xref: /netbsd-src/external/mpl/bind/dist/bin/tests/system/rpz/ns3/named.conf.in (revision 154bfe8e089c1a0a4e9ed8414f08d3da90949162) 
1/*
2 * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
3 *
4 * This Source Code Form is subject to the terms of the Mozilla Public
5 * License, v. 2.0. If a copy of the MPL was not distributed with this
6 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
7 *
8 * See the COPYRIGHT file distributed with this work for additional
9 * information regarding copyright ownership.
10 */
11
12
13/*
14 * Main rpz test DNS server.
15 */
16
17options {
18	query-source address 10.53.0.3;
19	notify-source 10.53.0.3;
20	transfer-source 10.53.0.3;
21	port @PORT@;
22	pid-file "named.pid";
23	statistics-file	"named.stats";
24	session-keyfile "session.key";
25	listen-on { 10.53.0.3; };
26	listen-on-v6 { none; };
27	notify yes;
28	minimal-responses no;
29	recursion yes;
30	dnssec-validation yes;
31	min-refresh-time 1;
32	min-retry-time 1;
33
34	response-policy {
35	    zone "fast-expire";
36	    zone "bl"					max-policy-ttl 100;
37	    zone "bl-2";
38	    zone "bl-given"	policy given		recursive-only yes;
39	    zone "bl-passthru"	policy passthru;
40	    zone "bl-no-op"	policy no-op;		# obsolete for passthru
41	    zone "bl-disabled"	policy disabled;
42	    zone "bl-nodata"	policy nodata		recursive-only no;
43	    zone "bl-nxdomain"	policy nxdomain;
44	    zone "bl-cname"	policy cname txt-only.tld2.;
45	    zone "bl-wildcname"	policy cname *.tld4.;
46	    zone "bl-garden"	policy cname a12.tld2.;
47	    zone "bl-drop"	policy drop;
48	    zone "bl-tcp-only"	policy tcp-only;
49	    zone "bl.tld2";
50	    zone "manual-update-rpz";
51	}
52	add-soa yes
53	min-ns-dots 0
54	qname-wait-recurse yes
55	min-update-interval 0
56	nsdname-enable yes
57	nsip-enable yes
58	;
59
60	include "../dnsrps.conf";
61	also-notify { 10.53.0.3 port @EXTRAPORT1@; };
62	notify-delay 0;
63};
64
65logging { category rpz { default_debug; }; };
66
67key rndc_key {
68	secret "1234abcd8765";
69	algorithm hmac-sha256;
70};
71controls {
72	inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
73};
74
75
76zone "." { type hint; file "hints"; };
77
78zone "bl."		{type master; file "bl.db";
79				allow-update {any;};};
80zone "bl-2."		{type master; file "bl-2.db";
81				allow-update {any;};};
82zone "bl-given."	{type master; file "bl-given.db";
83				allow-update {any;};};
84zone "bl-passthru."	{type master; file "bl-passthru.db";
85				allow-update {any;};};
86zone "bl-no-op."	{type master; file "bl-no-op.db";
87				allow-update {any;};};
88zone "bl-disabled."	{type master; file "bl-disabled.db";
89				allow-update {any;};};
90zone "bl-nodata."	{type master; file "bl-nodata.db";
91				allow-update {any;};};
92zone "bl-nxdomain."	{type master; file "bl-nxdomain.db";
93				allow-update {any;};};
94zone "bl-cname."	{type master; file "bl-cname.db";
95				allow-update {any;};};
96zone "bl-wildcname."	{type master; file "bl-wildcname.db";
97				allow-update {any;};};
98zone "bl-garden."	{type master; file "bl-garden.db";
99				allow-update {any;};};
100zone "bl-drop."		{type master; file "bl-drop.db";
101				allow-update {any;};};
102zone "bl-tcp-only."	{type master; file "bl-tcp-only.db";
103				allow-update {any;};};
104
105zone "bl.tld2."		{type slave; file "bl.tld2.db"; masters {10.53.0.2;};
106				request-ixfr no; masterfile-format text;};
107
108zone "crash1.tld2"	{type master; file "crash1"; notify no;};
109zone "crash2.tld3."	{type master; file "crash2"; notify no;};
110
111zone "manual-update-rpz." {
112	type master;
113	file "manual-update-rpz.db";
114	notify no;
115};
116
117zone "fast-expire." {
118	type secondary;
119	file "fast-expire.db";
120	masters { 10.53.0.5; };
121	notify no;
122};
123