diff options
Diffstat (limited to 'bin/tests/system/resolver/ns1/named.conf.in')
| -rw-r--r-- | bin/tests/system/resolver/ns1/named.conf.in | 79 |
1 files changed, 79 insertions, 0 deletions
diff --git a/bin/tests/system/resolver/ns1/named.conf.in b/bin/tests/system/resolver/ns1/named.conf.in new file mode 100644 index 0000000..7ca1caf --- /dev/null +++ b/bin/tests/system/resolver/ns1/named.conf.in @@ -0,0 +1,79 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.1 dscp 1; + notify-source 10.53.0.1 dscp 2; + transfer-source 10.53.0.1 dscp 3; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.1; }; + listen-on-v6 { none; }; + recursion yes; + dnssec-validation yes; + deny-answer-addresses { 192.0.2.0/24; 2001:db8:beef::/48; } + except-from { "example.org"; }; + deny-answer-aliases { "example.org"; } + except-from { "goodcname.example.net"; + "gooddname.example.net"; }; + allow-query {!10.53.0.8; any; }; + max-zone-ttl unlimited; + attach-cache "globalcache"; +}; + +server 10.53.0.3 { + tcp-only yes; +}; + +server 10.42.23.3/32 { + notify-source 10.42.22.1; + query-source address 10.42.22.1 port 0; + transfer-source 10.42.22.1; +}; + +server fd92:7065:b8e:ffff::1000 { + notify-source-v6 fd92:7065:b8e:ffff::1001; + query-source-v6 address fd92:7065:b8e:ffff::1001 port 0; + transfer-source-v6 fd92:7065:b8e:ffff::1001; +}; + +/* + * Must be first view so that there is a CH cache with name + * "globalcache" before the recursive "default"/IN view is configured. + */ +view "class" chaos { + zone "chaostest" CHAOS { + type primary; + file "chaostest.db"; + }; +}; + +/* + * Must be second view so that so that we can check we don't attach to the + * "globalcache"/CH cache. + */ +view "default" { + zone "." { + type hint; + file "root.hint"; + }; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm @DEFAULT_HMAC@; +}; + +controls { + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; |