README
¶
This is a goinstall-able mirror of modified code already published at: http://git.nic.cz/redmine/projects/godns/repository/show/named Online godoc documentation for this package (should be) available at: http://gopkgdoc.appspot.com/pkg/github.com/cznic/dns/named
Documentation
¶
Overview ¶
WIP: Package named supports named.conf formatted data (see also `man named.conf`). Supported are conversions from a file or string to an internal representation and back to a string. Documentation comments in this package are often excerpts from the BIND 9.7 ARM available at http://www.isc.org/files/arm97.pdf. See also the LICENSE-BIND file.
Index ¶
- Variables
- type AclName
- type AclNameType
- type AddressMatchList
- type AddressMatchListElement
- type AutoDNSSEC
- type Conf
- type DNSSecDelegation
- type DNSSecMustBeSecured
- type DialupOption
- type DisabledAlgorithms
- type DualStackServer
- type DualStackServers
- type Forward
- type IPAndPort
- type IPPort
- type IPs
- type IxfrFromDiffs
- type ListenOn
- type ManagedKey
- type ManagedKeys
- type Master
- type MasterFileFormat
- type Masters
- type Notify
- type Options
- type OrderSpec
- type Ordering
- type PortList
- type SessionKeyAlg
- type SizeSpec
- type TransferFormat
- type WarnFailIgnore
- type Zone
- type ZoneClass
- type ZoneType
- type Zones
Constants ¶
This section is empty.
Variables ¶
View Source
var DefaultEnv = map[string]string{
"GODNS": "godns",
}
DefaultEnv supplies default values for environment variables to be substitued into DefaultOptions.
View Source
var DefaultOptions = `` /* 2384-byte string literal not displayed */
DefaultOptions is a named.conf options statement filled with default values as defined in the Bind 9.7 ARM. It's used by NewOptions. $ values are expanded from environment variables with defaults taken from DefaultEnv.
View Source
var Sys = "/etc/bind/named.conf" //TODO:LSB only
System named.conf name
Functions ¶
This section is empty.
Types ¶
type AclName ¶
type AclName struct {
Type AclNameType
DomainName string
}
AclName holds the name of an address match list as defined by the acl statement.
func NewAclName ¶
func NewAclName(typ AclNameType, name string) *AclName
NewAclName creates a new AclName from the typ and name arguments.
type AclNameType ¶
type AclNameType int
AclNameType is the type of the AclName.Type tag
const ( AclNameAny AclNameType = iota AclNameNone AclNameLocalhost AclNameLocalnets AclNameDomainName )
AclName* constants are the values of the AclName.Type tag
type AddressMatchList ¶
type AddressMatchList []AddressMatchListElement
Address match lists are primarily used to determine access control for various server operations. They are also used in the listen-on and sortlist statements. The elements which constitute an address match list can be any of the following:
- an IP address (IPv4 or IPv6)
- an IP prefix (in ‘/’ notation)
- a key ID, as defined by the key statement
- the name of an address match list defined with the acl statement
- a nested address match list enclosed in braces
func (*AddressMatchList) String ¶
func (x *AddressMatchList) String() string
type AddressMatchListElement ¶
type AddressMatchListElement struct {
Neg bool
Item interface{}
}
Elements can be negated with a leading exclamation mark (‘!’), and the match list names ”any”, ”none”, ”localhost”, and ”localnets” are predefined. More information on those names can be found in the description of the acl statement.
func (*AddressMatchListElement) String ¶
func (x *AddressMatchListElement) String() string
type AutoDNSSEC ¶
type AutoDNSSEC int
AutoDNSSEC is the type of the Zone.AutoDNSSEC field.
const ( AutoDNSSECOff AutoDNSSEC = iota AutoDNSSECAllow AutoDNSSECMaintain AutoDNSSECCreate )
type Conf ¶
type Conf struct {
ManagedKeys ManagedKeys
Masters []Masters
Options *Options
Zones Zones
} //TODO:Complete full specs
A Conf holds the data found in a Internet domain name server configuration file, e.g. '/etc/bind/named.conf'. See also named.conf(5). The implementation is based on BIND 9.7 ARM available at http://www.isc.org/files/arm97.pdf
func NewConf ¶
NewConf create an empty Conf ready to use or an Error if any. The Options.Version field is filled from the version parameter.
func (*Conf) LoadString ¶
Load Conf from a named.conf format string s. Return an Error, if any.
