[thirdparty/pdns.git] / docs / manpages / ixfrdist.yml.5.rst

ixfrdist.yml
============

Synopsis
--------

ixfrdist.yml

Description
-----------

:program:`ixfrdist` reads its configuration for a YAML file.
By default, this file is called `ixfrdist.yml` and is read from the directory configured as `SYSCONFDIR` when building the software.
This directory is usually one of `/etc/pdns`, `/etc/powerdns`.
Run `ixfrdist --help` to see the default.

Example
-------

.. code-block:: yaml

  listen:
    - 192.0.2.2
    - '[2001:DB8:ABCD::2]:5300'
    - 127.0.0.1

  acl:
    - 127.0.0.1
    - '192.0.2.0/24'
    - '2001:DB8:ABCD:1234::/64'

  work-dir: /var/lib/ixfrdist

  uid: ixfrdist
  gid: ixfrdist

  domains:
    - domain: example.com
      master: 192.0.2.18:5301
    - domain: example.net
      master: 2001:DB8:ABCD::2

Options
-------

:listen:
  The list of addresses to listen on.
  :program:`ixfrdist` listens on both TCP and UDP.
  When no port is specified, 53 is used. When specifying ports for IPv6, use the "bracket" notation.
  By default, :program:`ixfrdist` listens on ``127.0.0.1:53`` and ``[::1]:53``.

:acl:
  A list of netmasks that are allowed to query :program:`ixfrdist` and request AXFRs and IXFRs
  Entries without a netmask will be interpreted as a single address.
  By default, the ACL is set is ``127.0.0.0/8`` and ``::1/128``.

:axfr-timeout:
  Timeout in seconds an AXFR transaction requested by :program:`ixfrdist` may take.
  Increase this when the network to the authoritative servers is slow or the domains are very large and you experience timeouts.
  Defaults to 20.

:failed-soa-retry:
  Time in seconds between retries of the SOA query for a zone we have never transferred. Defaults to 30.

:compress:
  Whether record compression should be enabled, leading to smaller answers at the cost of an increased CPU and memory usage.
  Defaults to false.

:work-dir:
  The directory where the domain data is stored.
  When not set, the current working directory is used.
  This working directory has the following structure: ``work-dir/ZONE/SERIAL``, e.g. ``work-dir/rpz.example./2018011902``.
  It is highly recommended to set this option, as the current working directory might change between invocations.
  This directory must be writable for the user or group :program:`ixfrdist` runs as.

:keep:
  Amount of older copies/IXFR diffs to keep for every domain.
  This is set to 20 by default.

:tcp-in-threads:
  Number of threads to spawn for TCP connections (AXFRs) from downstream hosts.
  This limits the number of concurrent AXFRs to clients.
  Set to 10 by default.

:gid:
  Group name or numeric ID to drop privileges to after binding the listen sockets.
  By default, :program:`ixfrdist` runs as the user that started the process.

:uid:
  User name or numeric ID to drop privileges to after binding the listen sockets.
  By default, :program:`ixfrdist` runs as the user that started the process.

:domains:
  A list of domains to redistribute.
  This option is mandatory.

  :domain: The domain name to transfer from the ``master``.
           Mandatory.
  :master: IP address of the server to transfer this domain from.
           Mandatory.

See also
--------

:manpage:`ixfrdist(1)`
Commit	Line	Data
d39a0d8a PL	1	ixfrdist.yml
	2	============
	3
	4	Synopsis
	5	--------
	6
	7	ixfrdist.yml
	8
	9	Description
	10	-----------
	11
	12	:program:`ixfrdist` reads its configuration for a YAML file.
	13	By default, this file is called `ixfrdist.yml` and is read from the directory configured as `SYSCONFDIR` when building the software.
	14	This directory is usually one of `/etc/pdns`, `/etc/powerdns`.
	15	Run `ixfrdist --help` to see the default.
	16
	17	Example
	18	-------
	19
	20	.. code-block:: yaml
	21
	22	listen:
	23	- 192.0.2.2
	24	- '[2001:DB8:ABCD::2]:5300'
	25	- 127.0.0.1
	26
	27	acl:
	28	- 127.0.0.1
	29	- '192.0.2.0/24'
	30	- '2001:DB8:ABCD:1234::/64'
	31
af1318a1	32	work-dir: /var/lib/ixfrdist
d39a0d8a PL	33
	34	uid: ixfrdist
	35	gid: ixfrdist
	36
	37	domains:
	38	- domain: example.com
	39	master: 192.0.2.18:5301
	40	- domain: example.net
	41	master: 2001:DB8:ABCD::2
	42
	43	Options
	44	-------
	45
	46	:listen:
	47	The list of addresses to listen on.
	48	:program:`ixfrdist` listens on both TCP and UDP.
	49	When no port is specified, 53 is used. When specifying ports for IPv6, use the "bracket" notation.
	50	By default, :program:`ixfrdist` listens on ``127.0.0.1:53`` and ``[::1]:53``.
	51
	52	:acl:
	53	A list of netmasks that are allowed to query :program:`ixfrdist` and request AXFRs and IXFRs
	54	Entries without a netmask will be interpreted as a single address.
	55	By default, the ACL is set is ``127.0.0.0/8`` and ``::1/128``.
	56
	57	:axfr-timeout:
	58	Timeout in seconds an AXFR transaction requested by :program:`ixfrdist` may take.
	59	Increase this when the network to the authoritative servers is slow or the domains are very large and you experience timeouts.
	60	Defaults to 20.
	61
0ac228c7 PD	62	:failed-soa-retry:
	63	Time in seconds between retries of the SOA query for a zone we have never transferred. Defaults to 30.
	64
971e5911 RG	65	:compress:
	66	Whether record compression should be enabled, leading to smaller answers at the cost of an increased CPU and memory usage.
	67	Defaults to false.
	68
d39a0d8a PL	69	:work-dir:
	70	The directory where the domain data is stored.
	71	When not set, the current working directory is used.
	72	This working directory has the following structure: ``work-dir/ZONE/SERIAL``, e.g. ``work-dir/rpz.example./2018011902``.
	73	It is highly recommended to set this option, as the current working directory might change between invocations.
	74	This directory must be writable for the user or group :program:`ixfrdist` runs as.
	75
	76	:keep:
	77	Amount of older copies/IXFR diffs to keep for every domain.
	78	This is set to 20 by default.
	79
	80	:tcp-in-threads:
	81	Number of threads to spawn for TCP connections (AXFRs) from downstream hosts.
	82	This limits the number of concurrent AXFRs to clients.
	83	Set to 10 by default.
	84
	85	:gid:
	86	Group name or numeric ID to drop privileges to after binding the listen sockets.
	87	By default, :program:`ixfrdist` runs as the user that started the process.
	88
	89	:uid:
	90	User name or numeric ID to drop privileges to after binding the listen sockets.
	91	By default, :program:`ixfrdist` runs as the user that started the process.
	92
	93	:domains:
	94	A list of domains to redistribute.
	95	This option is mandatory.
	96
	97	:domain: The domain name to transfer from the ``master``.
	98	Mandatory.
	99	:master: IP address of the server to transfer this domain from.
	100	Mandatory.
	101
	102	See also
	103	--------
	104
	105	:manpage:`ixfrdist(1)`