options

optionsについて

options設定はBindのデフォルト値を設定します。named.confに設定し、optionsは1回だけ出てきます。設定できる項目が非常に多いので以下のようにページを分割しました。

Variable Options 値を指定して設定する項目。
Boolean Options 真偽値を指定して設定する項目。
Forwarding 別NSへリクエストを転送する設定に関わる設定項目。
Dual-stack Servers IPv4/IPv6のデュアルスタックNSに関わる設定項目。
Access Control NSにアクセスするクライアントの通信制御に関わる設定項目。
Interfaces クライアントに応答するインタフェース(NIC?)に関わる設定項目。
Query Address クライアントからのリクエストに対するNSのアドレスに関わる設定項目。
Zone Transfers ゾーン転送に関わる設定項目。
UDP Port Lists 通信を行うUDPポートに関わる設定項目。
Operating System Resource Limits OSのリソース制限に関わる設定項目。
Server Resource Limits サーバのリソース制限に関わる設定項目。
Periodic Task Intervals Bindが実行する定期的に処理するタスクに関わる設定項目。
Topology Bindが設置されているトポロジに関する設定項目。#Bind9には実装されていな!?
The sortlist Statement クエリに対する応答内容の並びに関する設定項目。
RRset Ordering 一つのクエリに複数のレスポンスがある場合の並べ方についての設定項目。
Tuning 主にBindのキャッシュチューニングに関わる設定項目。
Built-in server information zones Bindの持っているゾーン情報に関する設定項目。
Built-in Empty Zones Bindが持っていないゾーン情報に関する設定項目。
Additional Section Caching Additional Sectionキャッシュに関する設定項目。
Content Filtering 外部レコードのフィルタリングに関わる設定項目。
Response Policy Zone (RPZ) Rewriting クエリに対するレスポンスに関わる設定項目。

 

とりあえずoptions書式(全部)

