Manualshelf

Bind 9 Administrator Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series
71727374757677787980
Chapter 6. BIND 9 Configuration Reference
string number number number string ;
[ string number number number string ; [...]]
};
6.2.18. trusted-keys Statement Definition and Usage
The trusted-keys statement defines DNSSEC security roots. DNSSEC is described in Section 4.7. A
security root is defined when the public key for a non-authoritative zone is known, but cannot be securely
obtained through DNS, either because it is the DNS root zone or its parent zone is unsigned. Once a key
has been configured as a trusted key, it is treated as if it had been validated and proven secure. The
resolver attempts DNSSEC validation on all DNS data in subdomains of a security root.
The trusted-keys statement can contain multiple key entries, each consisting of the key’s domain name,
flags, protocol, algorithm, and the base-64 representation of the key data.
6.2.19. view Statement Grammar
view view_name [class] {
match-clients { address_match_list } ;
match-destinations { address_match_list } ;
match-recursive-only { yes_or_no } ;
[ view_option; ...]
[ zone-statistics yes_or_no ; ]
[ zone_statement; ...]
};
6.2.20. view Statement Definition and Usage
The view statement is a powerful new feature of BIND 9 that lets a name server answer a DNS query
differently depending on who is asking. It is particularly useful for implementing split DNS setups
without having to run multiple servers.
Each view statement defines a view of the DNS namespace that will be seen by a subset of clients. A
client matches a view if its source IP address matches the address_match_list of the view’s
match-clients clause and its destination IP address matches the address_match_list of the view’s
match-destinations clause. If not specified, both match-clients and match-destinations default to
matching all addresses. A view can also be specified as match-recursive-only, which means that only
recursive requests from matching clients will match that view. The order of the view statements is
significant — a client request will be resolved in the context of the first view that it matches.
80