JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
man pages section 4: File Formats     Oracle Solaris 10 8/11 Information Library
search filter icon
search icon

Document Information

Preface

Introduction

File Formats

addresses(4)

admin(4)

alias(4)

aliases(4)

a.out(4)

asetenv(4)

asetmasters(4)

au(4)

audit_class(4)

audit_control(4)

audit_data(4)

audit_event(4)

audit.log(4)

audit_user(4)

auth_attr(4)

autofs(4)

bart_manifest(4)

bart_rules(4)

bootparams(4)

cardbus(4)

cdtoc(4)

cklist.high(4)

cklist.low(4)

cklist.med(4)

clustertoc(4)

compver(4)

contents(4)

contract(4)

copyright(4)

core(4)

crypt.conf(4)

crypto_certs(4)

dacf.conf(4)

dat.conf(4)

defaultdomain(4)

default_fs(4)

defaultrouter(4)

depend(4)

device_allocate(4)

device_maps(4)

devices(4)

devid_cache(4)

dfstab(4)

dhcp_inittab(4)

dhcp_network(4)

dhcpsvc.conf(4)

dhcptab(4)

dialups(4)

dir(4)

dir_ufs(4)

d_passwd(4)

driver.conf(4)

dumpdates(4)

environ(4)

ethers(4)

exec_attr(4)

fbtab(4)

fd(4)

flash_archive(4)

format.dat(4)

forward(4)

fs(4)

fspec(4)

fstypes(4)

ftp(4)

ftpaccess(4)

ftpconversions(4)

ftpgroups(4)

ftphosts(4)

ftpservers(4)

ftpusers(4)

fx_dptbl(4)

gateways(4)

geniconvtbl(4)

group(4)

gsscred.conf(4)

hba.conf(4)

holidays(4)

hosts(4)

hosts.equiv(4)

ib(4)

idnkit.pc(4)

ike.config(4)

ike.preshared(4)

inetd.conf(4)

inet_type(4)

init.d(4)

inittab(4)

ipaddrsel.conf(4)

ipf(4)

ipf.conf(4)

ipnat(4)

ipnat.conf(4)

ipnodes(4)

ippool(4)

ippool.conf(4)

isa(4)

issue(4)

kadm5.acl(4)

kdc.conf(4)

keytables(4)

krb5.conf(4)

label_encodings(4)

ldapfilter.conf(4)

ldapsearchprefs.conf(4)

ldaptemplates.conf(4)

llc2(4)

logadm.conf(4)

logindevperm(4)

loginlog(4)

lutab(4)

magic(4)

md.cf(4)

mddb.cf(4)

mdi_ib_cache(4)

mdi_scsi_vhci_cache(4)

md.tab(4)

mech(4)

meddb(4)

mipagent.conf(4)

mnttab(4)

mod_ipp(4)

mpapi.conf(4)

named.conf(4)

ncad_addr(4)

nca.if(4)

ncakmod.conf(4)

ncalogd.conf(4)

ncaport.conf(4)

ndpd.conf(4)

netconfig(4)

netgroup(4)

netid(4)

netmasks(4)

netrc(4)

networks(4)

nfs(4)

nfslog.conf(4)

nfssec.conf(4)

nisfiles(4)

NIS+LDAPmapping(4)

NISLDAPmapping(4)

nodename(4)

nologin(4)

note(4)

notrouter(4)

nscd.conf(4)

nss(4)

nsswitch.conf(4)

order(4)

ott(4)

packagetoc(4)

packingrules(4)

pam.conf(4)

passwd(4)

pathalias(4)

path_to_inst(4)

pci(4)

pcie(4)

pdo.conf(4)

phones(4)

pkginfo(4)

pkgmap(4)

platform(4)

plot(4B)

policy.conf(4)

power.conf(4)

pref(4)

printers(4)

printers.conf(4)

priv_names(4)

proc(4)

process(4)

prof_attr(4)

profile(4)

project(4)

protocols(4)

prototype(4)

pseudo(4)

publickey(4)

qop(4)

queuedefs(4)

rcmscript(4)

registration_profile(4)

remote(4)

resolv.conf(4)

rhosts(4)

rmmount.conf(4)

rmtab(4)

rndc.conf(4)

rpc(4)

rpc.nisd(4)

rpld.conf(4)

rt_dptbl(4)

sasl_appname.conf(4)

sbus(4)

sccsfile(4)

scsi(4)

securenets(4)

sel_config(4)

sendmail(4)

sendmail.cf(4)

service_bundle(4)

service_provider.conf(4)

services(4)

shadow(4)

sharetab(4)

shells(4)

slp.conf(4)

slpd.reg(4)

snapshot_cache(4)

snmp.conf(4)

snmp_config(4)

snmpd.conf(4)

snmptrapd.conf(4)

snmp_variables(4)

sock2path(4)

space(4)

ssh_config(4)

sshd_config(4)

submit.cf(4)

sulog(4)

synclist(4)

sysbus(4)

sysidcfg(4)

syslog.conf(4)

system(4)

telnetrc(4)

term(4)

terminfo(4)

