[deployment-guide/comm-rel: 355/727] Updated the `zone' statement description.
Jaromir Hradilek
jhradile at fedoraproject.org
Tue Oct 19 12:54:31 UTC 2010
commit 40f146a3ac71e04f9fb8428830fdbdde7ac226ce
Author: Jaromir Hradilek <jhradile at redhat.com>
Date: Fri Aug 13 12:03:53 2010 +0200
Updated the `zone' statement description.
en-US/The_BIND_DNS_Server.xml | 336 +++++++++++++++++++----------------------
1 files changed, 153 insertions(+), 183 deletions(-)
---
diff --git a/en-US/The_BIND_DNS_Server.xml b/en-US/The_BIND_DNS_Server.xml
index e49cfa2..2e2896b 100644
--- a/en-US/The_BIND_DNS_Server.xml
+++ b/en-US/The_BIND_DNS_Server.xml
@@ -627,191 +627,161 @@ options {
</example>
</listitem>
</varlistentry>
- </variablelist>
- <section id="s3-bind-namedconf-state-zone">
- <title><command>zone</command> Statement</title>
- <para>
- A <command>zone</command> statement defines the characteristics of a zone, such as the location of its configuration file and zone-specific options. This statement can be used to override the global <command>options</command> statements.
- </para>
- <para>
- A <command>zone</command> statement takes the following form:
- </para>
- <screen>zone <replaceable><zone-name></replaceable>
- <replaceable><zone-class></replaceable>
- <replaceable><zone-options></replaceable>;
-[<replaceable><zone-options></replaceable>; ...]
-};</screen>
- <para>
- In this statement, <replaceable><zone-name></replaceable> is the name of the zone, <replaceable><zone-class></replaceable> is the optional class of the zone, and <replaceable><zone-options></replaceable> is a list of options characterizing the zone.
- </para>
- <para>
- The <replaceable><zone-name></replaceable> attribute for the zone statement is particularly important. It is the default value assigned for the <command>$ORIGIN</command> directive used within the corresponding zone file located in the <filename>/var/named/</filename> directory. The <command>named</command> daemon appends the name of the zone to any non-fully qualified domain name listed in the zone file.
- </para>
- <para>
- For example, if a <command>zone</command> statement defines the namespace for <command>example.com</command>, use <command>example.com</command> as the <replaceable><zone-name></replaceable> so it is placed at the end of hostnames within the <command>example.com</command> zone file.
- </para>
- <para>
- For more information about zone files, <!-- RHEL5: see -->refer to <xref linkend="s1-bind-zone" />.
- </para>
- <para>
- The most common <command>zone</command> statement options include the following:
- </para>
- <variablelist>
- <varlistentry>
- <term><command>allow-query</command></term>
- <listitem>
- <para>
- Specifies the clients that are allowed to request information about this zone. Setting of this option overrides global <command>allow-query</command> option. The default is to allow all query requests.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><command>allow-transfer</command></term>
- <listitem>
- <para>
- Specifies the slave servers that are allowed to request a transfer of the zone's information. The default is to allow all transfer requests.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><command>allow-update</command></term>
- <listitem>
- <para>
- Specifies the hosts that are allowed to dynamically update information in their zone. The default is to deny all dynamic update requests.
- </para>
- <para>
- Be careful when allowing hosts to update information about their zone. Do not set IP addresses in this option unless the server is in the trusted network. Use TSIG key instead <!-- TODO: refer to section 7.5.3, TSIG authentication-->.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><command>file</command></term>
- <listitem>
- <para>
- Specifies the name of the file in the <command>named</command> working directory that contains the zone's configuration data.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><command>masters</command></term>
- <listitem>
- <para>
- Specifies the IP addresses from which to request authoritative zone information and is used only if the zone is defined as <command>type</command> <command>slave</command>.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><command>notify</command></term>
- <listitem>
- <para>
- Specifies whether or not <command>named</command> notifies the slave servers when a zone is updated. This option has same parameters as a global <command>notify</command> parameter.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><command>type</command></term>
- <listitem>
- <para>
- Defines the type of zone.
- </para>
- <para>
- Below is a list of valid options:
- </para>
- <itemizedlist>
- <listitem>
- <para>
- <command>delegation-only</command> — Enforces the delegation status of infrastructure zones such as COM, NET, or ORG. Any answer that is received without an explicit or implicit delegation is treated as <command>NXDOMAIN</command>. This option is only applicable in TLDs or root zone files used in recursive or caching implementations.
- </para>
- </listitem>
- <listitem>
- <para>
- <command>forward</command> — Forwards all requests for information about this zone to other nameservers.
