Red Hat ENTERPRISE LINUX 3 Reference Manual page 206

188
• key " key-name "
actions, such as secure updates or the use of the
algorithm algorithm-name
•
secret " key-value "
•
Refer to Section 12.4.2 Configuring
ment.
— Allows for the use of multiple types of logs, called channels. By using the
• logging
option within the
size limit ( ), versioning (
size
Once a customized channel has been defined, a
and begin logging when
By default,
named
in
/var/log/messages
into BIND with various severity levels, such as one that handles informational logging
messages (
default_syslog
(
default_debug
logging without any special configuration.
Customizing the logging process can be a very detailed process and is beyond the scope of this
chapter. For information on creating custom BIND logs, see the BIND 9 Administrator Reference
Manual referenced in Section 12.7.1 Installed Documentation.
— Specifies options that affect how
• server
cially in regards to notifications and zone transfers.
The
transfer-format
( ) or multiple resource records are sent with each message (
one-answer
is more efficient, only newer BIND nameservers understand it.
many-answers
— Contains assorted public keys used for secure DNS (DNSSEC). See Section
•
trusted-keys
12.5.3 Security for more information concerning BIND security.
•
view " view-name "
ing the nameserver is on. This allows some hosts to receive one answer regarding a zone while other
hosts receive totally different information. Alternatively, certain zones may only be made available
to particular trusted hosts while non-trusted hosts can only make queries for other zones.
Multiple views may be used, but their names must be unique. The
ifies the IP addresses that apply to a particular view. Any
within a view, overriding the global options already configured for
contain multiple
zone
statements are listed is important, as the first
address is used.
See Section 12.5.2 Multiple Views for more information about the
12.2.3. Comment Tags
The following is a list of valid comment tags used within
— When placed at the beginning of a line, that line is ignored by
• //
— When placed at the beginning of a line, that line is ignored by
• #
and — When text is enclose in these tags, the block of text is ignored by
•
/* */
— Defines a particular key by name. Keys are used to authenticate various
— The encrypted key.
/etc/rndc.conf
statement, a customized type of log, with its own file name (
logging
version
is restarted.
named
logs standard messages to the
. This occurs because several standard channels are built
) and another that specifically handles debugging messages
). A default category, called
option controls whether one resource record is sent with each message
— Creates special views depending upon which network the host query-
statements that apply to the
Chapter 12. Berkeley Internet Name Domain (BIND)
command. Two options are used with
rndc
— The type of algorithm used, such as
for instruction on how to write a
), and level of importance (
option is used to categorize the channel
category
syslog
, uses the built-in channels to do normal
default
should respond to remote nameservers, espe-
named
options
match-clients
statement that matches a particular client's IP
view
named.conf
or
dsa hmac-md5
), can be constructed.
severity
daemon, which places them
many-answers
option spec-
match-clients
statements may also be used
. Most
named view
list. The order in which
statement.
view
:
.
named
.
named
.
named
:
key
.
state-
key
channel
),
file
). While
statements
view