named.boot(4tcp)
named.boot --
file required to initialize the named daemon
Synopsis
[directory pathname]
[include pathname]
[primary[/class] zonename zonefile]
[secondary[/class] zonename address... [filename]
[stub zonename address... [filename]]
cache . pathname
[bogusns address...]
[sortlist address...]
[xfrnets network[&netmask]... | address[&netmask]...]
[forwarders address...]
[options [forward-only] [no-fetch-glue] [no-recursion] [query-log]]
[limit datasize size]
[limit transfers-in number]
[limit transfers-per-ns number]
[check-names primary|secondary|response fail|warn|ignore]
Description
The boot file for
named(1Mtcp)
contains information about where the
name server is to get its initial data.
Lines in the boot file cannot be continued on subsequent lines.
The following directives are recognized:
- bogusns address...
-
Do not send queries to the
specified name server IP addresses.
This is useful when
you know that some popular server has bad data in a zone or
cache and you want to avoid contamination while the problem
is being fixed.
- cache . pathname
-
Specify that the data in the file
pathname is to be placed in the cache.
Its main use is to specify the root domain servers.
Only one cache directive should be specified.
The root.cache file should be retrieved
periodically from ftp://ftp.rs.internic.netdomain/named.root/
or using the command dig . ns
because the list of root servers changes periodically.
- check-names primary|secondary|response fail|warn|ignore
-
Check names in primary or secondary zone
files, or in any response received during a recursive
search (for example, those that would be forwarded back
to a firewalled requester). For each type, named can
be told to:
- fail
-
For primary and secondary, do not load a zone.
For response, do not cache or forward a message.
- warn
-
Write a warning message to the system log.
- ignore
-
Overlook a bad name and process it as normal.
Hostnames are considered good if they conform to RFC 952; for
example, they must not contain an underscore character ``_''.
Other names are considered good if they consist only of printable
ASCII characters.
- directory pathname
-
Change the working directory to the specified pathname.
All subsequent relative pathnames given in the boot file or dependent files
will be assumed to have been specified relative to this directory.
This is important for the correct processing of
$INCLUDE and zone files.
- forwarders address...
-
Specify the addresses of
servers that will accept recursive queries from other servers.
If the boot file specifies one or more
forwarders, then the server will send all queries for data
not in the cache to the forwarders first. Each forwarder
will be asked in turn until an answer is returned or the
list is exhausted. If no answer is forthcoming from a
forwarder, the server will continue as it would have
without the forwarders line unless options forward-only
has been specified.
The forwarding facility is useful for causing a large
cache to be generated on a master server, and to reduce
traffic on links to outside servers.
It can also be used
to allow servers that do not have direct access to
the Internet, to act as though they do.
- include pathname
-
Include the contents of the file specified by pathname.
This is useful if you administer many zones, or if you have logical
groupings of zones which are maintained by different people.
- limit datasize size
-
Set the maximum process data size that the kernel enforces.
size can be scaled by postfixing
k, m, or g
to indicate kilobytes, megabytes and gigabytes
respectively.
The default value of size is 2048m (2048MB).
- limit transfers-in number
-
Set the maximum number of
named-xfer(1Mtcp)
which named can spawn at any one time.
- limit transfers-per-ns number
-
Set the maximum number of zone transfers that
can be simultaneously initiated to a remote name server.
- max-fetch number
-
Deprecated, use limit transfers-in instead.
- options specifier...
-
Change the behavior of named
using one or more of the following specifiers:
- forward-only
-
Only query forwarders.
This option is normally used on machines that wish to
run a name server but which,
for physical or administrative reasons,
cannot be given access to the Internet.
They must have access to a host that does have access to the Internet.
- no-fetch-glue
-
Keep named from fetching missing glue when constructing
the ``additional data'' section of a response. This can be used
in conjunction with the no-recursion specifier
to prevent the cache from growing in size or becoming corrupted.
- no-recursion
-
Cause named to answer with a referral rather than the
actual data whenever it receives a query for a name for which
it is not authoritative. This is used to stop an authoritative server's
cache becoming polluted with non-authoritative data.
Do not set this option on a name server that is
listed in any host's /etc/resolv.conf file.
- query-log
-
Log all queries via syslog.
Be warned that this can create a lot of data.
Inverse query pseudosupport (options fake-iquery) is not
supported.
- primary[/class] zonename zonefile
-
Specify that this machine is primary for the zone zonename.
zonefile is the hosts database file for the zone.
For more information about the format of zonefile, see
named.hosts(4tcp),
named.rev(4tcp),
named.local(4tcp),
and
named.soa(4tcp).
A class other than IN (Internet) such as HS
(Hesiod) may be specified by appending ``/HS'' to primary.
- secondary[/class] zonename address... [filename]
-
Designate this machine as secondary for the zone zonename and
lists the IP addresses of
up to 10 name servers which have data for the zone. At least one of
these servers will be primary. When a zone transfer is performed, the name
servers are tried in the order listed. filename is the backup
file containing transferred zone data.