TIMEZONE(4)

timezone(4)

tnf_kernel_probes(4)

TrustedExtensionsPolicy(4)

ts_dptbl(4)

ttydefs(4)

ttysrch(4)

tune.high(4)

tune.low(4)

tune.med(4)

ufsdump(4)

uid_aliases(4)

updaters(4)

user_attr(4)

utmp(4)

utmpx(4)

variables(4)

vfstab(4)

vold.conf(4)

volume-config(4)

volume-defaults(4)

volume-request(4)

wanboot.conf(4)

warn.conf(4)

wtmp(4)

wtmpx(4)

xferlog(4)

ypfiles(4)

yppasswdd(4)

ypserv(4)

zoneinfo(4)

named.conf

- configuration file for named

Synopsis

named.conf

Description

named.conf is the configuration file for named(1M). Statements are enclosed in braces and terminated with a semicolon. Clauses in the statements are also terminated with a semicolon. The usual comment styles are supported:

C style

/* */

C++ style

// to end of line

Unix style

# to end of line

ACL

acl string { address_match_element; ... };

Key

key domain_name {
    algorithm string;
    secret string;
};

Masters

masters string [ port integer ] {
     ( masters | ipv4_address [port integer] |
     ipv6_address [port integer] ) [ key string ]; ...
};

Server

server ( ipv4_address[/prefixlen] | ipv6_address[/prefixlen] ) {
     bogus boolean;
     edns boolean;
     edns-udp-size integer;
     max-udp-size integer;
     provide-ixfr boolean;
     request-ixfr boolean;
     keys server_key;
     transfers integer;
     transfer-format ( many-answers | one-answer );
     transfer-source ( ipv4_address | * )
          [ port ( integer | * ) ];
     transfer-source-v6 ( ipv6_address | * )
          [ port ( integer | * ) ];
     support-ixfr boolean; // obsolete
}.

Trusted-Keys

trusted-keys {
     domain_name flags protocol algorithm key; ...
};

Controls

controls {
     inet ( ipv4_address | ipv6_address | * )
          [ port ( integer | * ) ]
          allow { address_match_element; ... }
          [ keys { string; ... } ];
     unix unsupported; // not implemented
}

Logging

logging {
      channel string {
          file log_file;
          syslog optional_facility;
          null;
          stderr;
          severity log_severity;
          print-time boolean;
          print-severity boolean;
          print-category boolean;
     };
     category string { string; ... };
};

LWRES

lwres {
     listen-on [ port integer ] {
          ( ipv4_address | ipv6_address ) [ port integer ]; ...
     };
     view 
string optional_class;
     search { string; ... };
     ndots integer;
};

