#-------------------------------------------------------------------------------
# named.conf
# ==========
#
# Project Gentoo 4 Shuttle DS57Ux
# Scope Gentoo
# Copyright (C) 2022 by RaySoft, Zurich, Switzerland
# License GNU General Public License (GPL) 2.0
# https://www.gnu.org/licenses/gpl2.txt
#
#-------------------------------------------------------------------------------
#
# BIND 9 Configuration Reference
# https://ftp.isc.org/isc/bind9/cur/9.9/doc/arm/Bv9ARM.html
#
#-------------------------------------------------------------------------------
options {
# The working directory of the server. Any non-absolute pathnames in the
# configuration file will be taken as relative to this directory.
directory "/var/bind";
# The version the server should report via a query of the name version.bind
# with type TXT, class CHAOS. The default is the real version number of this
# server. Specifying version none disables processing of the queries.
version none;
# The hostname the server should report via a query of the name hostname.bind
# with type TXT, class CHAOS. This defaults to the hostname of the machine
# hosting the name server as found by the gethostname() function. [...]
# Specifying hostname none; disables processing of the queries.
hostname none;
# The ID the server should report when receiving a Name Server Identifier
# (NSID) query, or a query of the name ID.SERVER with type TXT, class CHAOS.
# Specifying server-id none; disables processing of the queries.
server-id none;
# The interfaces and ports that the server will answer queries from may be
# specified using the listen-on and listen-on-v6 options. listen-on and
# listen-on-v6 take an optional port and an address_match_list of IP
# addresses. The server will listen on all interfaces allowed by the address
# match list. If a port is not specified, port 53 will be used.
listen-on port 53 { 127.0.0.1; 10.0.0.1; };
listen-on-v6 { none; };
# If yes (the default), DNS NOTIFY messages are sent when a zone the server is
# authoritative for changes.
notify no;
# Specifies which hosts are allowed to notify this server, a slave, of zone
# changes in addition to the zone masters.
allow-notify { none; };
# Specifies which hosts are allowed to receive zone transfers from
# the server.
allow-transfer { none; };
# Specifies which hosts are allowed to receive zone transfers from the server.
# If not specified, the default is to allow transfers to all hosts.
allow-query { 127.0.0.1; 10.0.0.0/24; };
# Specifies which hosts are allowed to get answers from the cache.
allow-query-cache { 127.0.0.1; 10.0.0.0/24; };
# Specifies which hosts are allowed to make recursive queries through this
# server.
allow-recursion { 127.0.0.1; 10.0.0.0/24; };
# Specifies which hosts are allowed to submit Dynamic DNS updates for master
# zones. The default is to deny updates from all hosts.
allow-update { none; };
# Enable or disable all empty zones. By default, they are enabled.
empty-zones-enable yes;
# If full, the server will collect statistical data on all zones. The default
# is terse, providing minimal statistics on zones.
zone-statistics terse;
# The pathname of the file the server appends statistics to when instructed to
# do so using rndc stats.
statistics-file "/var/run/named/stats";
# The server will scan the network interface list every interface-interval
# minutes. The default is 60 minutes. The maximum value is 28 days (40320
# minutes). If set to 0, interface scanning will only occur when the
# configuration file is loaded.
interface-interval 0;
};
logging {
channel default_syslog {
# The syslog destination clause directs the channel to the system log. Its
# argument is a syslog facility as described in the syslog man page.
syslog daemon;
# The severity clause works like syslog's "priorities", except that they can
# also be used if you are writing straight to a file rather than using
# syslog. Messages which are not at least of the severity level given will
# not be selected for the channel; messages of higher severity levels will
# be accepted.
severity info;
};
channel default_debug {
# The file destination clause directs the channel to a disk file. It can
# include limitations both on how large the file is allowed to become, and
# how many versions of the file will be saved each time the file is opened.
file "/var/log/named/named.debug" versions 1 size 1m;
# The severity clause works like syslog's "priorities", except that they can
# also be used if you are writing straight to a file rather than using
# syslog. Messages which are not at least of the severity level given will
# not be selected for the channel; messages of higher severity levels will
# be accepted.
severity debug 3;
# If print-time has been turned on, then the date and time will be logged.
print-time yes;
# If print-category is requested, then the category of the message will be
# logged as well.
print-category yes;
# If print-severity is on, then the severity level of the message will be
# logged.
print-severity yes;
};
# There are many categories, so you can send the logs you want to see wherever
# you want, without seeing logs you don't want. If you don't specify a list of
# channels for a category, then log messages in that category will be sent to
# the default category instead.
category default {
default_syslog;
default_debug;
};
};
#-------------------------------------------------------------------------------
zone "." IN {
type hint;
file "root.cache";
};
include "/etc/bind/named-zones.conf";
#-------------------------------------------------------------------------------