Red Hat [Electronic resources] : The Complete Reference Enterprise Linux Fedora Edition؛ The Complete Reference نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

Red Hat [Electronic resources] : The Complete Reference Enterprise Linux Fedora Edition؛ The Complete Reference - نسخه متنی

Richard L. Petersen

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
ارسال به دوستان
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات
توضیحات
افزودن یادداشت جدید








named.conf


The configuration file for the named daemon is named.conf, located in the /etc directory. It uses a flexible syntax similar to C programs. The format enables easy configuration of selected zones, enabling features such as access control lists and categorized logging. The named.conf file consists of BIND configuration statements with attached blocks within which specific options are listed. A configuration statement is followed by arguments and a block that is delimited with braces. Within the block are lines of option and feature entries. Each entry is terminated with a semicolon. Comments can use the C, C++, or Shell/Perl syntax: enclosing

/*

*/ , preceding

// , or preceding

# . The following example shows a

zone statement followed by the zone name and a block of options that begin with an opening brace,

{ . Each option entry ends with a semicolon. The entire block ends with a closing brace, also followed by a semicolon. The format for a named.conf entry is shown here, along with the different kinds of comments allowed. Tables 35-5, 35-6, and 35-7 list several commonly used statements and options.

// comments
/* comments */
# comments
statements {
options and features; //comments
};

The following example shows a simple caching server entry:

// a caching only nameserver config
//
zone "." {
type hint;
file "named.ca";
};





Note

The named.conf file is a new feature implemented with BIND version 8.x and 9.x. The older BIND 4.x versions use a file called named.boot. This file is no longer used by version 8.x. The syntaxes used in these configuration files differ radically. If you upgrade to 8.x, you can use the named-bootconf.pl Perl script provided with the BIND software to convert your named.boot file to a named.conf file.



zone Statement


The

zone statement is used to specify the domains the name server will service. You enter the keyword

zone , followed by the name of the domain placed within double quotes. Do not place a period at the end of the domain name. In the following example, a period is within the domain name, but not at the end, "mytrek.com"; this differs from the zone file, which requires a period at the end of a complete domain name.

After the zone name, you can specify the class

in , which stands for Internet. You can also leave it out, in which case

in is assumed (there are only a few other esoteric classes that are rarely used). Within the zone block, you can place several options (see Table 34-6 later in this chapter). Two essential options are

type and

file . The

type option is used to specify the zone's type. The

file option is used to specify the name of the zone file to be used for this zone. You can choose from several types of zones: master, slave, stub, forward, and hint. Master specifies that the zone holds master information and is authorized to act on it. A master server was called a primary server in the older 4.x BIND configuration. Slave indicates that the zone needs to update its data periodically from a specified master name server. You use this entry if your name server is operating as a secondary server for another primary (master) DNS server. A stub zone copies only other name server entries, instead of the entire zone. A forward zone directs all queries to name servers specified in a

forwarders statement. A hint zone specifies the set of root name servers used by all Internet DNS servers. You can also specify several options that can override any global options set with the

options statement. Table 34-4 lists the BIND zone types. The following example shows a simple

zone statement for the mytrek.com domain. Its class is Internet (in) and its type is master. The name of its zone file is usually the same as the zone name, in this case, "mytrek.com."



























Table 34-4: DNS BIND Zone Types


Type


Description


master


Primary DNS zone


slave


Slave DNS server; controlled by a master DNS server


hint


Set of root DNS Internet servers


forward


Forwards any queries in it to other servers


stub


Like a slave zone, but holds only names of DNS servers


zone "mytrek.com" in {
type master;
file "mytrek.com";
};


Configuration Statements


Other statements, such as

acl ,

server ,

options , and

logging , enable you to configure different features for your name server (see DNSSEC" later in this chapter). The

logging statement is used to configure logging options for the name server, such as the maximum size of the log file and a severity level for messages. Table 34-5 lists the BIND statements. The

sortlists statement lets you specify preferences to be used when a query returns multiple responses. For example, you could give preference to your localhost network or to a private local network such a 192.168.0.0.






















































Table 34-5: BIND Configuration Statements


Statements


Description


/*

comment

*/


BIND comment in C syntax.


//

comment


BIND comment in C++ syntax.


#

comment


BIND comment in Unix shell and Perl syntax.


acl


Defines a named IP address matching list.


include


Includes a file, interpreting it as part of the named.conf file.


key


Specifies key information for use in authentication and authorization.


logging


Specifies what the server logs and where the log messages are sent.


options


Global server configuration options and defaults for other statements.


controls


Declares control channels to be used by the ndc utility.


server


Sets certain configuration options for the specified server basis.


sortlists


Gives preference to specified networks according to a queries source.


trusted-keys


Defines DNSSEC keys preconfigured into the server and implicitly trusted.


zone


Defines a zone.


view


Defines a view.








































Table 34-6: Zone Options


Options


Description


type


Specifies a zone type.


file


Specifies the zone file for the zone.


directory


Specifies a directory for zone files.


forwarders


Lists hosts for DNS servers where requests are to be forwarded.


masters


Lists hosts for DNS master servers for a slave server.


notify


Allows master servers to notify their slave servers when the master zone data changes and updates are needed.


allow-transfer


Specifies which hosts are allowed to receive zone transfers.


allow-query


Specifies hosts that are allowed to make queries.


allow-recursion


Specifies hosts that are allowed to perform recursive queries on the server.



/ 328