이 콘텐츠는 선택한 언어로 제공되지 않습니다.

12.2.2. Other Statement Types


The following is a list of lesser used statement types available within named.conf:
  • controls — Configures various security requirements necessary to use the rndc command to administer the named service.
    Refer to Section 12.4.1, “Configuring /etc/named.conf to learn more about how the controls statement is structured and available options.
  • key "<key-name>" — Defines a particular key by name. Keys are used to authenticate various actions, such as secure updates or the use of the rndc command. Two options are used with key:
    • algorithm <algorithm-name> — The type of algorithm used, such as dsa or hmac-md5.
    • secret "<key-value>" — The encrypted key.
    Refer to Section 12.4.2, “Configuring /etc/rndc.conf for instructions on how to write a key statement.
  • logging — Allows for the use of multiple types of logs, called channels. By using the channel option within the logging statement, a customized type of log, with its own file name (file), size limit (size), versioning (version), and level of importance (severity), can be constructed. Once a customized channel has been defined, a category option is used to categorize the channel and begin logging when named is restarted.
    By default, named logs standard messages to the syslog daemon, which places them in /var/log/messages. This occurs because several standard channels are built into BIND with various severity levels, such as one that handles informational logging messages (default_syslog) and another that specifically handles debugging messages (default_debug). A default category, called default, uses the built-in channels to do normal logging without any special configuration.
    Customizing the logging process can be a very detailed process and is beyond the scope of this chapter. For information on creating custom BIND logs, refer to the BIND 9 Administrator Reference Manual referenced in Section 12.7.1, “Installed Documentation”.
  • server — Specifies options that affect how named should respond to remote nameservers, especially in regards to notifications and zone transfers.
    The transfer-format option controls whether one resource record is sent with each message (one-answer) or multiple resource records are sent with each message (many-answers). While many-answers is more efficient, only newer BIND nameservers understand it.
  • trusted-keys — Contains assorted public keys used for secure DNS (DNSSEC). Refer to Section 12.5.3, “Security” for more information concerning BIND security.
  • view "<view-name>" — Creates special views depending upon which network the host querying the nameserver is on. This allows some hosts to receive one answer regarding a zone while other hosts receive totally different information. Alternatively, certain zones may only be made available to particular trusted hosts while non-trusted hosts can only make queries for other zones.
    Multiple views may be used, but their names must be unique. The match-clients option specifies the IP addresses that apply to a particular view. Any options statements may also be used within a view, overriding the global options already configured for named. Most view statements contain multiple zone statements that apply to the match-clients list. The order in which view statements are listed is important, as the first view statement that matches a particular client's IP address is used.
    Refer to Section 12.5.2, “Multiple Views” for more information about the view statement.
Red Hat logoGithubRedditYoutubeTwitter

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

Red Hat을 사용하는 고객은 신뢰할 수 있는 콘텐츠가 포함된 제품과 서비스를 통해 혁신하고 목표를 달성할 수 있습니다.

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat은 코드, 문서, 웹 속성에서 문제가 있는 언어를 교체하기 위해 최선을 다하고 있습니다. 자세한 내용은 다음을 참조하세요.Red Hat 블로그.

Red Hat 소개

Red Hat은 기업이 핵심 데이터 센터에서 네트워크 에지에 이르기까지 플랫폼과 환경 전반에서 더 쉽게 작업할 수 있도록 강화된 솔루션을 제공합니다.

© 2024 Red Hat, Inc.