- </para>
- </listitem>
- <listitem>
- <para>
- <command>hint</command> — A special type of zone used to point to the root nameservers which resolve queries when a zone is not otherwise known. No configuration beyond the default is necessary with a <command>hint</command> zone.
- </para>
- </listitem>
- <listitem>
- <para>
- <command>master</command> — Designates the nameserver as authoritative for this zone. A zone should be set as the <command>master</command> if the zone's configuration files reside on the system.
- </para>
- </listitem>
- <listitem>
- <para>
- <command>slave</command> — Designates the nameserver as a slave server for this zone. Master server is specified in <command>masters</command> directive.
- </para>
- </listitem>
- </itemizedlist>
- </listitem>
- </varlistentry>
- </variablelist>
- <!-- RHEL5: ddomingo at redhat.com: above <variablelist> replaces following <itemizedlist>:
- <itemizedlist>
- <listitem>
- <para><command>allow-query</command> — Specifies the clients that are allowed to request information about this zone. The default is to allow all query requests.</para>
- </listitem>
- <listitem>
- <para><command>allow-transfer</command> — Specifies the slave servers that are allowed to request a transfer of the zone's information. The default is to allow all transfer requests.</para>
- </listitem>
- <listitem>
- <para><command>allow-update</command> — Specifies the hosts that are allowed to dynamically update information in their zone. The default is to deny all dynamic update requests.</para>
- <para>Be careful when allowing hosts to update information about their zone. Do not enable this option unless the host specified is completely trusted. In general, it better to have an administrator manually update the records for a zone and reload the
- <command>named</command> service.</para>
- </listitem>
- <listitem>
- <para><command>file</command> — Specifies the name of the file in the <command>named</command> working directory that contains the zone's configuration data.</para>
- </listitem>
- <listitem>
- <para><command>masters</command> — Specifies the IP addresses from which to request authoritative zone information and is used only if the zone is defined as <command>type</command>
- <command>slave</command>.</para>
- </listitem>
- <listitem>
- <para><command>notify</command> — Specifies whether or not <command>named</command> notifies the slave servers when a zone is updated. This directive accepts the following options:</para>
- <itemizedlist>
- <listitem>
- <para><command>yes</command> — Notifies slave servers.</para>
- </listitem>
- <listitem>
- <para><command>no</command> — Does not notify slave servers.</para>
- </listitem>
- <listitem>
- <para><command>explicit</command> — Only notifies slave servers specified in an <command>also-notify</command> list within a zone statement.</para>
- </listitem>
- </itemizedlist>
- </listitem>
- <listitem>
- <para><command>type</command> — Defines the type of zone.</para>
- <para>Below is a list of valid options:</para>
- <itemizedlist>
- <listitem>
- <para><command>delegation-only</command> — Enforces the delegation status of infrastructure zones such as COM, NET, or ORG. Any answer that is received without an explicit or implicit delegation is treated as
- <command>NXDOMAIN</command>. This option is only applicable in TLDs or root zone files used in recursive or caching implementations.</para>
- </listitem>
- <listitem>
- <para><command>forward</command> — Forwards all requests for information about this zone to other nameservers.</para>
- </listitem>
- <listitem>
- <para><command>hint</command> — A special type of zone used to point to the root nameservers which resolve queries when a zone is not otherwise known. No configuration beyond the default is necessary with a
- <command>hint</command> zone.</para>
- </listitem>
- <listitem>
- <para><command>master</command> — Designates the nameserver as authoritative for this zone. A zone should be set as the <command>master</command> if the zone's configuration files reside on the system.</para>
- </listitem>
- <listitem>
- <para><command>slave</command> — Designates the nameserver as a slave server for this zone. Also specifies the IP address of the master nameserver for the zone.</para>
- </listitem>
- </itemizedlist>
- </listitem>
+ <varlistentry>
+ <term><command>zone</command></term>
<listitem>
- <para><command>zone-statistics</command> — Configures <command>named</command> to keep statistics concerning this zone, writing them to either the default location
- (<filename>/var/named/named.stats</filename>) or the file listed in the <command>statistics-file</command> option in the <command>server</command> statement. Refer to
- <xref linkend="s2-bind-namedconf-state-other"/> for more information about the <command>server</command> statement.</para>
+ <para>
+ The <command>zone</command> statement allows you to define the characteristics of a zone, such as the location of its configuration file and zone-specific options, and can be used to override the global <command>options</command> statements. It takes the following form:
+ </para>
+ <screen>zone <replaceable>zone-name</replaceable> [<replaceable>zone-class</replaceable>] {
+ <replaceable>option</replaceable>;
+ ...
+};</screen>
+ <para>
+ The <replaceable>zone-name</replaceable> attribute is the name of the zone, <replaceable>zone-class</replaceable> is the optional class of the zone, and <replaceable>option</replaceable> is a <command>zone</command> statement option as described in <xref linkend="table-bind-namedconf-common-zone" />.
