Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 593716 Details for
Bug 698416
net-dns/bind-9.14.7: unable to start via init script
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
named.conf contents
named.conf (text/plain), 3.93 KB, created by
anrock623
on 2019-10-23 19:37:40 UTC
(
hide
)
Description:
named.conf contents
Filename:
MIME Type:
Creator:
anrock623
Created:
2019-10-23 19:37:40 UTC
Size:
3.93 KB
patch
obsolete
>/* > * Refer to the named.conf(5) and named(8) man pages, and the documentation > * in /usr/share/doc/bind-* for more details. > * Online versions of the documentation can be found here: > * https://kb.isc.org/article/AA-01031 > * > * If you are going to set up an authoritative server, make sure you > * understand the hairy details of how DNS works. Even with simple mistakes, > * you can break connectivity for affected parties, or cause huge amounts of > * useless Internet traffic. > */ > >acl "xfer" { > /* Deny transfers by default except for the listed hosts. > * If we have other name servers, place them here. > */ > none; >}; > >/* > * You might put in here some ips which are allowed to use the cache or > * recursive queries > */ >acl "trusted" { > 127.0.0.0/8; > ::1/128; >}; > >options { > directory "/var/bind"; > pid-file "/run/named/named.pid"; > > /* https://www.isc.org/solutions/dlv >=bind-9.7.x only */ > //bindkeys-file "/etc/bind/bind.keys"; > > listen-on-v6 { ::1; }; > listen-on { 127.0.0.1; }; > > allow-query { > /* > * Accept queries from our "trusted" ACL. We will > * allow anyone to query our master zones below. > * This prevents us from becoming a free DNS server > * to the masses. > */ > trusted; > }; > > allow-query-cache { > /* Use the cache for the "trusted" ACL. */ > trusted; > }; > > allow-recursion { > /* Only trusted addresses are allowed to use recursion. */ > trusted; > }; > > allow-transfer { > /* Zone tranfers are denied by default. */ > none; > }; > > allow-update { > /* Don't allow updates, e.g. via nsupdate. */ > none; > }; > > /* > * If you've got a DNS server around at your upstream provider, enter its > * IP address here, and enable the line below. This will make you benefit > * from its cache, thus reduce overall DNS traffic in the Internet. > * > * Uncomment the following lines to turn on DNS forwarding, and change > * and/or update the forwarding ip address(es): > */ >/* > forward first; > forwarders { > // 123.123.123.123; // Your ISP NS > // 124.124.124.124; // Your ISP NS > // 4.2.2.1; // Level3 Public DNS > // 4.2.2.2; // Level3 Public DNS > 8.8.8.8; // Google Open DNS > 8.8.4.4; // Google Open DNS > }; > >*/ > > dnssec-enable yes; > //dnssec-validation yes; > > /* > * As of bind 9.8.0: > * "If the root key provided has expired, > * named will log the expiration and validation will not work." > */ > dnssec-validation auto; > > /* if you have problems and are behind a firewall: */ > //query-source address * port 53; >}; > >/* >logging { > channel default_log { > file "/var/log/named/named.log" versions 5 size 50M; > print-time yes; > print-severity yes; > print-category yes; > }; > > category default { default_log; }; > category general { default_log; }; >}; >*/ > >include "/etc/bind/rndc.key"; >controls { > inet 127.0.0.1 port 953 allow { 127.0.0.1/32; ::1/128; } keys { "rndc-key"; }; >}; > >zone "." in { > type hint; > file "/var/bind/named.cache"; >}; > >zone "localhost" IN { > type master; > file "pri/localhost.zone"; > notify no; >}; > >/* > * Briefly, a zone which has been declared delegation-only will be effectively > * limited to containing NS RRs for subdomains, but no actual data beyond its > * own apex (for example, its SOA RR and apex NS RRset). This can be used to > * filter out "wildcard" or "synthesized" data from NAT boxes or from > * authoritative name servers whose undelegated (in-zone) data is of no > * interest. > * See http://www.isc.org/software/bind/delegation-only for more info > */ > >//zone "COM" { type delegation-only; }; >//zone "NET" { type delegation-only; }; > >//zone "YOUR-DOMAIN.TLD" { >// type master; >// file "/var/bind/pri/YOUR-DOMAIN.TLD.zone"; >// allow-query { any; }; >// allow-transfer { xfer; }; >//}; > >//zone "YOUR-SLAVE.TLD" { >// type slave; >// file "/var/bind/sec/YOUR-SLAVE.TLD.zone"; >// masters { <MASTER>; }; > > /* Anybody is allowed to query but transfer should be controlled by the master. */ >// allow-query { any; }; >// allow-transfer { none; }; > > /* The master should be the only one who notifies the slaves, shouldn't it? */ >// allow-notify { <MASTER>; }; >// notify no; >//};
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=593716">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 698416
: 593716 |
593718
|
593720
|
593722