type DNSSecDelegation ¶
type DNSSecDelegation struct {
Domain, Delegation string
}
DNSSecDelegation is the type of e.g. Options.DNSSecLookaside.
func (DNSSecDelegation) Auto ¶
func (d DNSSecDelegation) Auto() bool
func (DNSSecDelegation) String ¶
func (d DNSSecDelegation) String() string
type DNSSecMustBeSecured ¶
DNSSecMustBeSecured is the type of e.g. Options.DNSSecMustBeSecure
func (DNSSecMustBeSecured) String ¶
func (d DNSSecMustBeSecured) String() string
type DialupOption ¶
type DialupOption int
DialupOption is the type of e.g. Options.Dialup
const ( DialupNo DialupOption = iota DialupYes DialupNotify DialupNotifyPassive DialupRefresh DialupPassive )
Values of DialupOption
func (DialupOption) String ¶
func (d DialupOption) String() string
type DisabledAlgorithms ¶
type DisabledAlgorithms struct {
Domain string
Algorithms []SessionKeyAlg
}
DisabledAlgorithms is the type of e.g. Options.DisableAlgorithms.
func (DisabledAlgorithms) String ¶
func (d DisabledAlgorithms) String() string
type DualStackServer ¶
DualStackServer is the type of DualStackServers.Servers. Either Domain of Addr must be non empty but not both.
func (DualStackServer) String ¶
func (d DualStackServer) String() string
type DualStackServers ¶
type DualStackServers struct {
Port *IPPort
Servers []DualStackServer
}
DualStackServers is the type of e.g. Options.DualStackServers
func (DualStackServers) String ¶
func (d DualStackServers) String() string
type IPAndPort ¶
type IPAndPort struct {
IP net.IP // Specifies the IP address.
Port *IPPort // Optional port number or nil.
}
IPAndPort packs an IP address with an optional port number.
type IPPort ¶
type IPPort uint16
IPPort is the type of an IP port number. The number is limited to 0 through 65535, with values below 1024 typically restricted to use by processes running as root. In some cases, an asterisk (‘*’) character can be used as a placeholder to select a random high-numbered port. This is by convention indicated by *IPPort == nil.
type IxfrFromDiffs ¶
type IxfrFromDiffs int
IxfrFromDiffs is the type of Options.IxfFromDiffs
const ( IxfrFromDiffsYes IxfrFromDiffs = iota IxfrFromDiffsMaster IxfrFromDiffsSlave IxfrFromDiffsNo )
Values of IxfrFromDiffs
func (IxfrFromDiffs) String ¶
func (i IxfrFromDiffs) String() string
type ListenOn ¶
type ListenOn struct {
Port *IPPort
AddressMatchList AddressMatchList
}
The listen-on option is used to specify the interfaces and the ports on which the server will listen for incoming queries.
type ManagedKey ¶
ManagedKey is an item of ManagedKeys
func NewManagedKey ¶
func NewManagedKey(Name string, key *rr.DNSKEY) *ManagedKey
NewManagedKey returns a newly constructed ManagedKey
func (*ManagedKey) String ¶
func (x *ManagedKey) String() string
type ManagedKeys ¶
type ManagedKeys []*ManagedKey
ManagedKeys holds the data from the managed-keys statements
func (*ManagedKeys) String ¶
func (x *ManagedKeys) String() string
type Master ¶
type Master struct {
Include string // Name of a named master list to include in this list.
IPAndPort IPAndPort // Master IP and optional port number.
Key string // Key string.
}
Master is the type of Masters.List item. Either the Include or the other fields are valid but not both of these possibilities at once.
type MasterFileFormat ¶
type MasterFileFormat int
MasterFileFormat is the type of Options.MasterFileFormat
const ( MasterFileFormatText MasterFileFormat = iota MasterFileFormatRaw )
Values of MasterFileFormat
func (MasterFileFormat) String ¶
func (m MasterFileFormat) String() string
type Masters ¶
type Masters struct {
Name string // Name of this masters list
Port *IPPort // Optional port number.
List []Master // Items of this masters list.
}
Masters is the type of data of the 'masters' statement.
type Options ¶
type Options struct {
ACacheCleaningInterval int // The server will remove stale cache entries, based on an LRU based algorithm, every acache-cleaning-interval minutes.
ACacheEnable bool // If yes, additional section caching is enabled.
// These options control the behavior of an authoritative
// server when answering queries which have additional data, or when following CNAME and
// DNAME chains.