Options

options {
     avoid-v4-udp-ports { port; ... };
     avoid-v6-udp-ports { port; ... };
     blackhole { address_match_element; ... };
     coresize size;
     datasize size;
     directory quoted_string;
     dump-file quoted_string;
     files size;
     heartbeat-interval integer;
     host-statistics boolean; // not implemented
     host-statistics-max number; // not implemented
     hostname ( quoted_string | none );
     interface-interval integer;
     listen-on [ port integer ] \
        { address_match_element; ... };
     listen-on-v6 [ port integer ] \
        { address_match_element; ... };
     match-mapped-addresses boolean;
     memstatistics-file quoted_string;
     pid-file ( quoted_string | none );
     port integer;
     querylog boolean;
     recursing-file quoted_string;
     reserved-sockets integer;
     random-device quoted_string;
     recursive-clients integer;
     serial-query-rate integer;
     server-id ( quoted_string | none |;
     stacksize size;
     statistics-file quoted_string;
     statistics-interval integer; \
        // not yet implemented
     tcp-clients integer;
     tcp-listen-queue integer;
     tkey-dhkey quoted_string integer;
     tkey-gssapi-credential quoted_string;
     tkey-domain quoted_string;
     transfers-per-ns integer;
     transfers-in integer;
     transfers-out integer;
     use-ixfr boolean;
     version ( quoted_string | none );
     allow-recursion { address_match_element; ... };
     allow-recursion-on { address_match_element; ... };
     sortlist { address_match_element; ... };
     topology { address_match_element; ... }; \
        // not implemented
     auth-nxdomain boolean; // default changed
     minimal-responses boolean;
     recursion boolean;
     rrset-order {
          [ class string ] [ type string ]
          [ name quoted_string ] string string; ...
     };
     provide-ixfr boolean;
     request-ixfr boolean;
     rfc2308-type1 boolean; // not yet implemented
     additional-from-auth boolean;
     additional-from-cache boolean;
     query-source ( ( ipv4_address | * ) | \
        [ address ( ipv4_address | * ) ] ) \
        [ port ( integer | * ) ];
     query-source-v6 ( ( ipv6_address | * ) | \
        [ address ( ipv6_address | * ) ] ) \
        [ port ( integer | * ) ];
     use-queryport-pool boolean;
     queryport-pool-ports integer;
     queryport-pool-updateinterval integer;
     cleaning-interval integer;
     min-roots integer; // not implemented
     lame-ttl integer;
     max-ncache-ttl integer;
     max-cache-ttl integer;
     transfer-format ( many-answers | one-answer );
     max-cache-size size;
     max-acache-size size;
     clients-per-query number;
     max-clients-per-query number;
     check-names ( master | slave | response )\
           ( fail | warn | ignore );
     check-mx ( fail | warn | ignore );
     check-integrity boolean;
     check-mx-cname ( fail | warn | ignore );
     check-srv-cname ( fail | warn | ignore );
     cache-file quoted_string; // test option
     suppress-initial-notify boolean; \
        // not yet implemented
     preferred-glue string;
     dual-stack-servers [ port integer ] {
          ( quoted_string [port integer] |
          ipv4_address [port integer] |
          ipv6_address [port integer] ); ...
     };
     edns-udp-size integer;
     max-udp-size integer;
     root-delegation-only [ exclude 
        { quoted_string; ... } ];
     disable-algorithms string { string; ... };
     dnssec-enable boolean;
     dnssec-validation boolean;
     dnssec-lookaside string trust-anchor string;
     dnssec-must-be-secure string boolean;
     dnssec-accept-expired boolean;
     empty-server string;
     empty-contact string;
     empty-zones-enable boolean;
     disable-empty-zone string;
     dialup dialuptype;
     ixfr-from-differences ixfrdiff;
     allow-query { address_match_element; \
        ... };
     allow-query-on { address_match_element; \
        ... };
     allow-query-cache { address_match_element; \
        ... };
     allow-query-cache-on { address_match_element; \
        ... };
     allow-transfer { address_match_element; \
        ... };
     allow-update { address_match_element; \
        ... };
     allow-update-forwarding { address_match_element; \
        ... };
     update-check-ksk boolean;
     masterfile-format ( text | raw );
     notify notifytype;
     notify-source ( ipv4_address | * ) \
        [ port ( integer | * ) ];
     notify-source-v6 ( ipv6_address | * ) 
        [ port ( integer | * ) ];
     notify-delay seconds;
     notify-to-soa boolean;
     also-notify [ port integer ] \
        { ( ipv4_address | ipv6_address \)
        [port integer ]; ... };
     allow-notify { address_match_element; ... };
     forward ( first | only );
     forwarders [ port integer ] {
          ( ipv4_address | ipv6_address ) [ port integer ]; ...
     };
     max-journal-size size_no_default;
     max-transfer-time-in integer;
     max-transfer-time-out integer;
     max-transfer-idle-in integer;
     max-transfer-idle-out integer;
     max-retry-time integer;
     min-retry-time integer;
     max-refresh-time integer;
     min-refresh-time integer;
     multi-master boolean;
     sig-validity-interval integer;
     sig-re-signing-interval integer;
     sig-signing-nodes integer;
     sig-signing-signatures integer;
     sig-signing-type integer;
     transfer-source ( ipv4_address | * )\
          [ port ( integer | * ) ];
     transfer-source-v6 ( ipv6_address | * )\
          [ port ( integer | * ) ];
     alt-transfer-source ( ipv4_address | * )\
          [ port ( integer | * ) ];
     alt-transfer-source-v6 ( ipv6_address | * )\
          [ port ( integer | * ) ];
     use-alt-transfer-source boolean;
     zone-statistics boolean;
     key-directory quoted_string;
     try-tcp-refresh boolean;
     zero-no-soa-ttl boolean;
     zero-no-soa-ttl-cache boolean;
     nsec3-test-zone boolean;  // testing only
     allow-v6-synthesis { address_match_element; ... }; \
        // obsolete
     deallocate-on-exit boolean; // obsolete
     fake-iquery boolean; // obsolete
     fetch-glue boolean; // obsolete
     has-old-clients boolean; // obsolete
     maintain-ixfr-base boolean; // obsolete
     max-ixfr-log-size size; // obsolete
     multiple-cnames boolean; // obsolete
     named-xfer quoted_string; // obsolete
     serial-queries integer; // obsolete
     treat-cr-as-space boolean; // obsolete
     use-id-pool boolean; // obsolete
};

