検索

このコンテンツは選択した言語では利用できません。

12.2.2. Other Statement Types

download PDF
The following is a list of lesser used statement types available within named.conf:
  • controls — Configures various security requirements necessary to use the rndc command to administer the named service.
    Refer to Section 12.4.1, “Configuring /etc/named.conf to learn more about how the controls statement is structured and available options.
  • key "<key-name>" — Defines a particular key by name. Keys are used to authenticate various actions, such as secure updates or the use of the rndc command. Two options are used with key:
    • algorithm <algorithm-name> — The type of algorithm used, such as dsa or hmac-md5.
    • secret "<key-value>" — The encrypted key.
    Refer to Section 12.4.2, “Configuring /etc/rndc.conf for instructions on how to write a key statement.
  • logging — Allows for the use of multiple types of logs, called channels. By using the channel option within the logging statement, a customized type of log, with its own file name (file), size limit (size), versioning (version), and level of importance (severity), can be constructed. Once a customized channel has been defined, a category option is used to categorize the channel and begin logging when named is restarted.
    By default, named logs standard messages to the syslog daemon, which places them in /var/log/messages. This occurs because several standard channels are built into BIND with various severity levels, such as one that handles informational logging messages (default_syslog) and another that specifically handles debugging messages (default_debug). A default category, called default, uses the built-in channels to do normal logging without any special configuration.
    Customizing the logging process can be a very detailed process and is beyond the scope of this chapter. For information on creating custom BIND logs, refer to the BIND 9 Administrator Reference Manual referenced in Section 12.7.1, “Installed Documentation”.
  • server — Specifies options that affect how named should respond to remote nameservers, especially in regards to notifications and zone transfers.
    The transfer-format option controls whether one resource record is sent with each message (one-answer) or multiple resource records are sent with each message (many-answers). While many-answers is more efficient, only newer BIND nameservers understand it.
  • trusted-keys — Contains assorted public keys used for secure DNS (DNSSEC). Refer to Section 12.5.3, “Security” for more information concerning BIND security.
  • view "<view-name>" — Creates special views depending upon which network the host querying the nameserver is on. This allows some hosts to receive one answer regarding a zone while other hosts receive totally different information. Alternatively, certain zones may only be made available to particular trusted hosts while non-trusted hosts can only make queries for other zones.
    Multiple views may be used, but their names must be unique. The match-clients option specifies the IP addresses that apply to a particular view. Any options statements may also be used within a view, overriding the global options already configured for named. Most view statements contain multiple zone statements that apply to the match-clients list. The order in which view statements are listed is important, as the first view statement that matches a particular client's IP address is used.
    Refer to Section 12.5.2, “Multiple Views” for more information about the view statement.
Red Hat logoGithubRedditYoutubeTwitter

詳細情報

試用、購入および販売

コミュニティー

Red Hat ドキュメントについて

Red Hat をお使いのお客様が、信頼できるコンテンツが含まれている製品やサービスを活用することで、イノベーションを行い、目標を達成できるようにします。

多様性を受け入れるオープンソースの強化

Red Hat では、コード、ドキュメント、Web プロパティーにおける配慮に欠ける用語の置き換えに取り組んでいます。このような変更は、段階的に実施される予定です。詳細情報: Red Hat ブログ.

会社概要

Red Hat は、企業がコアとなるデータセンターからネットワークエッジに至るまで、各種プラットフォームや環境全体で作業を簡素化できるように、強化されたソリューションを提供しています。

© 2024 Red Hat, Inc.