The name server will load the zone from this backup file if
the name servers are unreachable. The file is updated
whenever a new copy of the zone data
is received by zone transfer from one of
the servers.
If no filename is given, a temporary file will be used and
will be deleted after each successful zone transfer.
This is not recommended since it is a needless waste of bandwidth.
A class other than IN (Internet) such as HS
(Hesiod) may be specified by appending ``/HS'' to secondary.
- slave
-
Deprecated, use options forward-only instead.
- sortlist address...
-
Indicate network addresses that are to be reported before
other network addresses.
Address queries from hosts on the same network
as the name server will receive responses with local network
addresses listed first, then addresses in the order given in the
sort list, then any other addresses.
This allows preference to be expressed between IP addresses
reported for multihomed hosts.
- stub zonename address... [filename]
-
Designate this machine as a stub server for the subzone zonename.
A primary name server for a zone can be configured as
a stub server for its child zones (subzones) rather than as
a secondary server.
A stub server only asks name servers in its child zones to transfer
SOA and NS records. It the holds these records
as non-authoritative data.
The fields have the same meaning as for the secondary directive.
The IP addresses point to the name servers
for the child zone, and must include at least its primary name server.
See
named.hosts(4tcp)
and
named.soa(4tcp)
for more information.
- tcplist network[&netmask]... | address[&netmask]...
-
Deprecated, use xfrnets instead.
- xfrnets network[&netmask]... | address[&netmask]...
-
Implement primitive access control.
The name server will only answer zone transfer
requests from hosts which are on the listed networks
or network IP addresses.
A netmask may be specified if the default netmask for the
given IP address would not be correct.
Files
- /etc/inet/named.boot
-
default boot file for named
References
named(1Mtcp),
named-xfer(1Mtcp),
named.hosts(4tcp),
named.local(4tcp),
named.rev(4tcp),
named.soa(4tcp),
root.cache(4tcp)
Standard Resource Record Format in RFC 1035
Information about Hesiod may be obtained from
ftp://athena-dist.mit.edu/pub/ATHENA
Examples
An example named.boot file for a primary name server:
; Boot file for primary name server
;
directory /etc/inet/named.d
;
; type domain source file or host
;
primary volga.mynet.COM db.mynet.COM
primary 16.172.in-addr.arpa db.16.172
primary 0.0.127.in-addr.arpa db.local
cache . db.cache
An example named.boot file for a secondary name server:
; Boot file for secondary name server
;
directory /etc/inet/named.d
;
; type domain source file or host
;
secondary mynet.COM 172.16.118.1 db.mynet.COM
secondary 16.172.in-addr.arpa 172.16.118.1 db.16.172
primary 0.0.127.in-addr.arpa db.local
cache . db.cache
An example named.boot file for a caching-only name server:
; Boot file for caching-only name server
;
directory /etc/inet/named.d
;
; type domain source file or host
;
primary 0.0.127.in-addr.arpa db.local
cache . db.cache
This example boot file shows a machine with a mixed configuration:
; Boot file for a mixed configuration name server
;
directory /etc/inet/named.d
;
; set up cache with hints for root domain servers
;
cache . db.cache
;
; type domain source file or host
;
primary Berkeley.EDU db.berkeley.EDU
primary 32.128.IN-ADDR.ARPA db.32.128
;
primary 0.0.127.IN-ADDR.ARPA db.local
;
; type domain name servers backup file
;
secondary CC.Berkeley.EDU 128.32.137.8 128.32.137.3 db.cc.Berkeley.EDU
secondary 6.32.128.IN-ADDR.ARPA 128.32.137.8 128.32.137.3 db.6.32.128
;
; other configuration
;
forwarders 10.0.0.78 10.2.0.78
options forward-only query-log
;
limit transfers-in 10
limit datasize 64M
This name server has the following named configuration:
-
The name server is primary for the
Berkeley.EDU zone. The file
/usr/local/named.d/db.berkeley.EDU
contains authoritative data for this zone.
The file db.32.128 contains authoritative
data for the domain 32.128.IN-ADDR.ARPA, which
is used to translate addresses in network 128.32 to
hostnames.
-
The name server is secondary for the
CC.Berkeley.EDU zone.
All authoritative data for this zone will be transferred
from the name server 128.32.137.8, or from 128.32.137.3 if the transfer
from 128.32.137.8 fails.
Address-to-hostname mapping for the subnet 128.32.6
will be obtained from the same list of master servers as
for CC.Berkeley.EDU.
-
Address-to-hostname mapping for the localhost is
specified in the file /usr/local/named.d/db.local.
All name servers should specify such a file. See
named.rev(4tcp)
for information about its suggested format.
-
The name server is limited to only using the forwarder name servers
10.0.0.78 and 10.2.0.78.
-
Query logging is enabled.
-
No more than 10 named-xfer processes can be spawned at any time.
-
The data size of the named daemon is limited to 64MB.
In these examples,
the db.local file need only contain a PTR
record for localhost:
1 IN PTR localhost.
30 January 1998
© 1998 The Santa Cruz Operation, Inc. All rights reserved.