summaryrefslogtreecommitdiffstats
path: root/contrib/bind9/bin/named/config.c
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/bind9/bin/named/config.c')
-rw-r--r--contrib/bind9/bin/named/config.c22
1 files changed, 16 insertions, 6 deletions
diff --git a/contrib/bind9/bin/named/config.c b/contrib/bind9/bin/named/config.c
index 233d9e0..8b96050 100644
--- a/contrib/bind9/bin/named/config.c
+++ b/contrib/bind9/bin/named/config.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2001-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: config.c,v 1.47.18.35 2008/09/04 08:03:07 marka Exp $ */
+/* $Id: config.c,v 1.93.14.2 2009/03/17 23:47:28 tbox Exp $ */
/*! \file */
@@ -69,7 +69,7 @@ options {\n\
memstatistics-file \"named.memstats\";\n\
multiple-cnames no;\n\
# named-xfer <obsolete>;\n\
-# pid-file \"" NS_LOCALSTATEDIR "/named.pid\"; /* or /lwresd.pid */\n\
+# pid-file \"" NS_LOCALSTATEDIR "/run/named/named.pid\"; /* or /lwresd.pid */\n\
port 53;\n\
recursing-file \"named.recursing\";\n\
"
@@ -99,13 +99,16 @@ options {\n\
use-ixfr true;\n\
edns-udp-size 4096;\n\
max-udp-size 4096;\n\
+ request-nsid false;\n\
reserved-sockets 512;\n\
\n\
/* view */\n\
allow-notify {none;};\n\
allow-update-forwarding {none;};\n\
allow-query-cache { localnets; localhost; };\n\
+ allow-query-cache-on { any; };\n\
allow-recursion { localnets; localhost; };\n\
+ allow-recursion-on { any; };\n\
# allow-v6-synthesis <obsolete>;\n\
# sortlist <none>\n\
# topology <none>\n\
@@ -122,7 +125,7 @@ options {\n\
query-source-v6 address *;\n\
notify-source *;\n\
notify-source-v6 *;\n\
- cleaning-interval 60;\n\
+ cleaning-interval 0; /* now meaningless */\n\
min-roots 2;\n\
lame-ttl 600;\n\
max-ncache-ttl 10800; /* 3 hours */\n\
@@ -135,21 +138,24 @@ options {\n\
check-mx warn;\n\
acache-enable no;\n\
acache-cleaning-interval 60;\n\
- max-acache-size 0;\n\
+ max-acache-size 16M;\n\
dnssec-enable yes;\n\
- dnssec-validation no; /* Make yes for 9.5. */ \n\
+ dnssec-validation yes; \n\
dnssec-accept-expired no;\n\
clients-per-query 10;\n\
max-clients-per-query 100;\n\
zero-no-soa-ttl-cache no;\n\
+ nsec3-test-zone no;\n\
"
" /* zone */\n\
allow-query {any;};\n\
+ allow-query-on {any;};\n\
allow-transfer {any;};\n\
notify yes;\n\
# also-notify <none>\n\
notify-delay 5;\n\
+ notify-to-soa no;\n\
dialup no;\n\
# forward <none>\n\
# forwarders <none>\n\
@@ -169,6 +175,9 @@ options {\n\
min-refresh-time 300;\n\
multi-master no;\n\
sig-validity-interval 30; /* days */\n\
+ sig-signing-nodes 100;\n\
+ sig-signing-signatures 10;\n\
+ sig-signing-type 65534;\n\
zone-statistics false;\n\
max-journal-size unlimited;\n\
ixfr-from-differences false;\n\
@@ -179,6 +188,7 @@ options {\n\
check-srv-cname warn;\n\
zero-no-soa-ttl yes;\n\
update-check-ksk yes;\n\
+ try-tcp-refresh yes; /* BIND 8 compat */\n\
};\n\
"
OpenPOWER on IntegriCloud