BIND Configuration File Guide


Overview

BIND 8 is much more configurable than previous releases of BIND. There are entirely new areas of configuration, such as access control lists and categorized logging. Many options that previously applied to all zones can now be used selectively. These features, plus a consideration of future configuration needs led to the creation of a new configuration file format.

The Configuration File

Example Configuration

Statements

A BIND 8 configuration consists of statements and comments. Statements end with a semicolon. Many statements contain a block of substatements, which are also terminated with a semicolon.

The following statements are supported:

acl
defines a named IP address matching list, for access control and other uses
include
includes a file
key
specifies key information for use in authentication and authorization
logging
specifies what the server logs, and where the log messages are sent
options
controls global server configuration options and sets defaults for other statements
controls
declares control channels to be used by the ndc utility
server
sets certain configuration options on a per-server basis
trusted-keys
defines DNSSEC keys that are preconfigured into the server and implicitly trusted
zone
defines a zone

The logging and options statements may only occur once per configuration.

Comments

The BIND 8 comment syntax allows for comments to appear anywhere that whitespace may appear in a BIND configuration file. To appeal to programmers of all kinds, they can be written in C, C++, or shell/perl constructs.

Converting from BIND 4.9.x

BIND 4.9.x configuration files can be converted to the new format by using src/bin/named/named-bootconf, a shell script that is part of the BIND 8.2.x source kits.


[ BIND HomeISC ]


Last Updated: Id: config.html,v 1.11 2000/11/28 20:03:48 cyarnell Exp $