rpms / bind

Clone
Source Code
GIT

Blame SOURCES/named.conf

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c7-sig-altarch-fasttrack c8 c8-beta c8s c9 c9-beta
  1.   c9
  2.   SOURCES
  3.   named.conf
Blob History Raw
1baafe 
//
1baafe 
// named.conf
1baafe 
//
1baafe 
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
1baafe 
// server as a caching only nameserver (as a localhost DNS resolver only).
1baafe 
//
1baafe 
// See /usr/share/doc/bind*/sample/ for example named configuration files.
1baafe 
//
1baafe
1baafe 
options {
1baafe 
	listen-on port 53 { 127.0.0.1; };
1baafe 
	listen-on-v6 port 53 { ::1; };
1baafe 
	directory 	"/var/named";
1baafe 
	dump-file 	"/var/named/data/cache_dump.db";
1baafe 
	statistics-file "/var/named/data/named_stats.txt";
1baafe 
	memstatistics-file "/var/named/data/named_mem_stats.txt";
1baafe 
	secroots-file	"/var/named/data/named.secroots";
1baafe 
	recursing-file	"/var/named/data/named.recursing";
1baafe 
	allow-query     { localhost; };
1baafe
1baafe 
	/*
1baafe 
	 - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
1baafe 
	 - If you are building a RECURSIVE (caching) DNS server, you need to enable
1baafe 
	   recursion.
1baafe 
	 - If your recursive DNS server has a public IP address, you MUST enable access
1baafe 
	   control to limit queries to your legitimate users. Failing to do so will
1baafe 
	   cause your server to become part of large scale DNS amplification
1baafe 
	   attacks. Implementing BCP38 within your network would greatly
1baafe 
	   reduce such attack surface
1baafe 
	*/
1baafe 
	recursion yes;
1baafe
1baafe 
	dnssec-validation yes;
1baafe
1baafe 
	managed-keys-directory "/var/named/dynamic";
1baafe 
	geoip-directory "/usr/share/GeoIP";
1baafe
1baafe 
	pid-file "/run/named/named.pid";
1baafe 
	session-keyfile "/run/named/session.key";
1baafe
1baafe 
	/* https://fedoraproject.org/wiki/Changes/CryptoPolicy */
1baafe 
	include "/etc/crypto-policies/back-ends/bind.config";
1baafe 
};
1baafe
1baafe 
logging {
1baafe 
        channel default_debug {
1baafe 
                file "data/named.run";
1baafe 
                severity dynamic;
1baafe 
        };
1baafe 
};
1baafe
1baafe 
zone "." IN {
1baafe 
	type hint;
1baafe 
	file "named.ca";
1baafe 
};
1baafe
1baafe 
include "/etc/named.rfc1912.zones";
1baafe 
include "/etc/named.root.key";
1baafe

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation