ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
Files
3f95f4ffbb516ae19d742cf9d81f745bb282f28d
bind9/bin/tests/system/checkconf/good.conf
Evan Hunt eaac2057c7 option to disable validation under specified names 
- added new 'validate-except' option, which configures an NTA with
  expiry of 0xffffffff.  NTAs with that value in the expiry field do not
  expire, are are not written out when saving the NTA table and are not
  dumped by rndc secroots
2018-08-14 13:28:02 -07:00

171 lines
2.8 KiB
Plaintext
Raw Blame History

/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
/*
* This is just a random selection of configuration options.
*/
/* cut here */
options {
avoid-v4-udp-ports {
100;
};
avoid-v6-udp-ports {
100;
};
blackhole {
10.0.0.0/8;
};
coresize 1073741824;
datasize 104857600;
deallocate-on-exit yes;
directory ".";
dscp 41;
dump-file "named_dumpdb";
fake-iquery yes;
files 1000;
has-old-clients no;
heartbeat-interval 30;
host-statistics yes;
host-statistics-max 100;
hostname none;
interface-interval 30;
keep-response-order {
10.0.10.0/24;
};
listen-on port 90 {
"any";
};
listen-on port 100 dscp 33 {
127.0.0.1/32;
};
listen-on-v6 port 53 dscp 57 {
"none";
};
match-mapped-addresses yes;
memstatistics-file "named.memstats";
multiple-cnames no;
named-xfer "this is no longer needed";
pid-file none;
port 5300;
querylog yes;
recursing-file "named.recursing";
recursive-clients 3000;
serial-queries 10;
serial-query-rate 100;
server-id none;
max-cache-size 20000000000000;
nta-lifetime 604800;
nta-recheck 604800;
validate-except {
"corp";
};
transfer-source 0.0.0.0 dscp 63;
zone-statistics none;
};
view "first" {
match-clients {
"none";
};
zone "example1" {
type master;
file "xxx";
update-policy local;
notify-source 10.10.10.10 port 53 dscp 55;
};
zone "clone" {
type master;
file "yyy";
};
dnssec-validation auto;
zone-statistics terse;
};
view "second" {
match-clients {
"any";
};
zone "example1" {
type master;
file "zzz";
update-policy local;
zone-statistics yes;
};
zone "example2" {
type static-stub;
forward only;
forwarders {
10.53.0.4;
};
zone-statistics no;
};
zone "clone" {
in-view "first";
};
zone "." {
type redirect;
masters {
1.2.3.4;
};
};
dnssec-lookaside "." trust-anchor "example.org.";
dnssec-validation auto;
zone-statistics full;
};
view "third" {
match-clients {
"none";
};
zone "clone" {
in-view "first";
forward only;
forwarders {
10.0.0.100;
};
};
zone "dnssec" {
type master;
file "file";
auto-dnssec maintain;
};
zone "p" {
type primary;
file "pfile";
};
zone "s" {
type secondary;
masters {
1.2.3.4;
};
};
allow-update {
"any";
};
};
view "chaos" chaos {
zone "hostname.bind" chaos {
type master;
database "_builtin hostname";
};
};
dyndb "name" "library.so" {
this;
\};
is a {
"test" { \{ of; the; };
} bracketed;
"text \"";
system;
};
key "mykey" {
algorithm "hmac-md5";
secret "qwertyuiopasdfgh";
};
View Git Blame Copy Permalink