rpms / bind

Clone
Source Code
GIT

Blame named.conf

f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 f7 f8 f9 main private-fleite-IT101669-branch private-mruprich-bind-branch private-pemensik-master-P4 rawhide
  1.   f26
  2.   named.conf
Blob History Raw
1287d25 
//
1287d25 
// named.conf
1287d25 
//
1287d25 
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
1287d25 
// server as a caching only nameserver (as a localhost DNS resolver only).
1287d25 
//
1287d25 
// See /usr/share/doc/bind*/sample/ for example named configuration files.
1287d25 
//
1287d25
1287d25 
options {
1287d25 
	listen-on port 53 { 127.0.0.1; };
1287d25 
	listen-on-v6 port 53 { ::1; };
1287d25 
	directory 	"/var/named";
1287d25 
	dump-file 	"/var/named/data/cache_dump.db";
1287d25 
	statistics-file "/var/named/data/named_stats.txt";
1287d25 
	memstatistics-file "/var/named/data/named_mem_stats.txt";
1287d25 
	allow-query     { localhost; };
1287d25
1287d25 
	/*
1287d25 
	 - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
1287d25 
	 - If you are building a RECURSIVE (caching) DNS server, you need to enable
1287d25 
	   recursion.
1287d25 
	 - If your recursive DNS server has a public IP address, you MUST enable access
1287d25 
	   control to limit queries to your legitimate users. Failing to do so will
1287d25 
	   cause your server to become part of large scale DNS amplification
1287d25 
	   attacks. Implementing BCP38 within your network would greatly
1287d25 
	   reduce such attack surface
1287d25 
	*/
1287d25 
	recursion yes;
1287d25
1287d25 
	dnssec-enable yes;
1287d25 
	dnssec-validation yes;
1287d25
1287d25 
	managed-keys-directory "/var/named/dynamic";
1287d25
1287d25 
	pid-file "/run/named/named.pid";
1287d25 
	session-keyfile "/run/named/session.key";
1287d25
1287d25 
	/* https://fedoraproject.org/wiki/Changes/CryptoPolicy */
1287d25 
	include "/etc/crypto-policies/back-ends/bind.config";
1287d25 
};
1287d25
1287d25 
logging {
1287d25 
        channel default_debug {
1287d25 
                file "data/named.run";
1287d25 
                severity dynamic;
1287d25 
        };
1287d25 
};
1287d25
1287d25 
zone "." IN {
1287d25 
	type hint;
1287d25 
	file "named.ca";
1287d25 
};
1287d25
1287d25 
include "/etc/named.rfc1912.zones";
1287d25 
include "/etc/named.root.key";
1287d25
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.