View

view string optional_class {
     match-clients { address_match_element; ... };
     match-destinations { address_match_element; ... };
     match-recursive-only boolean;
     key string {
          algorithm string;
          secret string;
              };
     zone string optional_class {
          ...
     };
     server ( ipv4_address[/prefixlen] | ipv6_address[/prefixlen]) {
         ...
     };
     trusted-keys {
          string integer integer integer quoted_string; ...
     };
     allow-recursion { address_match_element; ... };
     allow-recursion-on { address_match_element; ... };
     sortlist { address_match_element; ... };
     topology { address_match_element; ... }; // not implemented
     auth-nxdomain boolean; // default changed
     minimal-responses boolean;
     recursion boolean;
     rrset-order {
          [ class string ] [ type string ]
          [ name quoted_string ] string string; ...
     };
     provide-ixfr boolean;
     request-ixfr boolean;
     rfc2308-type1 boolean; // not yet implemented
     additional-from-auth boolean;
     additional-from-cache boolean;
     query-source ( ( ipv4_address | * ) | [ address \
        ( ipv4_address | * ) ] ) [ port ( integer | * ) ];
     query-source-v6 ( ( ipv6_address | * ) | [ address \
        ( ipv6_address | * ) ] ) [ port ( integer | * ) ];
     use-queryport-pool boolean;
     queryport-pool-ports integer;
     queryport-pool-updateinterval integer;
     cleaning-interval integer;
     min-roots integer; // not implemented
     lame-ttl integer;
     max-ncache-ttl integer;
     max-cache-ttl integer;
     transfer-format ( many-answers | one-answer );
     max-cache-size size;
     max-acache-size size;
     clients-per-query number;
     max-clients-per-query number;
     check-names ( master | slave | response )\
          ( fail | warn | ignore );
     check-mx ( fail | warn | ignore );
     check-integrity boolean;
     check-mx-cname ( fail | warn | ignore );
     check-srv-cname ( fail | warn | ignore );
     cache-file quoted_string; // test option
     suppress-initial-notify boolean; // not yet implemented
     preferred-glue string;
     dual-stack-servers [ port integer ] {
          ( quoted_string [port integer] |
          ipv4_address [port integer] |
          ipv6_address [port integer] ); ...
     };
     edns-udp-size integer;
     max-udp-size integer;
     root-delegation-only [ exclude { quoted_string; ... } ];
     disable-algorithms string { string; ... };
     dnssec-enable boolean;
     dnssec-validation boolean;
     dnssec-lookaside string trust-anchor string;
     dnssec-must-be-secure string boolean;
     dnssec-accept-expired boolean;
     empty-server string;
     empty-contact string;
     empty-zones-enable boolean;
     disable-empty-zone string;
     dialup dialuptype;
     ixfr-from-differences ixfrdiff;
     allow-query { address_match_element; ... };
     allow-query-on { address_match_element; ... };
     allow-query-cache { 
address_match_element; ... };
     allow-query-cache-on { address_match_element; ... };
     allow-transfer { address_match_element; ... };
     allow-update { address_match_element; ... };
     allow-update-forwarding { address_match_element; ... };
     update-check-ksk boolean;
     masterfile-format ( text | raw );
     notify notifytype;
     notify-source ( ipv4_address | * ) \
         [ port ( integer | * ) ];
     notify-source-v6 ( ipv6_address | * ) \
         [ port ( integer | * ) ];
     notify-delay seconds;
     notify-to-soa boolean;
     also-notify [ port integer ] { ( ipv4_address | \
         ipv6_address ) [ port integer ]; ... };
     allow-notify { address_match_element; ... };
     forward ( first | only );
     forwarders [ port integer ] \{
        ( ipv4_address | ipv6_address ) \
        [ port integer ]; ...
     };
     max-journal-size size_no_default;
     max-transfer-time-in integer;
     max-transfer-time-out integer;
     max-transfer-idle-in integer;
     max-transfer-idle-out integer;
     max-retry-time integer;
     min-retry-time integer;
     max-refresh-time integer;
     min-refresh-time integer;
     multi-master boolean;
     sig-validity-interval integer;
     transfer-source ( ipv4_address | * )\
          [ port ( integer | * ) ];
     transfer-source-v6 ( ipv6_address | * )\
          [ port ( integer | * ) ];
     alt-transfer-source ( ipv4_address | * )\
          [ port ( integer | * ) ];
     alt-transfer-source-v6 ( ipv6_address | * )\
          [ port ( integer | * ) ];
     use-alt-transfer-source boolean;
     zone-statistics boolean;
     try-tcp-refresh boolean;
     key-directory quoted_string;
     zero-no-soa-ttl boolean;
     zero-no-soa-ttl-cache boolean;
     allow-v6-synthesis { address_match_element; ... };\
        // obsolete
     fetch-glue boolean; // obsolete
     maintain-ixfr-base boolean; // obsolete
     max-ixfr-log-size size; // obsolete
};

