/* * log option */ logging { channel default_syslog { syslog local2; severity error; }; channel audit_log { file "/var/log/named.log"; severity error; print-time yes; }; category default { default_syslog; }; category general { default_syslog; }; category security { audit_log; default_syslog; }; category config { default_syslog; }; category resolver { audit_log; }; category xfer-in { audit_log; }; category xfer-out { audit_log; }; category notify { audit_log; }; category client { audit_log; }; category network { audit_log; }; category update { audit_log; }; category queries { audit_log; }; category lame-servers { audit_log; }; };
这一部分是日志的设置,其中最主要的是 file "/var/log/named.log" 这一句指定了日志文件的位置,要正常启动named,必须要保证这一文件是存在的,并且named 进程对它有读写权限。
4.2 options
options { directory "/var/named"; // listen-on-v6 { any; }; /* * If you've got a DNS server around at your upstream provider, enter * its IP address here, and enable the line below. This will make you * benefit from its cache, thus reduce overall DNS traffic in the Internet. */ //forwarders { // your.upper.DNS.address; //}; /* * If there is a firewall between you and nameservers you want * to talk to, you might need to uncomment the query-source * directive below. Previous versions of BIND always asked * questions using port 53, but BIND 8.1 uses an unprivileged * port by default. */ // query-source address * port 53; /* * If running in a sandbox, you may have to specify a different * location for the dumpfile. */ //dump-file "/etc/named_dump.db"; };
这一部分是一些基本的配置项:
directory "/etc/named"; 指定域名解析等文件的存放目录(须手动建立);
listen-on-v6 { any; }; 支持ipv6的请求;
forwarders {
your.upper.DNS.address;
}; 指定前向DNS,当本机无法解析的域名,就会被转发至前向DNS进行解析。
dump-file "/etc/named_dump.db"; 指定named_dump.db文件的位置。
4.3线索域和回环域