diff options
Diffstat (limited to 'named.conf.options')
-rw-r--r-- | named.conf.options | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/named.conf.options b/named.conf.options new file mode 100644 index 0000000..e11203a --- /dev/null +++ b/named.conf.options @@ -0,0 +1,47 @@ +options { + directory "/var/cache/bind"; + + managed-keys-directory "/var/cache/bind"; + dump-file "/var/cache/bind/cache_dump.db"; + statistics-file "/var/cache/bind/bind_stats.txt"; + memstatistics-file "/var/cache/bind/bind_mem_stats.txt"; + + // If there is a firewall between you and nameservers you want + // to talk to, you may need to fix the firewall to allow multiple + // ports to talk. See http://www.kb.cert.org/vuls/id/800113 + + // If your ISP provided one or more IP addresses for stable + // nameservers, you probably want to use them as forwarders. + // Uncomment the following block, and insert the addresses replacing + // the all-0's placeholder. + + // forwarders { + // 0.0.0.0; + // }; + + //======================================================================== + // If BIND logs error messages about the root key being expired, + // you will need to update your keys. See https://www.isc.org/bind-keys + //======================================================================== + dnssec-enable yes; + dnssec-validation auto; + + listen-on { any; }; + listen-on-v6 { any; }; + + version none; + + auth-nxdomain no; + + recursive-clients 4096; + + querylog yes; + + allow-update { none; }; + allow-transfer { none; }; + + //allow-query { all; }; + allow-query-cache { internals; } ; + allow-recursion { internals; }; +}; + |