1/* 2 * Copyright (C) Internet Systems Consortium, Inc. ("ISC") 3 * 4 * SPDX-License-Identifier: MPL-2.0 5 * 6 * This Source Code Form is subject to the terms of the Mozilla Public 7 * License, v. 2.0. If a copy of the MPL was not distributed with this 8 * file, you can obtain one at https://mozilla.org/MPL/2.0/. 9 * 10 * See the COPYRIGHT file distributed with this work for additional 11 * information regarding copyright ownership. 12 */ 13 14options { 15 query-source address 10.53.0.2; 16 notify-source 10.53.0.2; 17 transfer-source 10.53.0.2; 18 port @PORT@; 19 pid-file "named.pid"; 20 listen-on { 10.53.0.2; }; 21 listen-on-v6 { none; }; 22 recursion no; 23 notify no; 24 minimal-responses no; 25 version none; // make statistics independent of the version number 26}; 27 28statistics-channels { inet 10.53.0.2 port @EXTRAPORT1@ allow { localhost; }; }; 29 30key rndc_key { 31 secret "1234abcd8765"; 32 algorithm hmac-sha256; 33}; 34 35controls { 36 inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; 37}; 38 39dnssec-policy "manykeys" { 40 keys { 41 ksk lifetime unlimited algorithm 8; 42 zsk lifetime unlimited algorithm 8; 43 }; 44}; 45 46zone "example" { 47 type primary; 48 file "example.db"; 49 allow-transfer { any; }; 50}; 51 52zone "dnssec" { 53 type primary; 54 file "dnssec.db.signed"; 55 auto-dnssec maintain; 56 allow-update { any; }; 57 zone-statistics full; 58 dnssec-dnskey-kskonly yes; 59 update-check-ksk yes; 60}; 61 62zone "manykeys" { 63 type primary; 64 file "manykeys.db.signed"; 65 allow-update { any; }; 66 zone-statistics full; 67 dnssec-policy "manykeys"; 68}; 69