rpms / bind9.16

Clone
Source Code
GIT

Blame SOURCES/named.conf

c8 c8-beta c8s
  1.   2885a0d2bace5eb669f383a7a22accc57af61db8
  2.   SOURCES
  3.   named.conf
Blob History Raw
cf16a9 
//
cf16a9 
// named.conf
cf16a9 
//
cf16a9 
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
cf16a9 
// server as a caching only nameserver (as a localhost DNS resolver only).
cf16a9 
//
cf16a9 
// See /usr/share/doc/bind*/sample/ for example named configuration files.
cf16a9 
//
cf16a9
cf16a9 
options {
cf16a9 
	listen-on port 53 { 127.0.0.1; };
cf16a9 
	listen-on-v6 port 53 { ::1; };
cf16a9 
	directory 	"/var/named";
cf16a9 
	dump-file 	"/var/named/data/cache_dump.db";
cf16a9 
	statistics-file "/var/named/data/named_stats.txt";
cf16a9 
	memstatistics-file "/var/named/data/named_mem_stats.txt";
cf16a9 
	secroots-file	"/var/named/data/named.secroots";
cf16a9 
	recursing-file	"/var/named/data/named.recursing";
cf16a9 
	allow-query     { localhost; };
cf16a9
cf16a9 
	/*
cf16a9 
	 - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
cf16a9 
	 - If you are building a RECURSIVE (caching) DNS server, you need to enable
cf16a9 
	   recursion.
cf16a9 
	 - If your recursive DNS server has a public IP address, you MUST enable access
cf16a9 
	   control to limit queries to your legitimate users. Failing to do so will
cf16a9 
	   cause your server to become part of large scale DNS amplification
cf16a9 
	   attacks. Implementing BCP38 within your network would greatly
cf16a9 
	   reduce such attack surface
cf16a9 
	*/
cf16a9 
	recursion yes;
cf16a9
cf16a9 
	dnssec-validation yes;
cf16a9
cf16a9 
	managed-keys-directory "/var/named/dynamic";
cf16a9 
	geoip-directory "/usr/share/GeoIP";
cf16a9
cf16a9 
	pid-file "/run/named/named.pid";
cf16a9 
	session-keyfile "/run/named/session.key";
cf16a9
cf16a9 
	/* https://fedoraproject.org/wiki/Changes/CryptoPolicy */
cf16a9 
	include "/etc/crypto-policies/back-ends/bind.config";
cf16a9 
};
cf16a9
cf16a9 
logging {
cf16a9 
        channel default_debug {
cf16a9 
                file "data/named.run";
cf16a9 
                severity dynamic;
cf16a9 
        };
cf16a9 
};
cf16a9
cf16a9 
zone "." IN {
cf16a9 
	type hint;
cf16a9 
	file "named.ca";
cf16a9 
};
cf16a9
cf16a9 
include "/etc/named.rfc1912.zones";
cf16a9 
include "/etc/named.root.key";
cf16a9

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation