/contrib/bind9/doc/misc/options
#! | 619 lines | 603 code | 16 blank | 0 comment | 0 complexity | 686b6a7f58c0a5a2a4c89e4a9a028255 MD5 | raw file
1 2This is a summary of the named.conf options supported by 3this version of BIND 9. 4 5acl <string> { <address_match_element>; ... }; 6 7controls { 8 inet ( <ipv4_address> | <ipv6_address> | * ) [ port ( <integer> | * 9 ) ] allow { <address_match_element>; ... } [ keys { <string>; 10 ... } ]; 11 unix <quoted_string> perm <integer> owner <integer> group <integer> 12 [ keys { <string>; ... } ]; 13}; 14 15dlz <string> { 16 database <string>; 17}; 18 19key <string> { 20 algorithm <string>; 21 secret <string>; 22}; 23 24logging { 25 category <string> { <string>; ... }; 26 channel <string> { 27 file <quoted_string> [ versions ( "unlimited" | <integer> ) 28 ] [ size <size> ]; 29 null; 30 print-category <boolean>; 31 print-severity <boolean>; 32 print-time <boolean>; 33 severity <log_severity>; 34 stderr; 35 syslog <optional_facility>; 36 }; 37}; 38 39lwres { 40 listen-on [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) 41 [ port <integer> ]; ... }; 42 ndots <integer>; 43 search { <string>; ... }; 44 view <string> <optional_class>; 45}; 46 47managed-keys { <string> <string> <integer> <integer> <integer> 48 <quoted_string>; ... }; 49 50masters <string> [ port <integer> ] { ( <masters> | <ipv4_address> [ port 51 <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ]; ... }; 52 53options { 54 acache-cleaning-interval <integer>; 55 acache-enable <boolean>; 56 additional-from-auth <boolean>; 57 additional-from-cache <boolean>; 58 allow-new-zones <boolean>; 59 allow-notify { <address_match_element>; ... }; 60 allow-query { <address_match_element>; ... }; 61 allow-query-cache { <address_match_element>; ... }; 62 allow-query-cache-on { <address_match_element>; ... }; 63 allow-query-on { <address_match_element>; ... }; 64 allow-recursion { <address_match_element>; ... }; 65 allow-recursion-on { <address_match_element>; ... }; 66 allow-transfer { <address_match_element>; ... }; 67 allow-update { <address_match_element>; ... }; 68 allow-update-forwarding { <address_match_element>; ... }; 69 allow-v6-synthesis { <address_match_element>; ... }; // obsolete 70 also-notify [ port <integer> ] { ( <ipv4_address> | <ipv6_address> 71 ) [ port <integer> ]; ... }; 72 alt-transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ]; 73 alt-transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | 74 * ) ]; 75 attach-cache <string>; 76 auth-nxdomain <boolean>; // default changed 77 auto-dnssec ( allow | maintain | off ); 78 avoid-v4-udp-ports { <portrange>; ... }; 79 avoid-v6-udp-ports { <portrange>; ... }; 80 bindkeys-file <quoted_string>; 81 blackhole { <address_match_element>; ... }; 82 cache-file <quoted_string>; 83 check-dup-records ( fail | warn | ignore ); 84 check-integrity <boolean>; 85 check-mx ( fail | warn | ignore ); 86 check-mx-cname ( fail | warn | ignore ); 87 check-names ( master | slave | response ) ( fail | warn | ignore ); 88 check-sibling <boolean>; 89 check-srv-cname ( fail | warn | ignore ); 90 check-wildcard <boolean>; 91 cleaning-interval <integer>; 92 clients-per-query <integer>; 93 coresize <size>; 94 datasize <size>; 95 deallocate-on-exit <boolean>; // obsolete 96 deny-answer-addresses { <address_match_element>; ... } [ 97 except-from { <quoted_string>; ... } ]; 98 deny-answer-aliases { <quoted_string>; ... } [ except-from { 99 <quoted_string>; ... } ]; 100 dialup <dialuptype>; 101 directory <quoted_string>; 102 disable-algorithms <string> { <string>; ... }; 103 disable-empty-zone <string>; 104 dns64 <netprefix> { 105 break-dnssec <boolean>; 106 clients { <address_match_element>; ... }; 107 exclude { <address_match_element>; ... }; 108 mapped { <address_match_element>; ... }; 109 recursive-only <boolean>; 110 suffix <ipv6_address>; 111 }; 112 dns64-contact <string>; 113 dns64-server <string>; 114 dnssec-accept-expired <boolean>; 115 dnssec-dnskey-kskonly <boolean>; 116 dnssec-enable <boolean>; 117 dnssec-lookaside ( <string> trust-anchor <string> | auto | no ); 118 dnssec-must-be-secure <string> <boolean>; 119 dnssec-secure-to-insecure <boolean>; 120 dnssec-validation ( yes | no | auto ); 121 dual-stack-servers [ port <integer> ] { ( <quoted_string> [ port 122 <integer> ] | <ipv4_address> [ port <integer> ] | 123 <ipv6_address> [ port <integer> ] ); ... }; 124 dump-file <quoted_string>; 125 edns-udp-size <integer>; 126 empty-contact <string>; 127 empty-server <string>; 128 empty-zones-enable <boolean>; 129 fake-iquery <boolean>; // obsolete 130 fetch-glue <boolean>; // obsolete 131 files <size>; 132 filter-aaaa { <address_match_element>; ... }; // not configured 133 filter-aaaa-on-v4 <v4_aaaa>; // not configured 134 flush-zones-on-shutdown <boolean>; 135 forward ( first | only ); 136 forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) 137 [ port <integer> ]; ... }; 138 has-old-clients <boolean>; // obsolete 139 heartbeat-interval <integer>; 140 host-statistics <boolean>; // not implemented 141 host-statistics-max <integer>; // not implemented 142 hostname ( <quoted_string> | none ); 143 interface-interval <integer>; 144 ixfr-from-differences <ixfrdiff>; 145 key-directory <quoted_string>; 146 lame-ttl <integer>; 147 listen-on [ port <integer> ] { <address_match_element>; ... }; 148 listen-on-v6 [ port <integer> ] { <address_match_element>; ... }; 149 maintain-ixfr-base <boolean>; // obsolete 150 managed-keys-directory <quoted_string>; 151 masterfile-format ( text | raw ); 152 match-mapped-addresses <boolean>; 153 max-acache-size <size_no_default>; 154 max-cache-size <size_no_default>; 155 max-cache-ttl <integer>; 156 max-clients-per-query <integer>; 157 max-ixfr-log-size <size>; // obsolete 158 max-journal-size <size_no_default>; 159 max-ncache-ttl <integer>; 160 max-refresh-time <integer>; 161 max-retry-time <integer>; 162 max-transfer-idle-in <integer>; 163 max-transfer-idle-out <integer>; 164 max-transfer-time-in <integer>; 165 max-transfer-time-out <integer>; 166 max-udp-size <integer>; 167 memstatistics <boolean>; 168 memstatistics-file <quoted_string>; 169 min-refresh-time <integer>; 170 min-retry-time <integer>; 171 min-roots <integer>; // not implemented 172 minimal-responses <boolean>; 173 multi-master <boolean>; 174 multiple-cnames <boolean>; // obsolete 175 named-xfer <quoted_string>; // obsolete 176 notify <notifytype>; 177 notify-delay <integer>; 178 notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ]; 179 notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ]; 180 notify-to-soa <boolean>; 181 nsec3-test-zone <boolean>; // test only 182 pid-file ( <quoted_string> | none ); 183 port <integer>; 184 preferred-glue <string>; 185 provide-ixfr <boolean>; 186 query-source <querysource4>; 187 query-source-v6 <querysource6>; 188 querylog <boolean>; 189 queryport-pool-ports <integer>; // obsolete 190 queryport-pool-updateinterval <integer>; // obsolete 191 random-device <quoted_string>; 192 recursing-file <quoted_string>; 193 recursion <boolean>; 194 recursive-clients <integer>; 195 request-ixfr <boolean>; 196 request-nsid <boolean>; 197 reserved-sockets <integer>; 198 resolver-query-timeout <integer>; 199 response-policy { 200 zone <string> [ policy ( given | disabled | passthru | 201 no-op | nxdomain | nodata | cname <domain> ) ]; 202 }; 203 rfc2308-type1 <boolean>; // not yet implemented 204 root-delegation-only [ exclude { <quoted_string>; ... } ]; 205 rrset-order { [ class <string> ] [ type <string> ] [ name 206 <quoted_string> ] <string> <string>; ... }; 207 secroots-file <quoted_string>; 208 serial-queries <integer>; // obsolete 209 serial-query-rate <integer>; 210 server-id ( <quoted_string> | none | hostname ); 211 session-keyalg <string>; 212 session-keyfile ( <quoted_string> | none ); 213 session-keyname <string>; 214 sig-signing-nodes <integer>; 215 sig-signing-signatures <integer>; 216 sig-signing-type <integer>; 217 sig-validity-interval <integer> [ <integer> ]; 218 sortlist { <address_match_element>; ... }; 219 stacksize <size>; 220 statistics-file <quoted_string>; 221 statistics-interval <integer>; // not yet implemented 222 suppress-initial-notify <boolean>; // not yet implemented 223 tcp-clients <integer>; 224 tcp-listen-queue <integer>; 225 tkey-dhkey <quoted_string> <integer>; 226 tkey-domain <quoted_string>; 227 tkey-gssapi-credential <quoted_string>; 228 tkey-gssapi-keytab <quoted_string>; 229 topology { <address_match_element>; ... }; // not implemented 230 transfer-format ( many-answers | one-answer ); 231 transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ]; 232 transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ]; 233 transfers-in <integer>; 234 transfers-out <integer>; 235 transfers-per-ns <integer>; 236 treat-cr-as-space <boolean>; // obsolete 237 try-tcp-refresh <boolean>; 238 update-check-ksk <boolean>; 239 use-alt-transfer-source <boolean>; 240 use-id-pool <boolean>; // obsolete 241 use-ixfr <boolean>; 242 use-queryport-pool <boolean>; // obsolete 243 use-v4-udp-ports { <portrange>; ... }; 244 use-v6-udp-ports { <portrange>; ... }; 245 version ( <quoted_string> | none ); 246 zero-no-soa-ttl <boolean>; 247 zero-no-soa-ttl-cache <boolean>; 248 zone-statistics <boolean>; 249}; 250 251server <netprefix> { 252 bogus <boolean>; 253 edns <boolean>; 254 edns-udp-size <integer>; 255 keys <server_key>; 256 max-udp-size <integer>; 257 notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ]; 258 notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ]; 259 provide-ixfr <boolean>; 260 query-source <querysource4>; 261 query-source-v6 <querysource6>; 262 request-ixfr <boolean>; 263 support-ixfr <boolean>; // obsolete 264 transfer-format ( many-answers | one-answer ); 265 transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ]; 266 transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ]; 267 transfers <integer>; 268}; 269 270statistics-channels { 271 inet ( <ipv4_address> | <ipv6_address> | * ) [ port ( <integer> | * 272 ) ] [ allow { <address_match_element>; ... } ]; 273}; 274 275trusted-keys { <string> <integer> <integer> <integer> <quoted_string>; ... }; 276 277view <string> <optional_class> { 278 acache-cleaning-interval <integer>; 279 acache-enable <boolean>; 280 additional-from-auth <boolean>; 281 additional-from-cache <boolean>; 282 allow-new-zones <boolean>; 283 allow-notify { <address_match_element>; ... }; 284 allow-query { <address_match_element>; ... }; 285 allow-query-cache { <address_match_element>; ... }; 286 allow-query-cache-on { <address_match_element>; ... }; 287 allow-query-on { <address_match_element>; ... }; 288 allow-recursion { <address_match_element>; ... }; 289 allow-recursion-on { <address_match_element>; ... }; 290 allow-transfer { <address_match_element>; ... }; 291 allow-update { <address_match_element>; ... }; 292 allow-update-forwarding { <address_match_element>; ... }; 293 allow-v6-synthesis { <address_match_element>; ... }; // obsolete 294 also-notify [ port <integer> ] { ( <ipv4_address> | <ipv6_address> 295 ) [ port <integer> ]; ... }; 296 alt-transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ]; 297 alt-transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | 298 * ) ]; 299 attach-cache <string>; 300 auth-nxdomain <boolean>; // default changed 301 auto-dnssec ( allow | maintain | off ); 302 cache-file <quoted_string>; 303 check-dup-records ( fail | warn | ignore ); 304 check-integrity <boolean>; 305 check-mx ( fail | warn | ignore ); 306 check-mx-cname ( fail | warn | ignore ); 307 check-names ( master | slave | response ) ( fail | warn | ignore ); 308 check-sibling <boolean>; 309 check-srv-cname ( fail | warn | ignore ); 310 check-wildcard <boolean>; 311 cleaning-interval <integer>; 312 clients-per-query <integer>; 313 database <string>; 314 deny-answer-addresses { <address_match_element>; ... } [ 315 