options {
    [ attach-cache cache_name; ]
    [ version version_string; ]
    [ hostname hostname_string; ]
    [ server-id server_id_string; ]
    [ directory path_name; ]
    [ key-directory path_name; ]
    [ managed-keys-directory path_name; ]
    [ named-xfer path_name; ]
    [ tkey-gssapi-keytab path_name; ]
    [ tkey-gssapi-credential principal; ]
    [ tkey-domain domainname; ]
    [ tkey-dhkey key_name key_tag; ]
    [ cache-file path_name; ]
    [ dump-file path_name; ]
    [ bindkeys-file path_name; ]
    [ memstatistics yes_or_no; ]
    [ memstatistics-file path_name; ]
    [ pid-file path_name; ]
    [ recursing-file path_name; ]
    [ statistics-file path_name; ]
    [ zone-statistics yes_or_no; ]
    [ auth-nxdomain yes_or_no; ]
    [ deallocate-on-exit yes_or_no; ]
    [ dialup dialup_option; ]
    [ fake-iquery yes_or_no; ]
    [ fetch-glue yes_or_no; ]
    [ flush-zones-on-shutdown yes_or_no; ]
    [ has-old-clients yes_or_no; ]
    [ host-statistics yes_or_no; ]
    [ host-statistics-max number; ]
    [ minimal-responses yes_or_no; ]
    [ multiple-cnames yes_or_no; ]
    [ notify yes_or_no | explicit | master-only; ]
    [ recursion yes_or_no; ]
    [ rfc2308-type1 yes_or_no; ]
    [ use-id-pool yes_or_no; ]
    [ maintain-ixfr-base yes_or_no; ]
    [ ixfr-from-differences (yes_or_no | master | slave); ]
    [ dnssec-enable yes_or_no; ]
    [ dnssec-validation (yes_or_no | auto); ]
    [ dnssec-lookaside ( auto |
                         domain trust-anchor domain ); ]
    [ dnssec-must-be-secure domain yes_or_no; ]
    [ dnssec-accept-expired yes_or_no; ]
    [ forward ( only | first ); ]
    [ forwarders { [ ip_addr [port ip_port] ; ... ] }; ]
    [ dual-stack-servers [port ip_port] {
        ( domain_name [port ip_port] |
          ip_addr [port ip_port] ) ;
        ... }; ]
    [ check-names ( master | slave | response )
        ( warn | fail | ignore ); ]
    [ check-dup-records ( warn | fail | ignore ); ]
    [ check-mx ( warn | fail | ignore ); ]
    [ check-wildcard yes_or_no; ]
    [ check-integrity yes_or_no; ]
    [ check-mx-cname ( warn | fail | ignore ); ]
    [ check-srv-cname ( warn | fail | ignore ); ]
    [ check-sibling yes_or_no; ]
    [ allow-new-zones { yes_or_no }; ]
    [ allow-notify { address_match_list }; ]
    [ allow-query { address_match_list }; ]
    [ allow-query-on { address_match_list }; ]
    [ allow-query-cache { address_match_list }; ]
    [ allow-query-cache-on { address_match_list }; ]
    [ allow-transfer { address_match_list }; ]
    [ allow-recursion { address_match_list }; ]
    [ allow-recursion-on { address_match_list }; ]
    [ allow-update { address_match_list }; ]
    [ allow-update-forwarding { address_match_list }; ]
    [ update-check-ksk yes_or_no; ]
    [ dnssec-dnskey-kskonly yes_or_no; ]
    [ dnssec-secure-to-insecure yes_or_no ;]
    [ try-tcp-refresh yes_or_no; ]
    [ allow-v6-synthesis { address_match_list }; ]
    [ blackhole { address_match_list }; ]
    [ use-v4-udp-ports { port_list }; ]
    [ avoid-v4-udp-ports { port_list }; ]
    [ use-v6-udp-ports { port_list }; ]
    [ avoid-v6-udp-ports { port_list }; ]
    [ listen-on [ port ip_port ] { address_match_list }; ]
    [ listen-on-v6 [ port ip_port ] { address_match_list }; ]
    [ query-source ( ( ip4_addr | * )
        [ port ( ip_port | * ) ] |
        [ address ( ip4_addr | * ) ]
        [ port ( ip_port | * ) ] ) ; ]
    [ query-source-v6 ( ( ip6_addr | * )
        [ port ( ip_port | * ) ] |
        [ address ( ip6_addr | * ) ]
        [ port ( ip_port | * ) ] ) ; ]
    [ use-queryport-pool yes_or_no; ]
    [ queryport-pool-ports number; ]
    [ queryport-pool-updateinterval number; ]
    [ max-transfer-time-in number; ]
    [ max-transfer-time-out number; ]
    [ max-transfer-idle-in number; ]
    [ max-transfer-idle-out number; ]
    [ tcp-clients number; ]
    [ reserved-sockets number; ]
    [ recursive-clients number; ]
    [ serial-query-rate number; ]
    [ serial-queries number; ]
    [ tcp-listen-queue number; ]
    [ transfer-format ( one-answer | many-answers ); ]
    [ transfers-in number; ]
    [ transfers-out number; ]
    [ transfers-per-ns number; ]
    [ transfer-source (ip4_addr | *) [port ip_port] ; ]
    [ transfer-source-v6 (ip6_addr | *) [port ip_port] ; ]
    [ alt-transfer-source (ip4_addr | *) [port ip_port] ; ]
    [ alt-transfer-source-v6 (ip6_addr | *)
                             [port ip_port] ; ]
    [ use-alt-transfer-source yes_or_no; ]
    [ notify-delay seconds ; ]
    [ notify-source (ip4_addr | *) [port ip_port] ; ]
    [ notify-source-v6 (ip6_addr | *) [port ip_port] ; ]
    [ notify-to-soa yes_or_no ; ]
    [ also-notify { ip_addr [port ip_port] ;
                  [ ip_addr [port ip_port] ; ... ] }; ]
    [ max-ixfr-log-size number; ]
    [ max-journal-size size_spec; ]
    [ coresize size_spec ; ]
    [ datasize size_spec ; ]
    [ files size_spec ; ]
    [ stacksize size_spec ; ]
    [ cleaning-interval number; ]
    [ heartbeat-interval number; ]
    [ interface-interval number; ]
    [ statistics-interval number; ]
    [ topology { address_match_list }];
    [ sortlist { address_match_list }];
    [ rrset-order { order_spec ; [ order_spec ; ... ] ] };
    [ lame-ttl number; ]
    [ max-ncache-ttl number; ]
    [ max-cache-ttl number; ]
    [ sig-validity-interval number [number] ; ]
    [ sig-signing-nodes number ; ]
    [ sig-signing-signatures number ; ]
    [ sig-signing-type number ; ]
    [ min-roots number; ]
    [ use-ixfr yes_or_no ; ]
    [ provide-ixfr yes_or_no; ]
    [ request-ixfr yes_or_no; ]
    [ treat-cr-as-space yes_or_no ; ]
    [ min-refresh-time number ; ]
    [ max-refresh-time number ; ]
    [ min-retry-time number ; ]
    [ max-retry-time number ; ]
    [ port ip_port; ]
    [ additional-from-auth yes_or_no ; ]
    [ additional-from-cache yes_or_no ; ]
    [ random-device path_name ; ]
    [ max-cache-size size_spec ; ]
    [ match-mapped-addresses yes_or_no; ]
    [ filter-aaaa-on-v4 ( yes_or_no | break-dnssec ); ]
    [ filter-aaaa { address_match_list }; ]
    [ dns64 IPv6-prefix {
        [ clients { address_match_list }; ]
        [ mapped { address_match_list }; ]
        [ exclude { address_match_list }; ]
        [ suffix IPv6-address; ]
        [ recursive-only yes_or_no; ]
        [ break-dnssec yes_or_no; ]
    }; ];
    [ dns64-server name ]
    [ dns64-contact name ]
    [ preferred-glue ( A | AAAA | NONE ); ]
    [ edns-udp-size number; ]
    [ max-udp-size number; ]
    [ root-delegation-only [ exclude { namelist } ] ; ]
    [ querylog yes_or_no ; ]
    [ disable-algorithms domain { algorithm;
                                [ algorithm; ] }; ]
    [ acache-enable yes_or_no ; ]
    [ acache-cleaning-interval number; ]
    [ max-acache-size size_spec ; ]
    [ clients-per-query number ; ]
    [ max-clients-per-query number ; ]
    [ masterfile-format (text|raw) ; ]
    [ empty-server name ; ]
    [ empty-contact name ; ]
    [ empty-zones-enable yes_or_no ; ]
    [ disable-empty-zone zone_name ; ]
    [ zero-no-soa-ttl yes_or_no ; ]
    [ zero-no-soa-ttl-cache yes_or_no ; ]
    [ resolver-query-timeout number ; ]
    [ deny-answer-addresses { address_match_list }
        [ except-from { namelist } ];]
    [ deny-answer-aliases { namelist } [ except-from { namelist } ];]
    [ response-policy { zone_name 
        [ policy given | no-op | nxdomain | nodata | cname domain };
};

 

 

<font size=”2″><a href=”file:///C:/Documents and Settings/koji/My Documents/Dropbox/[HPB] www.dns-memo.info/bind9/options-variable.html”>Variable Options</a></font>