AdditionalFromAuth bool
AdditionalFromCache bool
AllowNotify AddressMatchList // Specifies which hosts are allowed to notify this server, a slave, of zone changes in addition to the zone masters.
AllowQuery AddressMatchList // Specifies which hosts are allowed to ask ordinary DNS questions.
AllowQueryOn AddressMatchList // Specifies which local addresses can accept ordinary DNS questions.
AllowQueryCache AddressMatchList // Specifies which hosts are allowed to get answers from the cache.
AllowQueryCacheOn AddressMatchList // Specifies which local addresses can give answers from the cache.
AllowRecursion AddressMatchList // Specifies which hosts are allowed to make recursive queries through this server.
AllowRecursionOn AddressMatchList // Specifies which local addresses can accept recursive queries.
AllowTransfer AddressMatchList // Specifies which hosts are allowed to receive zone transfers from the server.
AllowUpdate AddressMatchList // Specifies which hosts are allowed to submit Dynamic DNS updates for master zones.
AllowUpdateForwarding AddressMatchList // Specifies which hosts are allowed to submit Dynamic DNS updates to slave zones to be forwarded to the master.
AllowV6Synthesis AddressMatchList // (Obsolete) This option was used for the smooth transition from AAAA to A6 and from ”nibble labels” to binary labels.
AlsoNotify IPs // Defines a global list of IP addresses of name servers that are also sent NOTIFY messages whenever a fresh copy of the zone is loaded, in addition to the servers listed in the zone’s NS records.
AltTransferSource *IPAndPort // An alternate transfer source if the one listed in transfer-source fails and use-alt-transfer-source is set.
AltTransferSourceV6 *IPAndPort // An alternate transfer source if the one listed in transfer-source-v6 fails and use-alt-transfer-source is set.
AuthNXDomain bool // If true, then the AA bit is always set on NXDOMAIN responses, even if the server is not actually authoritative.
AvoidV4UdpPorts PortList // Prevent a name server from choosing as its random source port a port that is blocked by your firewall or a port that is used by other applications.
AvoidV6UdpPorts PortList // See AvoidV4UdpPorts
BindKeysFile string // The pathname of a file to override the built-in trusted keys provided by the server.
Blackhole AddressMatchList // Specifies a list of addresses that the server will not accept queries from or use to resolve a query.
CheckDupRecs WarnFailIgnore // Check master zones for records that are treated as different by DNSSEC but are semantically equal in plain DNS.
CheckIntegrity bool // Perform post load zone integrity checks on master zones.
CheckMx WarnFailIgnore // Check whether the MX record appears to refer to a IP address.
CheckMxCname WarnFailIgnore // If check-integrity is set then fail, warn or ignore MX records that refer to CNAMES.
CheckNamesMaster WarnFailIgnore // This option is used to restrict the character set and syntax of certain domain names in master files.
CheckNamesSlave WarnFailIgnore // This option is used to restrict the character set and syntax of certain domain names in slave files.
CheckNamesResponse WarnFailIgnore // This option is used to restrict the character set and syntax of certain domain names in DNS responses received from the network.
CheckSibling bool // When performing integrity checks, also check that sibling glue exists.
CheckSrvCname WarnFailIgnore // If check-integrity is set then fail, warn or ignore SRV records that refer to CNAMES.
CheckWildcard bool // This option is used to check for non-terminal wildcards.
CleaningInterval int // This interval is effectively obsolete.
ClientsPerQuery int // The initial number of recursive simultaneous clients for any given query (<qname,qtype,qclass>) that the server will accept before dropping additional clients.
Coresize SizeSpec // The maximum size of a core dump.
Datasize SizeSpec // The maximum amount of data memory the server may use.
DeallocateOnExit bool // This option was used in e.g. BIND 8 to enable checking for memory leaks on exit.
Dialup DialupOption // If yes, then the server treats all zones as if they are doing zone transfers across a dial-on-deman dialup link, which can be brought up by traffic originating from this server.
Directory string // The working directory of the server.
DisableAlgorithms []DisabledAlgorithms // Disable the specified DNSSEC algorithms at and below the specified name.
DisableEmptyZone []string // Disable individual empty zones.
DNSSecAcceptExpired bool // Accept expired signatures when verifying DNSSEC signatures.
DNSSecDnsKeyKskOnly bool // When this option and update-check-ksk are both set to yes, only key-signing keys (that is, keys with the KSK bit set) will be used to sign the DNSKEY RRset at the zone apex.
