BIND Configuration File Guide

Overview

BIND 8 is much more configurable than previous releases of BIND. There are entirely new areas of configuration, such as access control lists and categorized logging. Many options that previously applied to all zones can now be used selectively. These features, plus a consideration of future configuration needs led to the creation of a new configuration file format.

The Configuration File

Example Configuration

Statements

A BIND 8 configuration consists of statements and comments. Statements end with a semicolon. Many statements contain a block of substatements, which are also terminated with a semicolon.

The following statements are supported:

acl: defines a named IP address matching list, for access control and other uses
include: includes a file
key: specifies key information for use in authentication and authorization
logging: specifies what the server logs, and where the log messages are sent
options: controls global server configuration options and sets defaults for other statements
controls: declares control channels to be used by the ndc utility
server: sets certain configuration options on a per-server basis
trusted-keys: defines DNSSEC keys that are preconfigured into the server and implicitly trusted
zone: defines a zone

The logging and options statements may only occur once per configuration.

Comments

The BIND 8 comment syntax allows for comments to appear anywhere that whitespace may appear in a BIND configuration file. To appeal to programmers of all kinds, they can be written in C, C++, or shell/perl constructs.

Converting from BIND 4.9.x

BIND 4.9.x configuration files can be converted to the new format by using src/bin/named/named-bootconf, a shell script that is part of the BIND 8.2.x source kits.

[ BIND Home | ISC ]

Last Updated: $Id: config.html,v 1.11 2000/11/28 20:03:48 cyarnell Exp $