Tree - rpms/bind - src.fedoraproject.org

rpms / bind

Blame named.conf

Blob History Raw

		5d8eb8c	`//`
		5d8eb8c	`// named.conf`
		5d8eb8c	`//`
		5d8eb8c	`// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS`
		5d8eb8c	`// server as a caching only nameserver (as a localhost DNS resolver only).`
		5d8eb8c	`//`
		5d8eb8c	`// See /usr/share/doc/bind*/sample/ for example named configuration files.`
		5d8eb8c	`//`
		5d8eb8c
		5d8eb8c	`options {`
		5d8eb8c	`listen-on port 53 { 127.0.0.1; };`
		5d8eb8c	`listen-on-v6 port 53 { ::1; };`
		5d8eb8c	`directory "/var/named";`
		5d8eb8c	`dump-file "/var/named/data/cache_dump.db";`
		5d8eb8c	`statistics-file "/var/named/data/named_stats.txt";`
		5d8eb8c	`memstatistics-file "/var/named/data/named_mem_stats.txt";`
		0b15f32	`secroots-file "/var/named/data/named.secroots";`
		0b15f32	`recursing-file "/var/named/data/named.recursing";`
		5d8eb8c	`allow-query { localhost; };`
		5d8eb8c
		5d8eb8c	`/*`
		5d8eb8c	`- If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.`
		5d8eb8c	`- If you are building a RECURSIVE (caching) DNS server, you need to enable`
		5d8eb8c	`recursion.`
		5d8eb8c	`- If your recursive DNS server has a public IP address, you MUST enable access`
		5d8eb8c	`control to limit queries to your legitimate users. Failing to do so will`
		5d8eb8c	`cause your server to become part of large scale DNS amplification`
		5d8eb8c	`attacks. Implementing BCP38 within your network would greatly`
		5d8eb8c	`reduce such attack surface`
		5d8eb8c	`*/`
		5d8eb8c	`recursion yes;`
		5d8eb8c
		5d8eb8c	`dnssec-enable yes;`
		5d8eb8c	`dnssec-validation yes;`
		5d8eb8c
		5d8eb8c	`managed-keys-directory "/var/named/dynamic";`
		63bb1cf	`geoip-directory "/usr/share/GeoIP";`
		5d8eb8c
		5d8eb8c	`pid-file "/run/named/named.pid";`
		5d8eb8c	`session-keyfile "/run/named/session.key";`
		5d8eb8c
		5d8eb8c	`/* https://fedoraproject.org/wiki/Changes/CryptoPolicy */`
		5d8eb8c	`include "/etc/crypto-policies/back-ends/bind.config";`
		5d8eb8c	`};`
		5d8eb8c
		5d8eb8c	`logging {`
		5d8eb8c	`channel default_debug {`
		5d8eb8c	`file "data/named.run";`
		5d8eb8c	`severity dynamic;`
		5d8eb8c	`};`
		5d8eb8c	`};`
		5d8eb8c
		5d8eb8c	`zone "." IN {`
		5d8eb8c	`type hint;`
		5d8eb8c	`file "named.ca";`
		5d8eb8c	`};`
		5d8eb8c
		5d8eb8c	`include "/etc/named.rfc1912.zones";`
		5d8eb8c	`include "/etc/named.root.key";`
		5d8eb8c

rpms / bind

Source Code

Blame named.conf