group number; ]			Not Implemented

Logging syntax has changed significantly. See The named.conf Options for a list of named.conf options.

The Zone Statement

The syntax for the zone statement in the BIND 8 named.conf man page is.mostly supported for BIND 9 except for the following:

  [ pubkey number number number string; ]	Obsolete
  [ check-names ( warn | fail | ignore ); ]	Not Implemented

The ACL Statement

Works unchanged in BIND 9.

     acl name {

The Key Statement

Works unchanged in BIND 9.

     key key_id {
       algorithm algorithm_id;
       secret secret_string;

The Trusted-Keys Statement

Works unchanged, however the code to use this statement has been turned off in BIND 9.2.4.

     trusted-keys {
       [ domain_name flags protocol algorithm key; ]

The Server Statement

support-ixfr is obsolete, however all of the following options work unchanged in BIND 9. Note the default for transfer-format has changed.

     server ip_addr {
       [ bogus yes_or_no; ]
       [ transfers number; ]
       [ transfer-format ( one-answer | many-answers ); ]
       [ keys { key_id [ key_id ... ] }; ]
       [ edns yes_or_no; ]

The Include Statement

Works unchanged in BIND 9.

     include path_name;