DNSSecEnable bool // Enable DNSSEC support in named. Unless set to yes, named behaves as if it does not support DNSSEC.
DNSSecLookaside []DNSSecDelegation // When set, dnssec-lookaside provides the validator with an alternate method to validate DNSKEY records at the top of a zone.
DNSSecMustBeSecure []DNSSecMustBeSecured // Specify hierarchies which must be or may not be secure (signed and validated).
DNSSecSecure2Insecure bool // Allow a dynamic zone to transition from secure to insecure (i.e., signed to unsigned) by deleting all of the DNSKEY records.
DNSSecValidation bool // Enable DNSSEC validation in named. Note dnssec-enable also needs to be set to yes to be effective.
DualStackServers DualStackServers // Specifies host names or addresses of machines with access to both IPv4 and IPv6 transports.
DumpFile string // The pathname of the file the server dumps the database to when instructed to do so.
EdnsUdpSize int // Sets the advertised EDNS UDP buffer size in bytes to control the size of packets received.
EmptyContact string // Specify what contact name will appear in the returned SOA record for empty zones.
EmptyServer string // Specify what server name will appear in the returned SOA record for empty zones.
EmptyZonesEnable bool // Enable or disable all empty zones.
FakeIQuery bool // (Obsolete) In BIND 8, this option enabled simulating the obsolete DNS query type IQUERY.
FetchGlue bool // (Obsolete) In BIND 8, fetch-glue yes caused the server to attempt to fetch glue resource records it didn’t have when constructing the additional data section of a response.
Files SizeSpec // The maximum number of files the server may have open concurrently.
FlushZonesOnShutdown bool // When the nameserver exits due receiving SIGTERM, flush or do not flush any pending zone writes.
// This option is only meaningful if the forwarders list is not empty. A value of first, the
// default, causes the server to query the forwarders first — and if that doesn’t answer the question,
// the server will then look for the answer itself. If only is specified, the server will only query the
// forwarders.
Forward Forward
// The forwarding facility can be used to create a large site-wide cache on a few servers, reducing traffic
// over links to external name servers. It can also be used to allow queries by servers that do not have
// direct access to the Internet, but wish to look up exterior names anyway. Forwarding occurs only on
// those queries for which the server is not authoritative and does not have the answer in its cache.
Forwarders IPs
// This option was incorrectly implemented in BIND 8, and is ignored by BIND 9. To
// achieve the intended effect of has-old-clients yes, specify the two separate options auth-nxdomain
// yes and rfc2308-type1 no instead.
HasOldClients bool
HeartbeatInterval int // The server will perform zone maintenance tasks for all zones marked as dialup whenever this interval expires.
Hostname string // The hostname the server should report via a query of the name hostname.bind with type TXT, class CHAOS.
HostStatistics bool // (Obsolete) In BIND 8, this enables keeping of statistics for every host that the name server interacts with. Not implemented in BIND 9.
HostStatisticsMax uint64 // (Obsolete) In BIND 8, specifies the maximum number of host statistics entries to be kept. Not implemented in BIND 9.
InterfaceInterval int // The server will scan the network interface list every interface-interval minutes.
// When yes and the server loads a new version of a master zone from its zone
// file or receives a new version of a slave file by a non-incremental zone transfer, it will compare
// the new version to the previous one and calculate a set of differences.
IxfrFromDiffs IxfrFromDiffs
KeyDirectory string // When performing dynamic update of secure zones, the directory where the public and private DNSSEC key files should be found, if different than the current working directory.
LameTtl int // Sets the number of seconds to cache a lame server indication. 0 disables caching.
ListenOn []ListenOn
ListenOnV6 []ListenOn
MaintainIxfrBase bool // (Obsolete) It was used in BIND 8 to determine whether a transaction log was kept for Incremental Zone Transfer.
MasterFileFormat MasterFileFormat // Specifies the file format of zone files.
MatchMappedAddresses bool // (Obsolete) If yes, then an IPv4-mapped IPv6 address will match any address match list entries that match the corresponding IPv4 address.
MaxACacheSize SizeSpec // The maximum amount of memory in bytes to use for the server’s acache.
MaxCacheSize SizeSpec // The maximum amount of memory to use for the server’s cache, in bytes.
MaxCacheTtl int // Sets the maximum time for which the server will cache ordinary (positive) answers.
MaxIxfrLogSize uint64 // (Obsolete) Accepted and ignored for BIND 8 compatibility. The option max-journal-size performs a similar function in BIND 9.
