// File:/dns/etc/named.conf   BINDv9 configuration
//
// Secondary dns sever.                          last Update: sb/19.Mar.01
///////////////////////

// access control lists
acl "nameservers" {
  localhost;
  // my test name servers:
  192.168.128.33;
  192.168.128.34;
  // Internet & ISP:
  164.128.36.34;   //ip-plus
  130.59.1.80;     //domreg.nic.ch
};

options {
	directory "/var/named";
	/*
	 * If there is a firewall between you and nameservers you want
	 * to talk to, you might need to uncomment the query-source
	 * directive below.  Previous versions of BIND always asked
	 * questions using port 53, but BIND 8.1 uses an unprivileged
	 * port by default.
	 */
	// query-source address * port 53;
        pid-file "/var/run/named.pid";
        stacksize 30M;
        datasize 20M;
	auth-nxdomain yes;	// v9 wants this?
        allow-transfer { nameservers; };   // this limits ALL zones
        transfer-format many-answers;           // faster transfers
        version "DNS server";                   // hide BIND version
};
logging {
        channel syslog_errors {syslog daemon; severity info; };
        //channel null          { null; };
        channel file_log      {
          file "/var/run/debug.log" versions 3 size 10m; // limit size + count
          severity dynamic;           // catch debug messages
          print-category no;          // Category unneeded in debug file?
          print-severity yes;
          print-time yes;
        };

        // production:
        category default      { syslog_errors; };
        category lame-servers { null; }; // ignore these errors, our servers are OK
        //category statistics   { null; }; // We don't need stats for this server

        // enable for testing/debugging:
        //category default  { file_log; syslog_errors; };
        //category panic    { file_log; };
        //category packet   { file_log; };
        //category eventlib { file_log; };
        //other categories; queries, cname, config, load, notify, parser,
        //response-checks, security, statistics, update, xfer-in, xfer-out
};


/////////////////// default zones //////////////////////////

// named.root / root.hint is not needed for BIND9

// localhost
zone "localhost" {
        type master;
        file "localhost.zone";
};
// reverse mapping of Loopback address
zone "0.0.127.in-addr.arpa" IN {
	type master;
	file "localhost.rev";
        notify no;
	allow-update { none; };
};

//////////////// secondaries //////////////////////
zone "test1.com" {
        type slave;
        file "secondary.test1.com";
        masters { 192.168.128.34; };
};
zone "test2.com" {
        type slave;
        file "secondary.test2.com";
        masters { 192.168.128.34; };
};
zone "test3.com" {
        type slave;
        file "secondary.test3.com";
        masters { 192.168.128.34; };
};

// reverse mapping of Loopback address
zone "128.168.192.in-addr.arpa" IN {
        type slave;
        file "secondary.rev.192.168.128";
        masters { 192.168.128.34; };
};

//eof