Domain Name System related services DNS forwarding 918 DNS forwarding cache size u32:0-2147483647 DNS forwarding cache size 10000 Interfaces whose DHCP client nameservers to forward requests to DNSSEC mode off process-no-validate process log-fail validate off No DNSSEC processing whatsoever! process-no-validate Respond with DNSSEC records to clients that ask for it. No validation done at all! process Respond with DNSSEC records to clients that ask for it. Validation for clients that request it. log-fail Similar behaviour to process, but validate RRSIGs on responses and log bogus responses. validate Full blown DNSSEC validation. Send SERVFAIL to clients on bogus responses. (off|process-no-validate|process|log-fail|validate) process-no-validate Domain to forward to a custom DNS server Domain Name Server (DNS) to forward queries to ipv4 Domain Name Server (DNS) IPv4 address ipv6 Domain Name Server (DNS) IPv6 address Add NTA (negative trust anchor) for this domain (must be set if the domain does not support DNSSEC) Set the "recursion desired" bit in requests to the upstream nameserver Domain to host authoritative records for text An absolute DNS name [-_a-zA-Z0-9.]{1,63} DNS zone records "A" record text A DNS name relative to the root record @ Root record ([-_a-zA-Z0-9.]{1,63}|@)(?<!\.) IPv4 address ipv4 IPv4 address #include #include "AAAA" record text A DNS name relative to the root record @ Root record ([-_a-zA-Z0-9.]{1,63}|@)(?<!\.) IPv6 address ipv6 IPv6 address #include #include "CNAME" record text A DNS name relative to the root record @ Root record ([-_a-zA-Z0-9.]{1,63}|@)(?<!\.) Target DNS name name.example.com An absolute DNS name [-_a-zA-Z0-9.]{1,63}(?<!\.) #include #include "MX" record text A DNS name relative to the root record @ Root record ([-_a-zA-Z0-9.]{1,63}|@)(?<!\.) Mail server name.example.com An absolute DNS name [-_a-zA-Z0-9.]{1,63}(?<!\.) Server priority u32:1-999 Server priority (lower numbers are higher priority) 10 #include #include "PTR" record text A DNS name relative to the root record @ Root record ([-_a-zA-Z0-9.]{1,63}|@)(?<!\.) Target DNS name name.example.com An absolute DNS name [-_a-zA-Z0-9.]{1,63}(?<!\.) #include #include "TXT" record text A DNS name relative to the root record @ Root record ([-_a-zA-Z0-9.]{1,63}|@)(?<!\.) Record contents text Record contents #include #include "SPF" record (type=SPF) text A DNS name relative to the root record @ Root record ([-_a-zA-Z0-9.]{1,63}|@)(?<!\.) Record contents text Record contents #include #include "SRV" record text A DNS name relative to the root record @ Root record ([-_a-zA-Z0-9.]{1,63}|@)(?<!\.) Service entry u32:0-65535 Entry number Server hostname name.example.com An absolute DNS name [-_a-zA-Z0-9.]{1,63}(?<!\.) Port number u32:0-65535 TCP/UDP port number Entry priority u32:0-65535 Entry priority (lower numbers are higher priority) 10 Entry weight u32:0-65535 Entry weight 0 #include #include "NAPTR" record text A DNS name relative to the root record @ Root record ([-_a-zA-Z0-9.]{1,63}|@)(?<!\.) NAPTR rule u32:0-65535 Rule number Rule order u32:0-65535 Rule order (lower order is evaluated first) Rule preference u32:0-65535 Rule preference 0 "S" flag "A" flag "U" flag "P" flag Service type [a-zA-Z][a-zA-Z0-9]{0,31}(\+[a-zA-Z][a-zA-Z0-9]{0,31})? Regular expression Replacement DNS name name.example.com An absolute DNS name [-_a-zA-Z0-9.]{1,63}(?<!\.) #include #include #include Do not use local /etc/hosts file in name resolution Makes the server authoritatively not aware of RFC1918 addresses Networks allowed to query this server ipv4net IP address and prefix length ipv6net IPv6 address and prefix length #include Maximum amount of time negative entries are cached u32:0-7200 Seconds to cache NXDOMAIN entries 3600 Number of milliseconds to wait for a remote authoritative server to respond u32:10-60000 Network timeout in milliseconds 1500 #include Local addresses from which to send DNS queries ipv4 IPv4 address from which to send traffic ipv6 IPv6 address from which to send traffic 0.0.0.0 :: Use system name servers