MaxJournalSize SizeSpec // Sets a maximum size for each journal file.
MaxClientsPerQuery int // The maximum number of recursive simultaneous clients for any given query (<qname,qtype,qclass>) that the server will accept before dropping additional clients.
MaxNCacheTtl int // To reduce network traffic and increase performance, the server stores negative answers. max-ncache-ttl is used to set a maximum retention time for these answers in the server in seconds.
MaxUdpSize int // Sets the maximum EDNS UDP message size named will send in bytes.
MaxXferIdleIn int // Inbound zone transfers making no progress in this many minutes will be terminated.
MaxXferIdleOut int // Outbound zone transfers making no progress in this many minutes will be terminated.
MaxXferTimeIn int // Inbound zone transfers running longer than this many minutes will be terminated.
MaxXferTimeOut int // Outbound zone transfers running longer than this many minutes will be terminated.
MemStats bool // Write memory statistics to the file specified by memstatistics-file at exit.
MemStatsFile string // The pathname of the file the server writes memory usage statistics to on exit.
MinimalResponses bool // If yes, then when generating responses the server will only add records to the authority and additional data sections when they are required (e.g. delegations, negative responses).
// These options control the server’s behavior on refreshing a zone (querying for SOA changes)
// or retrying failed transfers. Usually the SOA values for the zone are used, but these values
// are set by the master, giving slave server administrators little control over their contents.
MinRefreshTime uint64
MinRetryTime uint64
MaxRefreshTime uint64
MaxRetryTime uint64
MinRoots int // The minimum number of root servers that is required for a request for the root servers to be accepted.
MultiMaster bool // This should be set when you have multiple masters for a zone and the addresses refer to different machines.
MultipleCnames bool // (Obsolete) This option was used in BIND 8 to allow a domain name to have multiple CNAME records in violation of the DNS standards.
NamedXfer string // (Obsolete) Used in BIND 8 to specify the pathname to the named-xfer program.
Notify Notify // If yes (the default), DNS NOTIFY messages are sent when a zone the server is authoritative for changes.
NotifyDelay int // The delay, in seconds, between sending sets of notify messages for a zone.
NotifySource *IPAndPort // Determines which local source address, and optionally UDP port, will be used to send NOTIFY messages.
NotifySourceV6 *IPAndPort // Like notify-source, but applies to notify messages sent to IPv6 addresses.
NotifyToSoa bool // If yes do not check the nameservers in the NS RRset against the SOA MNAME. Normally a NOTIFY message is not sent to the SOA MNAME (SOA ORIGIN) as it is supposed to contain the name of the ultimate master.
PIDFile string // The pathname of the file the server writes its process ID in.
Port IPPort // The UDP/TCP port number the server uses for receiving and sending DNS protocol traffic.
PreferredGlue *rr.Type // If specified, the listed type (A or AAAA) will be emitted before other glue in the additional section of a query response.
ProvideIxfr *bool // etermines whether the local server, acting as master, will respond with an incremental zone transfer when the given remote server, a slave, requests it.
Querylog *bool // Specify whether query logging should be started when named starts.
QuerySource *IPAndPort // Specify the IPv4 source address to be used for queries sent to remote server.
QuerySourceV6 *IPAndPort // Specify the IPv6 source address to be used for queries sent to remote server.
RandomDevice string // The source of entropy to be used by the server.
Recursion bool // If yes, and a DNS query requests recursion, then the server will attempt to do all the work required to answer the query.
RecursingFile string // The pathname of the file the server dumps the queries that are currently recursing when instructed to do so.
RecursiveClients int // The maximum number of simultaneous recursive lookups the server will perform on behalf of clients.
RequestIxfr *bool // determines whether the local server, acting as a slave, will request incremental zone transfers from the given remote server, a master.
ReservedSockets int // The number of file descriptors reserved for TCP, stdio, etc.
Rfc2308Type1 bool // Setting this to yes will cause the server to send NS records along with the SOA record for negative answers.
RootDelegationOnly *[]string // Turn on enforcement of delegation-only in TLDs (top level domains) and root zones with an optional exclude list.
RRSetOrder []OrderSpec // Permits configuration of the ordering of the records in a multiple record response.
// Slave servers will periodically query master servers to find out if zone serial numbers
// have changed. Each such query uses a minute amount of the slave server’s network bandwidth.
// To limit the amount of bandwidth used, BIND 9 limits the rate at which queries are sent.