+ </para>
+ <para>
+ The <replaceable>zone-name</replaceable> attribute is particularly important, as it is the default value assigned for the <option>$ORIGIN</option> directive used within the corresponding zone file located in the <filename>/var/named/</filename> directory. The <systemitem class="service">named</systemitem> daemon appends the name of the zone to any non-fully qualified domain name listed in the zone file. For example, if a <command>zone</command> statement defines the namespace for <literal>example.com</literal>, use <literal>example.com</literal> as the <replaceable>zone-name</replaceable> so that it is placed at the end of hostnames within the <literal>example.com</literal> zone file.
+ </para>
+ <para>
+ For more information about zone files, refer to <xref linkend="s1-bind-zone" />.
+ </para>
+ <table id="table-bind-namedconf-common-zone">
+ <title>Commonly used options</title>
+ <tgroup cols="2">
+ <colspec colname="option" colnum="1" colwidth="20*" />
+ <colspec colname="description" colnum="2" colwidth="60*" />
+ <thead>
+ <row>
+ <entry>
+ Option
+ </entry>
+ <entry>
+ Description
+ </entry>
+ </row>
+ </thead>
+ <tbody>
+ <row>
+ <entry>
+ <option>allow-query</option>
+ </entry>
+ <entry>
+ Specifies which clients are allowed to request information about this zone. This option overrides global <option>allow-query</option> option. All query requests are allowed by default.
+ </entry>
+ </row>
+ <row>
+ <entry>
+ <option>allow-transfer</option>
+ </entry>
+ <entry>
+ Specifies which secondary servers are allowed to request a transfer of the zone's information. All transfer requests are allowed by default.
+ </entry>
+ </row>
+ <row>
+ <entry>
+ <option>allow-update</option>
+ </entry>
+ <entry>
+ <para>
+ Specifies which hosts are allowed to dynamically update information in their zone. The default option is to deny all dynamic update requests.
+ </para>
+ <para>
+ Note that you should be careful when allowing hosts to update information about their zone. Do not set IP addresses in this option unless the server is in the trusted network. Instead, use TSIG key as described in <xref linkend="s2-bind-features-tsig" />.
+ </para>
+ </entry>
+ </row>
+ <row>
+ <entry>
+ <option>file</option>
+ </entry>
+ <entry>
+ Specifies the name of the file in the <systemitem class="service">named</systemitem> working directory that contains the zone's configuration data.
+ </entry>
+ </row>
+ <row>
+ <entry>
+ <option>masters</option>
+ </entry>
+ <entry>
+ Specifies from which IP addresses to request authoritative zone information. This option is used only if the zone is defined as <option>type</option> <option>slave</option>.
+ </entry>
+ </row>
+ <row>
+ <entry>
+ <option>notify</option>
+ </entry>
+ <entry>
+ <para>
+ Specifies whether to notify the secondary nameservers when a zone is updated. It accepts the following options:
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ <option>yes</option> — The server will notify all secondary nameservers.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <option>no</option> — The server will <emphasis>not</emphasis> notify any secondary nameserver.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <option>master-only</option> — The server will notify primary server for the zone only.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <option>explicit</option> — The server will notify only the secondary servers that are specified in the <option>also-notify</option> list within a zone statement.
+ </para>
+ </listitem>
+ </itemizedlist>
+ </entry>
+ </row>
+ <row>
+ <entry>
+ <option>type</option>
+ </entry>
+ <entry>
+ <para>
+ Specifies the zone type. It accepts the following options:
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ <command>delegation-only</command> — Enforces the delegation status of infrastructure zones such as COM, NET, or ORG. Any answer that is received without an explicit or implicit delegation is treated as <command>NXDOMAIN</command>. This option is only applicable in TLDs or root zone files used in recursive or caching implementations.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <command>forward</command> — Forwards all requests for information about this zone to other nameservers.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <command>hint</command> — A special type of zone used to point to the root nameservers which resolve queries when a zone is not otherwise known. No configuration beyond the default is necessary with a <command>hint</command> zone.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <command>master</command> — Designates the nameserver as authoritative for this zone. A zone should be set as the <command>master</command> if the zone's configuration files reside on the system.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <command>slave</command> — Designates the nameserver as a slave server for this zone. Master server is specified in <command>masters</command> directive.
+ </para>
+ </listitem>
+ </itemizedlist>
+ </entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </table>
</listitem>
- </itemizedlist>
- -->
- </section>
+ </varlistentry>
+ </variablelist>
<section id="s3-bind-configuration-named-zone">
<title>Sample <command>zone</command> Statements</title>
<indexterm>
More information about the docs-commits
mailing list