Comment Tags - Red Hat ENTERPRISE LINUX 5 - DEPLOYMENT Deployment Manual

• algorithm <algorithm-name> — The type of algorithm used, such as dsa or hmac-md5.
• secret "<key-value>" — The encrypted key.
Section 17.4.2, "Configuring /etc/rndc.conf"
Refer to
statement.
logging
Allows for the use of multiple types of logs, called channels. By using the channel option within
the logging statement, a customized type of log can be constructed — with its own file name
(file), size limit (size), versioning (version), and level of importance (severity). Once a
customized channel is defined, a category option is used to categorize the channel and begin
logging when named is restarted.
By default, named logs standard messages to the syslog daemon, which places them in /var/
log/messages. This occurs because several standard channels are built into BIND with various
severity levels, such as default_syslog (which handles informational logging messages) and
default_debug (which specifically handles debugging messages). A default category, called
default, uses the built-in channels to do normal logging without any special configuration.
Customizing the logging process can be a very detailed process and is beyond the scope of
this chapter. For information on creating custom BIND logs, refer to the BIND 9 Administrator
Reference Manual referenced in
server
Specifies options that affect how named should respond to remote nameservers, especially with
regard to notifications and zone transfers.
The transfer-format option controls whether one resource record is sent with each message
(one-answer) or multiple resource records are sent with each message (many-answers). While
many-answers is more efficient, only newer BIND nameservers understand it.
trusted-keys
Contains assorted public keys used for secure DNS (DNSSEC). Refer to
for more information concerning BIND security.
view "<view-name>"
Creates special views depending upon which network the host querying the nameserver is on.
This allows some hosts to receive one answer regarding a zone while other hosts receive totally
different information. Alternatively, certain zones may only be made available to particular trusted
hosts while non-trusted hosts can only make queries for other zones.
Multiple views may be used, but their names must be unique. The match-clients option
specifies the IP addresses that apply to a particular view. Any options statement may also
be used within a view, overriding the global options already configured for named. Most view
statements contain multiple zone statements that apply to the match-clients list. The order
in which view statements are listed is important, as the first view statement that matches a
particular client's IP address is used.
Section 17.5.2, "Multiple Views"
Refer to

17.2.3. Comment Tags

The following is a list of valid comment tags used within named.conf:
Section 17.7.1, "Installed
for more information about the view statement.
for instructions on how to write a key
Documentation".
Section 17.5.3, "Security"
Comment Tags
211