SerialQueryRate int
SerialQueries uint64 // (Obsolete) In BIND 8, the serial-queries option set the maximum number of concurrent serial number queries allowed to be outstanding at any given time.
ServerId string // The ID the server should report when receiving a Name Server Identifier (NSID) query, or a query of the name ID.SERVER with type TXT, class CHAOS.
SessionKeyAlg SessionKeyAlg // The algorithm to use for the TSIG session key.
SessionKeyFile string // The pathname of the file into which to write a TSIG session key.
SessionKeyName string // The key name to use for the TSIG session key.
SigValidityIntervalBase int // Specifies the number of days into the future when DNSSEC signatures automatically generated as a result of dynamic updates will expire.
SigSigningNodes int // Specify the maximum number of nodes to be examined in each quantum when signing a zone with a new DNSKEY.
SigSigningSignatures int // Specify a threshold number of signatures that will terminate processing a quantum when signing a zone with a new DNSKEY.
SigSigningType int // Specify a private RDATA type to be used when generating key signing records.
SigValidityIntervalExpireHours int // Specifies how long before expiry that the signatures will be regenerated.
Sortlist AddressMatchList // Server side RRSet sorting rules.
Stacksize SizeSpec // The maximum amount of stack memory the server may use.
StatsFile string // The pathname of the file the server appends statistics to when instructed to do so.
StatisticsInterval int // Name server statistics will be logged every statistics-interval minutes.
TcpClients int // The maximum number of simultaneous client TCP connections that the server will accept.
TcpListenQueue int // The listen queue depth.
TDHKeyName string // The Diffie-Hellman key name and tag used by the server to generate shared keys with clients using the Diffie-Hellman mode of TKEY.
TDHKeyTag uint64
TKeyDomain string // The domain appended to the names of all shared keys generated with TKEY.
Topology AddressMatchList // Defines how the outgoing queries are sent to the topologically nearest DNS servers.
TransferFormat TransferFormat // Zone transfers can be sent using two different formats, one-answer and many-answers.
TransferSource *IPAndPort // The IPv4 source address to be used for zone transfer with the remote server.
TransferSourceV6 *IPAndPort // The IPv6 source address to be used for zone transfer with the remote server.
TransfersIn int // The maximum number of inbound zone transfers that can be running concurrently.
TransfersOut int // The maximum number of outbound zone transfers that can be running concurrently.
TransfersPerNS int // The maximum number of inbound zone transfers that can be concurrently transferring from a given remote name server.
TreatCrAsSpace bool // (Obsolete) This option was used in BIND 8 to make the server treat carriage return (”\r”) characters the same way as a space or tab character.
TryTcpRefresh bool // Try to refresh the zone using TCP if UDP queries fail.
UpdateCheckKsk bool // When set to the default value of yes, check the KSK bit in each key to determine how the key should be used when generating RRSIGs for a secure zone.
UseAltTransferSource bool // Use the alternate transfer sources or not.
UseIdPool bool // (Obsolete) BIND 9 always allocates query IDs from a pool.
UseIxfr bool // (Obsolete) If you need to disable IXFR to a particular server or servers, use the provide-ixfr option.
Version string // The version the server should report via a query of the name version.bind with type TXT, class CHAOS.
ZeroNoSoaTtl bool // When returning authoritative negative responses to SOA queries set the TTL of the SOA record returned in the authority section to zero.
ZeroNoSoaTtlCache bool // When caching a negative response to a SOA query set the TTL to zero.
ZoneStats bool // If yes, the server will collect statistical data on all zones (unless specifically turned off on a per-zone basis by specifying zone-statistics no in the zone statement).
}
The options statement sets up global options to be used by e.g. BIND. This statement may appear only once in a configuration file. If there is no options statement, an options block with each option set to its default will be used.
func NewOptions ¶
NewOptions returns a newly created Options with sane defaults set or an Error if any. The Version field is filled from the version parameter.
type PortList ¶
type PortList []uint16
PortList is a list of port number pairs. Each pair represents a range of ports.
type SessionKeyAlg ¶
type SessionKeyAlg int
SessionKeyAlg is the type of Options.SessionKeyAlg field.
const ( SessionKeyAlg_HMAC_MD5 SessionKeyAlg = iota SessionKeyAlg_HMAC_SHA1 SessionKeyAlg_HMAC_SHA224 SessionKeyAlg_HMAC_SHA256 SessionKeyAlg_HMAC_SHA384 SessionKeyAlg_HMAC_SHA512 )
Values of SessionKeyAlg
func (SessionKeyAlg) String ¶
func (x SessionKeyAlg) String() string
type SizeSpec ¶
type SizeSpec int64
SizeSpec is the type of some of the Options fields, e.g. Coresize.
