pdns/ixfrdist.example.yml

   1 # Listen addresses. ixfrdist will listen on both UDP and TCP.
   2 # When no port is specified, 53 is used. When specifying ports for IPv6, use the
   3 # "bracket" notation:
   4 #
   5 #    listen:
   6 #      - '127.0.0.1'
   7 #      - '::1'
   8 #      - '192.0.2.3:5300'
   9 #      - '[2001:DB8:1234::334]:5353'
  10 #
  11 # By default, or when unset, ixfrdist listens on local loopback addresses.
  12 listen:
  13   - '127.0.0.1'
  14   - '::1'
  15
  16 # Netmasks or IP addresses of hosts that are allowed to query ixfrdist. Hosts
  17 # do not need a netmask:
  18 #
  19 #    acl:
  20 #      - '127.0.0.0/8'
  21 #      - '::1'
  22 #      - '192.0.2.55'
  23 #      - '2001:DB8:ABCD::/48'
  24 #
  25 # By default (or when unset), only loopback addresses are allowed.
  26 #
  27 acl:
  28   - '127.0.0.0/8'
  29   - '::1'
  30
  31 # Timeout in seconds an AXFR transaction requested by ixfrdist may take.
  32 # Increase this when the network to the authoritative servers is slow or the
  33 # domains are very large and you experience timeouts. Set to 20 by default or
  34 # when unset.
  35 #
  36 axfr-timeout: 20
  37
  38 # Time in seconds between retries of the SOA query for a zone we have never
  39 # transferred.
  40
  41 failed-soa-retry: 30
  42
  43 # Whether record compression should be enabled, leading to smaller answers
  44 # at the cost of an increased CPU and memory usage. Defaults to false.
  45 #
  46 compress: false
  47
  48 # Amount of older copies/IXFR diffs to keep for every domain. This is set to
  49 # 20 by default or when unset.
  50 #
  51 keep: 20
  52
  53 # Number of threads to spawn for TCP connections (AXFRs) from downstream hosts.
  54 # This is set to 10 by default or when unset.
  55 #
  56 tcp-in-threads: 10
  57
  58 # The directory where the domain data is stored. When unset, the current
  59 # working directory is used. Note that this directory must be writable for the
  60 # user or group ixfrdist runs as.
  61 #
  62 # work-dir: '/var/lib/ixfrdist'
  63
  64 # User to drop privileges to once all listen-sockets are bound. May be either
  65 # a username or numerical ID.
  66 #
  67 # uid: ixfrdist
  68
  69 # Group to drop privileges to once all listen-sockets are bound. May be either
  70 # a username or numerical ID.
  71 #
  72 # gid: ixfrdist
  73
  74 # The IP address and port where the webserver should listen
  75 #
  76 webserver-address: 127.0.0.1:8080
  77
  78 # The IP address(masks) that allowed to access the webserver. When not set,
  79 # it defaults to 127.0.0.0/8, ::1/128
  80 #
  81 webserver-acl:
  82   - 127.0.0.0/8
  83   - ::1/128
  84
  85 # The domains to redistribute, the 'master' and 'domains' keys are mandatory.
  86 # When no port is specified, 53 is used. When specifying ports for IPv6, use the
  87 # "bracket" notation:
  88 #
  89 #    domains:
  90 #      - domain: example.com
  91 #        master: 192.0.2.15
  92 #      - domain: rpz.example
  93 #        master: [2001:DB8:a34:543::53]:5353
  94 #
  95 domains: []