Red Hat ENTERPRISE LINUX 3 Reference Manual

Also see for ENTERPRISE LINUX 3 - SECURITY GUIDE: Tuning guide Installation guide Installation guide Installation guide Manual

Contents

Chapter 12. Berkeley Internet Name Domain (BIND) 18312.2. /etc/named.confThe named.conf file is a collection of statements using nested options surrounded by opening andclosing ellipse characters, { }. Administrators must be careful when editing named.conf to avoidsyntactical errors as many seemingly minor errors will prevent the named service from starting.WarningDo not manually edit the /etc/named.conf file or any files in the /var/named/ directory if you areusing the Domain Name Service Configuration Tool. Any manual changes to those files will beoverwritten the next time the Domain Name Service Configuration Tool is used.A typical named.conf file is organized similar to the following example:statement-1 [" statement-1-name "] [ statement-1-class ] {option-1 ;option-2 ;option-N ;};statement-2 [" statement-2-name "] [ statement-2-class ] {option-1 ;option-2 ;option-N ;};statement-N [" statement-N-name "] [ statement-N-class ] {option-1 ;option-2 ;option-N ;};12.2.1. Common Statement TypesThe following types of statements are commonly used in /etc/named.conf:12.2.1.1. acl StatementThe acl statement (or access control statement) defines groups of hosts which can then be permittedor denied access to the nameserver.An acl statement takes the following form:acl acl-name {match-element ;[ match-element ; ...]};In this statement, replace acl-name with the name of the access control list and replacematch-element with a semi-colon separated list of IP addresses. Most of the time, anindividual IP address or IP network notation (such as 10.0.1.0/24) is used to identify the IPaddresses within the acl statement.The following access control lists are already defined as keywords to simplify configuration:• any — Matches every IP address.• localhost — Matches any IP address in use by the local system.