Special SizeSpec values. All of them are negative.
type TransferFormat ¶
type TransferFormat int
TransferFormat is the type of Options.TransferFormat
const ( TransferFormatOneAnswer TransferFormat = iota TransferFormatManyAnswers )
Values of TransferFormat
func (TransferFormat) String ¶
func (t TransferFormat) String() string
type WarnFailIgnore ¶
type WarnFailIgnore int
WarnFailIgnore is the type of several problem behaviour options, e.g. Options.CheckDupRecs.
const ( WarnFailIgnore_Warn WarnFailIgnore = iota WarnFailIgnore_Ignore WarnFailIgnore_Fail )
Values of WarnFailIgnore
func (WarnFailIgnore) String ¶
func (w WarnFailIgnore) String() string
type Zone ¶
type Zone struct {
Name string // Zone name.
Class ZoneClass // Which class this Zone is.
Type ZoneType // Which type this Zone is.
File string // File name of the zone data file.
AllowNotify AddressMatchList // Specifies which hosts are allowed to notify this server, a slave, of zone changes in addition to the zone masters.
AllowQuery AddressMatchList // Specifies which hosts are allowed to ask ordinary DNS questions.
AllowQueryOn AddressMatchList // Specifies which local addresses can accept ordinary DNS questions.
AllowTransfer AddressMatchList // Specifies which hosts are allowed to receive zone transfers from the server.
AllowUpdate AddressMatchList // Specifies which hosts are allowed to submit Dynamic DNS updates for master zones.
AlsoNotify IPs // Defines a global list of IP addresses of name servers that are also sent NOTIFY messages whenever a fresh copy of the zone is loaded, in addition to the servers listed in the zone’s NS records.
AutoDNSSEC AutoDNSSEC // Zones configured for dynamic DNS may also use this option to allow varying levels of autonatic DNSSEC key management.
CheckIntegrity bool // Perform post load zone integrity checks on master zones.
CheckMx WarnFailIgnore // Check whether the MX record appears to refer to a IP address.
CheckNames WarnFailIgnore // This option is used to restrict the character set and syntax of certain domain names in master/slave/response files.
CheckWildcard bool // This option is used to check for non-terminal wildcards.
Database string // Specifies the type of database to be used for storing the zone data.
Dialup DialupOption // If yes, then the server treats all zones as if they are doing zone transfers across a dial-on-deman dialup link, which can be brought up by traffic originating from this server.
// This option is only meaningful if the forwarders list is not empty. A value of first, the
// default, causes the server to query the forwarders first — and if that doesn’t answer the question,
// the server will then look for the answer itself. If only is specified, the server will only query the
// forwarders.
Forward Forward
// The forwarding facility can be used to create a large site-wide cache on a few servers, reducing traffic
// over links to external name servers. It can also be used to allow queries by servers that do not have
// direct access to the Internet, but wish to look up exterior names anyway. Forwarding occurs only on
// those queries for which the server is not authoritative and does not have the answer in its cache.
Forwarders IPs
IxfrBase string // (Obsolete) Was used in BIND 8 to specify the name of the transaction log (journal) file for dynamic update and IXFR.
// When yes and the server loads a new version of a master zone from its zone
// file or receives a new version of a slave file by a non-incremental zone transfer, it will compare
// the new version to the previous one and calculate a set of differences.
IxfrFromDiffs IxfrFromDiffs
IxfrTmpFile string // (Obsolete) Was an undocumented option in BIND 8.
Journal string // Allow the default journal’s filename to be overridden.
KeyDirectory string // When performing dynamic update of secure zones, the directory where the public and private DNSSEC key files should be found, if different than the current working directory.
MaintainIxfrBase bool // (Obsolete) It was used in BIND 8 to determine whether a transaction log was kept for Incremental Zone Transfer.
MasterFileFormat MasterFileFormat // Specifies the file format of zone files.
MaxIxfrLogSize uint64 // (Obsolete) Accepted and ignored for BIND 8 compatibility. The option max-journal-size performs a similar function in BIND 9.
MaxJournalSize SizeSpec // Sets a maximum size for each journal file.
// These options control the server’s behavior on refreshing a zone (querying for SOA changes)
// or retrying failed transfers. Usually the SOA values for the zone are used, but these values
// are set by the master, giving slave server administrators little control over their contents.
