good.conf - external/mpl/bind/dist/bin/tests/system/checkconf/good.conf - Netbsd-lockdoc source code (lockdoc-10.99.5-vfs-0.1)

/*
 * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
 *
 * SPDX-License-Identifier: MPL-2.0
 *
 * This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0.  If a copy of the MPL was not distributed with this
 * file, you can obtain one at https://mozilla.org/MPL/2.0/.
 *
 * See the COPYRIGHT file distributed with this work for additional
 * information regarding copyright ownership.
 */

/*
 * This is just a random selection of configuration options.
 */

/* cut here */
dnssec-policy "test" {
	dnskey-ttl 3600;
	keys {
		ksk key-directory lifetime P1Y algorithm 13 256;
		zsk key-directory lifetime P30D algorithm 13;
		csk key-directory lifetime P30D algorithm 8 2048;
	};
	max-zone-ttl 86400;
	nsec3param ;
	parent-ds-ttl 7200;
	parent-propagation-delay PT1H;
	publish-safety PT3600S;
	purge-keys P90D;
	retire-safety PT3600S;
	signatures-refresh P3D;
	signatures-validity P2W;
	signatures-validity-dnskey P14D;
	zone-propagation-delay PT5M;
};
options {
	avoid-v4-udp-ports {
		100;
	};
	avoid-v6-udp-ports {
		100;
	};
	blackhole {
		10.0.0.0/8;
	};
	coresize 1073741824;
	datasize 104857600;
	directory ".";
	dscp 41;
	dump-file "named_dumpdb";
	files 1000;
	heartbeat-interval 30;
	hostname none;
	interface-interval 30;
	keep-response-order {
		10.0.10.0/24;
	};
	listen-on port 90 {
		"any";
	};
	listen-on port 100 dscp 33 {
		127.0.0.1/32;
	};
	listen-on-v6 port 53 dscp 57 {
		"none";
	};
	match-mapped-addresses yes;
	memstatistics-file "named.memstats";
	pid-file none;
	port 5300;
	querylog yes;
	recursing-file "named.recursing";
	recursive-clients 3000;
	serial-query-rate 100;
	server-id none;
	update-quota 200;
	check-names primary warn;
	check-names secondary ignore;
	max-cache-size 20000000000000;
	nta-lifetime 604800;
	nta-recheck 604800;
	validate-except {
		"corp";
	};
	dnssec-policy "test";
	max-ixfr-ratio 90%;
	transfer-source 0.0.0.0 dscp 63;
	zone-statistics none;
};
parental-agents "parents" {
	10.10.10.11;
	10.10.10.12;
};
view "first" {
	match-clients {
		"none";
	};
	zone "example1" {
		type master;
		file "xxx";
		update-policy local;
		max-ixfr-ratio 20%;
		notify-source 10.10.10.10 port 53 dscp 55;
	};
	zone "clone" {
		type master;
		file "yyy";
		inline-signing yes;
		max-ixfr-ratio unlimited;
	};
	dnssec-validation auto;
	zone-statistics terse;
};
view "second" {
	match-clients {
		"any";
	};
	zone "example1" {
		type master;
		file "zzz";
		update-policy local;
		zone-statistics yes;
	};
	zone "example2" {
		type static-stub;
		forward only;
		forwarders {
			10.53.0.4;
		};
		zone-statistics no;
	};
	zone "example3" {
		type static-stub;
		server-addresses {
			1.2.3.4;
		};
	};
	zone "clone" {
		in-view "first";
	};
	zone "." {
		type redirect;
		masters {
			1.2.3.4;
		};
	};
	dnssec-validation auto;
	zone-statistics full;
};
view "third" {
	match-clients {
		"none";
	};
	zone "clone" {
		in-view "first";
		forward only;
		forwarders {
			10.0.0.100;
		};
	};
	zone "dnssec" {
		type master;
		file "file";
		allow-update {
			"any";
		};
		dnssec-policy "default";
	};
	zone "p" {
		type primary;
		file "pfile";
		inline-signing yes;
	};
	zone "s" {
		type secondary;
		file "sfile";
		inline-signing yes;
		masters {
			1.2.3.4;
		};
		notify primary-only;
	};
};
view "fourth" {
	zone "dnssec-test" {
		type master;
		file "dnssec-test.db";
		inline-signing yes;
		parental-agents {
			1.2.3.4;
			1.2.3.5;
		};
		dnssec-policy "test";
		parental-source 10.10.10.10 port 53 dscp 55;
	};
	zone "dnssec-default" {
		type master;
		file "dnssec-default.db";
		inline-signing yes;
		parental-agents {
			"parents";
		};
		dnssec-policy "default";
	};
	zone "dnssec-inherit" {
		type master;
		file "dnssec-inherit.db";
		inline-signing yes;
	};
	zone "dnssec-none" {
		type master;
		file "dnssec-none.db";
		dnssec-policy "none";
	};
	zone "dnssec-view1" {
		type master;
		file "dnssec-view41.db";
		inline-signing yes;
		dnssec-policy "test";
	};
	zone "dnssec-view2" {
		type master;
		file "dnssec-view42.db";
		inline-signing yes;
	};
	zone "dnssec-view3" {
		type master;
		file "dnssec-view43.db";
		dnssec-policy "none";
		key-directory "keys";
	};
	zone "dnssec-view4" {
		type master;
		file "dnssec-view44.db";
		dnssec-policy "none";
	};
	dnssec-policy "default";
	key-directory ".";
};
view "fifth" {
	zone "dnssec-view1" {
		type master;
		file "dnssec-view51.db";
		inline-signing yes;
		dnssec-policy "test";
	};
	zone "dnssec-view2" {
		type master;
		file "dnssec-view52.db";
		inline-signing yes;
		dnssec-policy "test";
		key-directory "keys";
	};
	zone "dnssec-view3" {
		type master;
		file "dnssec-view53.db";
		inline-signing yes;
		dnssec-policy "default";
		key-directory "keys";
	};
	zone "dnssec-view4" {
		type master;
		file "dnssec-view54.db";
		dnssec-policy "none";
	};
	key-directory ".";
};
view "chaos" chaos {
	zone "hostname.bind" chaos {
		type master;
		database "_builtin hostname";
		inline-signing yes;
	};
};
dyndb "name" "library.so" {
	this;
	\};
	is a {
		"test" { \{ of; the; };
	} bracketed;
	"text \"";
	system;
};
key "mykey" {
	algorithm "hmac-md5";
	secret "qwertyuiopasdfgh";
};