Domain Name System related services DNS forwarding 918 DNS forwarding cache size u32:0-2147483647 DNS forwarding cache size 10000 Interfaces whose DHCP client nameservers to forward requests to Help to communicate between IPv6-only client and IPv4-only server ipv6net IPv6 address and /96 only prefix length DNSSEC mode off process-no-validate process log-fail validate off No DNSSEC processing whatsoever! process-no-validate Respond with DNSSEC records to clients that ask for it. No validation done at all! process Respond with DNSSEC records to clients that ask for it. Validation for clients that request it. log-fail Similar behaviour to process, but validate RRSIGs on responses and log bogus responses. validate Full blown DNSSEC validation. Send SERVFAIL to clients on bogus responses. (off|process-no-validate|process|log-fail|validate) process-no-validate Domain to forward to a custom DNS server txt An absolute DNS domain name #include Add NTA (negative trust anchor) for this domain (must be set if the domain does not support DNSSEC) Set the "recursion desired" bit in requests to the upstream nameserver Domain to host authoritative records for txt An absolute DNS domain name DNS zone records "A" record txt A DNS name relative to the root record @ Root record any Wildcard record (any subdomain) ([-_a-zA-Z0-9.]{1,63}|@|any)(?<!\.) IPv4 address ipv4 IPv4 address #include #include "AAAA" record txt A DNS name relative to the root record @ Root record any Wildcard record (any subdomain) ([-_a-zA-Z0-9.]{1,63}|@|any)(?<!\.) IPv6 address ipv6 IPv6 address #include #include "CNAME" record txt A DNS name relative to the root record @ Root record ([-_a-zA-Z0-9.]{1,63}|@)(?<!\.) Target DNS name name.example.com An absolute DNS name [-_a-zA-Z0-9.]{1,63}(?<!\.) #include #include "MX" record txt A DNS name relative to the root record @ Root record ([-_a-zA-Z0-9.]{1,63}|@)(?<!\.) Mail server name.example.com An absolute DNS name [-_a-zA-Z0-9.]{1,63}(?<!\.) Server priority u32:1-999 Server priority (lower numbers are higher priority) 10 #include #include "PTR" record txt A DNS name relative to the root record @ Root record ([-_a-zA-Z0-9.]{1,63}|@)(?<!\.) Target DNS name name.example.com An absolute DNS name [-_a-zA-Z0-9.]{1,63}(?<!\.) #include #include "TXT" record txt A DNS name relative to the root record @ Root record ([-_a-zA-Z0-9.]{1,63}|@)(?<!\.) Record contents txt Record contents #include #include "SPF" record (type=SPF) txt A DNS name relative to the root record @ Root record ([-_a-zA-Z0-9.]{1,63}|@)(?<!\.) Record contents txt Record contents #include #include "SRV" record txt A DNS name relative to the root record @ Root record ([-_a-zA-Z0-9.]{1,63}|@)(?<!\.) Service entry u32:0-65535 Entry number Server hostname name.example.com An absolute DNS name [-_a-zA-Z0-9.]{1,63}(?<!\.) Port number u32:0-65535 TCP/UDP port number Entry priority u32:0-65535 Entry priority (lower numbers are higher priority) 10 Entry weight u32:0-65535 Entry weight 0 #include #include "NAPTR" record txt A DNS name relative to the root record @ Root record ([-_a-zA-Z0-9.]{1,63}|@)(?<!\.) NAPTR rule u32:0-65535 Rule number Rule order u32:0-65535 Rule order (lower order is evaluated first) Rule preference u32:0-65535 Rule preference 0 "S" flag "A" flag "U" flag "P" flag Service type [a-zA-Z][a-zA-Z0-9]{0,31}(\+[a-zA-Z][a-zA-Z0-9]{0,31})? Regular expression Replacement DNS name name.example.com An absolute DNS name [-_a-zA-Z0-9.]{1,63}(?<!\.) #include #include #include Do not use local /etc/hosts file in name resolution Makes the server authoritatively not aware of RFC1918 addresses Networks allowed to query this server ipv4net IP address and prefix length ipv6net IPv6 address and prefix length #include #include 53 Maximum amount of time negative entries are cached u32:0-7200 Seconds to cache NXDOMAIN entries 3600 Number of milliseconds to wait for a remote authoritative server to respond u32:10-60000 Network timeout in milliseconds 1500 #include Local addresses from which to send DNS queries ipv4 IPv4 address from which to send traffic ipv6 IPv6 address from which to send traffic 0.0.0.0 :: Use system name servers