Zone

zonestring optional_class {
     type ( master | slave | stub | hint |
          forward | delegation-only );
     file quoted_string;
     masters [ port integer ] \{
          ( masters |
          ipv4_address [port integer] |
          ipv6_address [ port integer ] ) [ key string ]; ...
     };
     database string;
     delegation-only boolean;
     check-names ( fail | warn | ignore );
     check-mx ( fail | warn | ignore );
     check-integrity boolean;
     check-mx-cname ( fail | warn | ignore );
     check-srv-cname ( fail | warn | ignore );
     dialup dialuptype;
     ixfr-from-differences boolean;
     journal quoted_string;
     zero-no-soa-ttl boolean;
     allow-query { address_match_element; ... };
     allow-query-on { address_match_element; ... };
     allow-transfer { address_match_element; ... };
     allow-update { address_match_element; ... };
     allow-update-forwarding { address_match_element; ... };
     update-policy {
          ( grant | deny ) string
          ( name | subdomain | wildcard | self | selfsub | 
            selfwild |krb5-self | ms-self | krb5-subdomain | 
            ms-subdomain | tcp-self | 6to4-self ) string
            rrtypelist; ...
     };
     update-check-ksk boolean;
     masterfile-format ( text | raw );
     notify notifytype;
     notify-source ( ipv4_address | * ) [ port ( integer | * ) ];
     notify-source-v6 ( ipv6_address | * ) [ port ( integer | * ) ];
     notify-delay seconds;
     notify-to-soa boolean;
     also-notify [ port integer ] { ( ipv4_address | ipv6_address )
          [ port integer ]; ... };
     allow-notify { address_match_element; ... };
     forward ( first | only );
     forwarders [ port integer ] {
          ( ipv4_address | ipv6_address ) [ port integer ]; ...
     };
     max-journal-size size_no_default;
     max-transfer-time-in integer;
     max-transfer-time-out integer;
     max-transfer-idle-in integer;
     max-transfer-idle-out integer;
     max-retry-time integer;
     min-retry-time integer;
     max-refresh-time integer;
     min-refresh-time integer;
     multi-master boolean;
     sig-validity-interval integer;
     transfer-source ( ipv4_address | * )
          [ port ( integer | * ) ];
     transfer-source-v6 ( ipv6_address | * )
          [ port ( integer | * ) ];
     alt-transfer-source ( ipv4_address | * )
          [ port ( integer | * ) ];
     alt-transfer-source-v6 ( ipv6_address | * )
          [ port ( integer | * ) ];
     use-alt-transfer-source boolean;
     zone-statistics boolean;
     try-tcp-refresh boolean;
     key-directory quoted_string;
     nsec3-test-zone boolean;  // testing only
     ixfr-base quoted_string; // obsolete
     ixfr-tmp-file quoted_string; // obsolete
     maintain-ixfr-base boolean; // obsolete
     max-ixfr-log-size size; // obsolete
     pubkey integer integer integer quoted_string; // obsolete
   };  

See Also

named(1M), named-checkconf(1M), rndc(1M)

BIND 9 Administrator Reference Manual