This section describes the masters clause available in BIND 9.x which allows the user to define a list of zone masters from which notifies will be received and from which zone transfers may be requested. The masters clause may be referenced from a masters statement that may appear in a zone of type slave or an also-notify statement that may appear in a zone clause of type master.
Note: This can be a confusing clause. When used in a masters statement the list refers to IP addresses to which a transfer request may be made and from which a NOTIFY statement may be accepted. When used with an also-notify statement it refers to a list of IP addresses to which NOTIFY messages will be sent. There is a significant difference between these two uses.
masters masters-name [port gp-num] [dscp gd-num] { ( masters-list |IP-Address [port p-num] [key key] ) ; [...] }; };
Note: Items in bold are keywords.
masters-name is a unique name that references this masters list. It can optionally be enclosed in a quoted string, but if a space appears in the masters-name it must be enclosed in a quoted string, for example "my masters" (quoted string required) but my-masters (quoted string is optional). Multiple masters clauses may be defined, each having a unique masters-name. gp-num defines a port number that will be applied to all IP addresses in the defined list unless explicity overwritten by a port p-num element which applies only to a specific IP-Address (default in both cases is port 53). key-name refers to a key clause which may be use to authenticate the zone transfer or the NOTIFY message. From BIND9.10 the clause also allows the use of a DiffServ Differentiated Service Code Point (DSCP) number (range 0 - 95, where supported by the OS), defined by gd-num, to be used to identify the traffic classification for all IP address in the masters-list or the explictly defined IP-Address list.
<grovel> In previous versions of this page we indicated the masters-list structure was an address_match_list which allows, among many things, reference to an ACL clause. We were wrong (again). Our penance was to write a separate page defining the masters list format. </grovel>
Examples of usage are defined below:
// Example 1 named.conf fragment // explicit IP-Address list definition // 192.168.2.3 will send NOTIFY and/or provide zone // transfer on port 1053, 192.168.17.4 on default port 53 options { ... }; masters master-ips {192.168.2.3 port 1053; 192.168.17.4;}; ... zone example.com { type slave; ... masters {master-ips;}; }; ... // Example 2 named.conf fragment // referencing a nested masters clause with a key option // (all operations use default port 53) // 192.168.2.4 uses a key to authenticate all (zone transfer and/or notify operations) key srv-key { ... } masters some-ips {192.168.2.4 key srv-key; 192.168.3.4; 192.168.5.4;}; options { ... }; masters master-ips {some-ips;192.168.7.12;}; ... zone example.com { type slave; ... masters {master-ips;}; }; ... // Example 3 named.conf fragment // referencing a nested masters clause with port 1053 override // (all operations use port 1053) masters some-ips {192.168.2.4; 192.168.3.4; 192.168.5.4}; options { ... }; masters master-ips port 1053 {some-ips;}; ... zone example.com { type slave; ... masters {master-ips;}; }; ... // Example 4 named.conf fragment // multiple masters clauses // referencing a nested masters clause with port 1053 override // - all operations referencing master-ips use port 1053 // - all operations referencing more-ips use port 53 masters some-ips {192.168.2.4; 192.168.3.4; 192.168.5.4}; options { ... }; masters master-ips port 1053 {some-ips;}; // optional quoted string masters "more-ips" { some-ips;}; ... zone example.com { type slave; ... masters {master-ips;}; }; zone example.net { type slave; ... masters {more-ips;}; }; ...
Problems, comments, suggestions, corrections (including broken links) or something to add? Please take the time from a busy life to 'mail us' (at top of screen), the webmaster (below) or info-support at zytrax. You will have a warm inner glow for the rest of the day.
Contents
tech info
guides home
dns articles
intro
contents
1 objectives
big picture
2 concepts
3 reverse map
4 dns types
quickstart
5 install bind
6 samples
reference
7 named.conf
8 zone records
operations
9 howtos
10 tools
11 trouble
programming
12 bind api's
security
13 dns security
bits & bytes
15 messages
resources
notes & tips
registration FAQ
dns resources
dns rfcs
change log
This work is licensed under a
Creative Commons License.
If you are happy it's OK - but your browser is giving a less than optimal experience on our site. You could, at no charge, upgrade to a W3C STANDARDS COMPLIANT browser such as Firefox
Search
Share
Page
Resources
Systems
FreeBSD
NetBSD
OpenBSD
DragonFlyBSD
Linux.org
Debian Linux
Software
LibreOffice
OpenOffice
Mozilla
GitHub
GNU-Free SW Foundation
get-dns
Organizations
Open Source Initiative
Creative Commons
Misc.
Ibiblio - Library
Open Book Project
Open Directory
Wikipedia
Site
Copyright © 1994 - 2024 ZyTrax, Inc. All rights reserved. Legal and Privacy |
site by zytrax hosted by javapipe.com |
web-master at zytrax Page modified: January 20 2022. |