MinRefreshTime uint64
MinRetryTime uint64
MaxRefreshTime uint64
MaxRetryTime uint64
MaxXferIdleOut int // Outbound zone transfers making no progress in this many minutes will be terminated.
MaxXferTimeOut int // Outbound zone transfers running longer than this many minutes will be terminated.
Notify Notify // If yes (the default), DNS NOTIFY messages are sent when a zone the server is authoritative for changes.
NotifyDelay int // The delay, in seconds, between sending sets of notify messages for a zone.
NotifySource *IPAndPort // Determines which local source address, and optionally UDP port, will be used to send NOTIFY messages.
NotifySourceV6 *IPAndPort // Like notify-source, but applies to notify messages sent to IPv6 addresses.
NotifyToSoa bool // If yes do not check the nameservers in the NS RRset against the SOA MNAME. Normally a NOTIFY message is not sent to the SOA MNAME (SOA ORIGIN) as it is supposed to contain the name of the ultimate master.
//TODO +real type
Pubkey int // (Obsolete) In BIND 8, this option was intended for specifying a public zone key for verification of signatures in DNSSEC signed zones when they are loaded from disk.
SigSigningNodes int // Specify the maximum number of nodes to be examined in each quantum when signing a zone with a new DNSKEY.
SigSigningSignatures int // Specify a threshold number of signatures that will terminate processing a quantum when signing a zone with a new DNSKEY.
SigSigningType int // Specify a private RDATA type to be used when generating key signing records.
SigValidityIntervalExpireHours int // Specifies how long before expiry that the signatures will be regenerated.
//TODO +real type
UpdatePolicy int // Allows more fine-grained control over what updates are allowed.
ZeroNoSoaTtl bool // When returning authoritative negative responses to SOA queries set the TTL of the SOA record returned in the authority section to zero.
ZoneStats bool // If yes, the server will collect statistical data on all zones (unless specifically turned off on a per-zone basis by specifying zone-statistics no in the zone statement).
AllowUpdateForwarding AddressMatchList // Specifies which hosts are allowed to submit Dynamic DNS updates to slave zones to be forwarded to the master.
AltTransferSource *IPAndPort // An alternate transfer source if the one listed in transfer-source fails and use-alt-transfer-source is set.
AltTransferSourceV6 *IPAndPort // An alternate transfer source if the one listed in transfer-source-v6 fails and use-alt-transfer-source is set.
DNSSecDnsKeyKskOnly bool // When this option and update-check-ksk are both set to yes, only key-signing keys (that is, keys with the KSK bit set) will be used to sign the DNSKEY RRset at the zone apex.
DNSSecSecure2Insecure bool // Allow a dynamic zone to transition from secure to insecure (i.e., signed to unsigned) by deleting all of the DNSKEY records.
Masters Masters // The masters list specifies one or more IP addresses of master servers that the slave contacts to update its copy of the zone.
MaxXferIdleIn int // Inbound zone transfers making no progress in this many minutes will be terminated.
MaxXferTimeIn int // Inbound zone transfers running longer than this many minutes will be terminated.
MultiMaster bool // This should be set when you have multiple masters for a zone and the addresses refer to different machines.
TransferSource *IPAndPort // The IPv4 source address to be used for zone transfer with the remote server.
TransferSourceV6 *IPAndPort // The IPv6 source address to be used for zone transfer with the remote server.
TryTcpRefresh bool // Try to refresh the zone using TCP if UDP queries fail.
UpdateCheckKsk bool // When set to the default value of yes, check the KSK bit in each key to determine how the key should be used when generating RRSIGs for a secure zone.
UseAltTransferSource bool // Use the alternate transfer sources or not.
DelegationOnly bool // This is used to enforce the delegation-only status of infrastructure zones (e.g. COM, NET, ORG).
}
A zone is a point of delegation in the DNS tree. A zone consists of those contiguous parts of the domain tree for which a name server has complete information and over which it has authority. It contains all domain names from a certain point downward in the domain tree except those which are delegated to other zones. A delegation point is marked by one or more NS records in the parent zone, which should be matched by equivalent NS records at the root of the delegated zone.
type ZoneClass ¶
type ZoneClass int
ZoneClass is the type of the Zone.Class tag
ZoneClass* constants are the values of the Zone.Class tag TODO => rr.Class
Source Files
Click to show internal directories.
Click to hide internal directories.