zone
Statementzone domain_name [ ( in | hs | hesiod | chaos ) ] { type master; file path_name; [ forward ( only | first ); ] [ forwarders { [ ip_addr ; [ ip_addr ; ... ] ] }; ] [ check-names ( warn | fail | ignore ); ] [ allow-update { address_match_list }; ] [ allow-query { address_match_list }; ] [ allow-transfer { address_match_list }; ] [ dialup yes_or_no; ] [ notify yes_or_no; ] [ also-notify { ip_addr; [ ip_addr; ... ] }; ] [ ixfr-base path_name; ] [ pubkey number number number string; ] }; zone domain_name [ ( in | hs | hesiod | chaos ) ] { type ( slave | stub ); [ file path_name; ] [ ixfr-base path_name; ] masters [ port ip_port ] { ip_addr; [ ip_addr; ... ] }; [ forward ( only | first ); ] [ forwarders { [ ip_addr ; [ ip_addr ; ... ] ] }; ] [ check-names ( warn | fail | ignore ); ] [ allow-update { address_match_list }; ] [ allow-query { address_match_list }; ] [ allow-transfer { address_match_list }; ] [ transfer-source ip_addr; ] [ dialup yes_or_no; ] [ max-transfer-time-in number; ] [ notify yes_or_no; ] [ also-notify { ip_addr; [ ip_addr; ... ] }; ] [ pubkey number number number string; ] }; zone domain_name [ ( in | hs | hesiod | chaos ) ] { type forward; [ forward ( only | first ); ] [ forwarders { [ ip_addr ; [ ip_addr ; ... ] ] }; ] [ check-names ( warn | fail | ignore ); ] }; zone "." [ ( in | hs | hesiod | chaos ) ] { type hint; file path_name; [ check-names ( warn | fail | ignore ); ] };
master
slave
slave
zone is a replica of a master zone. The
masters
list specifies one or more IP addresses that the
slave contacts to update its copy of the zone. If a port
is specified then checks to see if the zone is current and zone transfers
will be done to the port given. If file
is specified, the replica will be written to this file whenever
the zone is changed, and reloaded from this file on a server restart.
Use of
file
is recommended, since it often speeds server startup
and eliminates a needless waste of bandwidth. Note that for large numbers
(in the tens or hundreds of thousands) of zones per server, it is best to
use a two level naming scheme for zone file names. For example, a slave
server for the zone vix.com
might place the zone contents into
a file called "vi/vix.com"
where vi/
is just the
first two letters of the zone name. (Most operating systems behave very
slowly if you put 100K files into a single directory.)
stub
stub
zone is like a slave zone, except that it replicates
only the NS records of a master zone instead of the entire zone.
forward
forward
zone is used to
direct all queries in it to other servers. The specification of
options in such a zone will override any global options
declared in the options statement.
If either no forwarders
statement is present in the
zone or an empty list for forwarders
is given, no
forwarding will be done for the zone, cancelling the effects of any
forwarders
in the options
statement.
Thus if you want to use this
type of zone to change the behavior of the global forward
option, and not the servers used, you also need to respecify the
global forwarders.
hint
hint
zone. When the server starts up, it uses the root hints
to find a root nameserver and get the most recent list of root nameservers.
Note: previous releases of BIND used the term primary for a master zone, secondary for a slave zone, and cache for a hint zone.
The zone's name may optionally be followed by a class. If a class
is not specified, class in
(for "internet"), is assumed.
This is correct for the vast majority of cases.
The hesiod
class is for an information service from MIT's
Project Athena. It is used to share information about various systems
databases, such as users, groups, printers and so on. More
information can be found at
MIT.
The keyword hs
is a synonym for hesiod
.
Another MIT development was CHAOSnet, a LAN protocol created in the
mid-1970s. It is still sometimes seen on LISP stations and other
hardware in the AI community, and zone data for it can be specified
with the
chaos
class.
check-names
allow-query
allow-query
in the
Access Control section. Note that
this should in general be more restrictive than the similar global
option of the same name; otherwise, confusing and nonworthwhile delegations
will be returned.
allow-update
allow-transfer
allow-transfer
in
the Access Control section.
transfer-source
transfer-source
determines which local address will be bound to
the TCP connection used to fetch this zone. If not set, it defaults to a
system controlled value which will usually be the address of the interface
``closest to'' the remote end. This address must appear in the remote end's
allow-transfer
option for this zone if one is specified.
ixfr-base
ixfr-base
specifies the file name used for IXFR transaction log file.
max-transfer-time-in
max-transfer-time-in
in
the Zone Transfers section.
dialup
dialup
in
the Boolean Options section.
notify
notify
in
the Boolean Options section.
also-notify
also-notify
is only meaningful if notify
is
active for this zone. The set of machines that will receive a DNS
NOTIFY message for this zone is made up of all the listed nameservers
for the zone (other than the primary master) plus any IP addresses
specified with also-notify
. also-notify
is not
meaningful for stub
zones. The default is the empty list.
forward
forward
is only meaningful if the zone has a
forwarders
list. The only
value causes the
lookup to fail after trying the forwarders
and getting no
answer, while first
would allow a normal lookup to be tried.
forwarders
forwarders
option in a zone is used to override the
list of global forwarders. If it is not specified in a zone of type
forward
, no forwarding is done for the
zone; the global options are not used.
pubkey
[ BIND Config. File | BIND Home | ISC ]