except-from { <quoted_string>; ... } ]; 316 deny-answer-aliases { <quoted_string>; ... } [ except-from { 317 <quoted_string>; ... } ]; 318 dialup <dialuptype>; 319 disable-algorithms <string> { <string>; ... }; 320 disable-empty-zone <string>; 321 dlz <string> { 322 database <string>; 323 }; 324 dns64 <netprefix> { 325 break-dnssec <boolean>; 326 clients { <address_match_element>; ... }; 327 exclude { <address_match_element>; ... }; 328 mapped { <address_match_element>; ... }; 329 recursive-only <boolean>; 330 suffix <ipv6_address>; 331 }; 332 dns64-contact <string>; 333 dns64-server <string>; 334 dnssec-accept-expired <boolean>; 335 dnssec-dnskey-kskonly <boolean>; 336 dnssec-enable <boolean>; 337 dnssec-lookaside ( <string> trust-anchor <string> | auto | no ); 338 dnssec-must-be-secure <string> <boolean>; 339 dnssec-secure-to-insecure <boolean>; 340 dnssec-validation ( yes | no | auto ); 341 dual-stack-servers [ port <integer> ] { ( <quoted_string> [ port 342 <integer> ] | <ipv4_address> [ port <integer> ] | 343 <ipv6_address> [ port <integer> ] ); ... }; 344 edns-udp-size <integer>; 345 empty-contact <string>; 346 empty-server <string>; 347 empty-zones-enable <boolean>; 348 fetch-glue <boolean>; // obsolete 349 filter-aaaa { <address_match_element>; ... }; // not configured 350 filter-aaaa-on-v4 <v4_aaaa>; // not configured 351 forward ( first | only ); 352 forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) 353 [ port <integer> ]; ... }; 354 ixfr-from-differences <ixfrdiff>; 355 key <string> { 356 algorithm <string>; 357 secret <string>; 358 }; 359 key-directory <quoted_string>; 360 lame-ttl <integer>; 361 maintain-ixfr-base <boolean>; // obsolete 362 managed-keys { <string> <string> <integer> <integer> <integer> 363 <quoted_string>; ... }; 364 masterfile-format ( text | raw ); 365 match-clients { <address_match_element>; ... }; 366 match-destinations { <address_match_element>; ... }; 367 match-recursive-only <boolean>; 368 max-acache-size <size_no_default>; 369 max-cache-size <size_no_default>; 370 max-cache-ttl <integer>; 371 max-clients-per-query <integer>; 372 max-ixfr-log-size <size>; // obsolete 373 max-journal-size <size_no_default>; 374 max-ncache-ttl <integer>; 375 max-refresh-time <integer>; 376 max-retry-time <integer>; 377 max-transfer-idle-in <integer>; 378 max-transfer-idle-out <integer>; 379 max-transfer-time-in <integer>; 380 max-transfer-time-out <integer>; 381 max-udp-size <integer>; 382 min-refresh-time <integer>; 383 min-retry-time <integer>; 384 min-roots <integer>; // not implemented 385 minimal-responses <boolean>; 386 multi-master <boolean>; 387 notify <notifytype>; 388 notify-delay <integer>; 389 notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ]; 390 notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ]; 391 notify-to-soa <boolean>; 392 nsec3-test-zone <boolean>; // test only 393 preferred-glue <string>; 394 provide-ixfr <boolean>; 395 query-source <querysource4>; 396 query-source-v6 <querysource6>; 397 queryport-pool-ports <integer>; // obsolete 398 queryport-pool-updateinterval <integer>; // obsolete 399 recursion <boolean>; 400 request-ixfr <boolean>; 401 request-nsid <boolean>; 402 resolver-query-timeout <integer>; 403 response-policy { 404 zone <string> [ policy ( given | disabled | passthru | 405 no-op | nxdomain | nodata | cname <domain> ) ]; 406 }; 407 rfc2308-type1 <boolean>; // not yet implemented 408 root-delegation-only [ exclude { <quoted_string>; ... } ]; 409 rrset-order { [ class <string> ] [ type <string> ] [ name 410 <quoted_string> ] <string> <string>; ... }; 411 server <netprefix> { 412 bogus <boolean>; 413 edns <boolean>; 414 edns-udp-size <integer>; 415 keys <server_key>; 416 max-udp-size <integer>; 417 notify-source ( <ipv4_address> | * ) [ port ( <integer> | * 418 ) ]; 419 notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> 420 | * ) ]; 421 provide-ixfr <boolean>; 422 query-source <querysource4>; 423 query-source-v6 <querysource6>; 424 request-ixfr <boolean>; 425 support-ixfr <boolean>; // obsolete 426 transfer-format ( many-answers | one-answer ); 427 transfer-source ( <ipv4_address> | * ) [ port ( <integer> | 428 * ) ]; 429 transfer-source-v6 ( <ipv6_address> | * ) [ port ( 430 <integer> | * ) ]; 431 transfers <integer>; 432 }; 433 sig-signing-nodes <integer>; 434 sig-signing-signatures <integer>; 435 sig-signing-type <integer>; 436 sig-validity-interval <integer> [ <integer> ]; 437 sortlist { <address_match_element>; ... }; 438 suppress-initial-notify <boolean>; // not yet implemented 439 topology { <address_match_element>; ... }; // not implemented 440 transfer-format ( many-answers | one-answer ); 441 transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ]; 442 transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ]; 443 trusted-keys { <string> <integer> <integer> <integer> 444 <quoted_string>; ... }; 445 try-tcp-refresh <boolean>; 446 update-check-ksk <boolean>; 447 use-alt-transfer-source <boolean>; 448 use-queryport-pool <boolean>; // obsolete 449 zero-no-soa-ttl <boolean>; 450 zero-no-soa-ttl-cache <boolean>; 451 zone <string> <optional_class> { 452 allow-notify { <address_match_element>; ... }; 453 allow-query { <address_match_element>; ... }; 454 allow-query-on { <address_match_element>; ... }; 455 allow-transfer { <address_match_element>; ... }; 456 allow-update { <address_match_element>; ... }; 457 allow-update-forwarding { <address_match_element>; ... }; 458 also-notify [ port <integer> ] { ( <ipv4_address> | 459 <ipv6_address> ) [ port <integer> ]; ... }; 460 alt-transfer-source ( <ipv4_address> | * ) [ port ( 461 <integer> | * ) ]; 462 alt-transfer-source-v6 ( <ipv6_address> | * ) [ port ( 463 <integer> | * ) ]; 464 auto-dnssec ( allow | maintain | off ); 465 check-dup-records ( fail | warn | ignore ); 466 check-integrity <boolean>; 467 check-mx ( fail | warn | ignore ); 468 check-mx-cname ( fail | warn | ignore ); 469 check-names ( fail | warn | ignore ); 470 check-sibling <boolean>; 471 check-srv-cname ( fail | warn | ignore ); 472 check-wildcard <boolean>; 473 database <string>; 474 delegation-only <boolean>; 475 dialup <dialuptype>; 476 dnssec-dnskey-kskonly <boolean>; 477 dnssec-secure-to-insecure <boolean>; 478 file <quoted_string>; 479 forward ( first | only ); 480 forwarders [ port <integer> ] { ( <ipv4_address> | 481 <ipv6_address> ) [ port <integer> ]; ... }; 482 ixfr-base <quoted_string>; // obsolete 483 ixfr-from-differences <boolean>; 484 ixfr-tmp-file <quoted_string>; // obsolete 485 journal <quoted_string>; 486 key-directory <quoted_string>; 487 maintain-ixfr-base <boolean>; // obsolete 488 masterfile-format ( text | raw ); 489 masters [ port <integer> ] { ( <masters> | <ipv4_address> [ 490 port <integer> ] | <ipv6_address> [ port <integer> ] ) 491 [ key <string> ]; ... }; 492 max-ixfr-log-size <size>; // obsolete 493 max-journal-size <size_no_default>; 494 max-refresh-time <integer>; 495 max-retry-time <integer>; 496 max-transfer-idle-in <integer>; 497 max-transfer-idle-out <integer>; 498 max-transfer-time-in <integer>; 499 max-transfer-time-out <integer>; 500 min-refresh-time <integer>; 501 min-retry-time <integer>; 502 multi-master <boolean>; 503 notify <notifytype>; 504 notify-delay <integer>; 505 notify-source ( <ipv4_address> | * ) [ port ( <integer> | * 506 ) ]; 507 notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> 508 | * ) ]; 509 notify-to-soa <boolean>; 510 nsec3-test-zone <boolean>; // test only 511 pubkey <integer> <integer> <integer> 512 <quoted_string>; // obsolete 513 server-addresses { ( <ipv4_address> | <ipv6_address> ) [ 514 port <integer> ]; ... }; 515 server-names { <quoted_string>; ... }; 516 sig-signing-nodes <integer>; 517 sig-signing-signatures <integer>; 518 sig-signing-type <integer>; 519 sig-validity-interval <integer> [ <integer> ]; 520 transfer-source ( <ipv4_address> | * ) [ port ( <integer> | 521 * ) ]; 522 transfer-source-v6 ( <ipv6_address> | * ) [ port ( 523 <integer> | * ) ]; 524 try-tcp-refresh <boolean>; 525 type ( master | slave | stub | static-stub | hint | forward 526 | delegation-only ); 527 update-check-ksk <boolean>; 528 update-policy ( local | { ( grant | deny ) <string> ( name 529 | subdomain | wildcard | self | selfsub | selfwild | 530 krb5-self | ms-self | krb5-subdomain | ms-subdomain | 531 tcp-self | 6to4-self | zonesub | external ) [ <string> 532 ] <rrtypelist>; ... }; 533 use-alt-transfer-source <boolean>; 534 zero-no-soa-ttl <boolean>; 535 zone-statistics <boolean>; 536 }; 537 zone-statistics <boolean>; 538}; 539 540zone <string> <optional_class> { 541 allow-notify { <address_match_element>; ... }; 542 allow-query { <address_match_element>; ... }; 543 allow-query-on { <address_match_element>; ... }; 544 allow-transfer { <address_match_element>; ... }; 545 allow-update { <address_match_element>; ... }; 546 allow-update-forwarding { <address_match_element>; ... }; 547 also-notify [ port <integer> ] { ( <ipv4_address> | <ipv6_address> 548 ) [ port <integer> ]; ... }; 549 alt-transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ]; 550 alt-transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | 551 * ) ]; 552 auto-dnssec ( allow | maintain | off ); 553 check-dup-records ( fail | warn | ignore ); 554 check-integrity <boolean>; 555 check-mx ( fail | warn | ignore ); 556 check-mx-cname ( fail | warn | ignore ); 557 check-names ( fail | warn | ignore ); 558 check-sibling <boolean>; 559 check-srv-cname ( fail | warn | ignore ); 560 check-wildcard <boolean>; 561 database <string>; 562 delegation-only <boolean>; 563 dialup <dialuptype>; 564 dnssec-dnskey-kskonly <boolean>; 565 dnssec-secure-to-insecure <boolean>; 566 file <quoted_string>; 567 forward ( first | only ); 568 forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) 569 [ port <integer> ]; ... }; 570 ixfr-base <quoted_string>; // obsolete 571 ixfr-from-differences <boolean>; 572 ixfr-tmp-file <quoted_string>; // obsolete 573 journal <quoted_string>; 574 key-directory <quoted_string>; 575 maintain-ixfr-base <boolean>; // obsolete 576 masterfile-format ( text | raw ); 577 masters [ port <integer> ] { ( <masters> | <ipv4_address> [ port 578 <integer> ] | <ipv6_address> [ port <integer> ] ) [ key 579 <string> ]; ... }; 580 max-ixfr-log-size <size>; // obsolete 581 max-journal-size <size_no_default>; 582 max-refresh-time <integer>; 583 max-retry-time <integer>; 584 max-transfer-idle-in <integer>; 585 max-transfer-idle-out <integer>; 586 max-transfer-time-in <integer>; 587 max-transfer-time-out <integer>; 588 min-refresh-time <integer>; 589 min-retry-time <integer>; 590 multi-master <boolean>; 591 notify <notifytype>; 592 notify-delay <integer>; 593 notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ]; 594 notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ]; 595 notify-to-soa <boolean>; 596 nsec3-test-zone <boolean>; // test only 597 pubkey <integer> <integer> <integer> <quoted_string>; // obsolete 598 server-addresses { ( <ipv4_address> | <ipv6_address> ) [ port 599 <integer> ]; ... }; 600 server-names { <quoted_string>; ... }; 601 sig-signing-nodes <integer>; 602 sig-signing-signatures <integer>; 603 sig-signing-type <integer>; 604 sig-validity-interval <integer> [ <integer> ]; 605 transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ]; 606 transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ]; 607 try-tcp-refresh <boolean>; 608 type ( master | slave | stub | static-stub | hint | forward | 609 delegation-only ); 610 update-check-ksk <boolean>; 611 update-policy ( local | { ( grant | deny ) <string> ( name | 612 subdomain | wildcard | self | selfsub | selfwild | krb5-self | 613 ms-self | krb5-subdomain | ms-subdomain | tcp-self | 6to4-self 614 | zonesub | external ) [ <string> ] <rrtypelist>; ... }; 615 use-alt-transfer-source <boolean>; 616 zero-no-soa-ttl <boolean>; 617 zone-statistics <boolean>; 618}; 619