pdns/ixfrdist.example.yml

   1 # Listen addresses. ixfrdist will listen on both UDP and TCP.
   2 # When no port is specified, 53 is used. When specifying ports for IPv6, use the
   3 # "bracket" notation:
   4 #
   5 #    listen:
   6 #      - '127.0.0.1'
   7 #      - '::1'
   8 #      - '192.0.2.3:5300'
   9 #      - '[2001:DB8:1234::334]:5353'
  10 #
  11 # By default, or when unset, ixfrdist listens on local loopback addresses.
  12 listen:
  13   - '127.0.0.1'
  14   - '::1'
  15
  16 # Netmasks or IP addresses of hosts that are allowed to query ixfrdist. Hosts
  17 # do not need a netmask:
  18 #
  19 #    acl:
  20 #      - '127.0.0.0/8'
  21 #      - '::1'
  22 #      - '192.0.2.55'
  23 #      - '2001:DB8:ABCD::/48'
  24 #
  25 # By default (or when unset), only loopback addresses are allowed.
  26 #
  27 acl:
  28   - '127.0.0.0/8'
  29   - '::1'
  30
  31 # Maximum number of records allowed in a single zone. ixfrdist will abort the
  32 # zone transfer from the master when more than this number of records have been
  33 # received. A value of 0 (the default) means unlimited
  34 #
  35 axfr-max-records: 0
  36
  37 # Timeout in seconds an AXFR transaction requested by ixfrdist may take.
  38 # Increase this when the network to the authoritative servers is slow or the
  39 # domains are very large and you experience timeouts. Set to 20 by default or
  40 # when unset.
  41 #
  42 axfr-timeout: 20
  43
  44 # Time in seconds between retries of the SOA query for a zone we have never
  45 # transferred.
  46
  47 failed-soa-retry: 30
  48
  49 # Whether record compression should be enabled, leading to smaller answers
  50 # at the cost of an increased CPU and memory usage. Defaults to false.
  51 #
  52 compress: false
  53
  54 # Amount of older copies/IXFR diffs to keep for every domain. This is set to
  55 # 20 by default or when unset.
  56 #
  57 keep: 20
  58
  59 # Number of threads to spawn for TCP connections (AXFRs) from downstream hosts.
  60 # This is set to 10 by default or when unset.
  61 #
  62 tcp-in-threads: 10
  63
  64 # The directory where the domain data is stored. When unset, the current
  65 # working directory is used. Note that this directory must be writable for the
  66 # user or group ixfrdist runs as.
  67 #
  68 # work-dir: '/var/lib/ixfrdist'
  69
  70 # User to drop privileges to once all listen-sockets are bound. May be either
  71 # a username or numerical ID.
  72 #
  73 # uid: ixfrdist
  74
  75 # Group to drop privileges to once all listen-sockets are bound. May be either
  76 # a username or numerical ID.
  77 #
  78 # gid: ixfrdist
  79
  80 # The IP address and port where the webserver should listen
  81 #
  82 webserver-address: 127.0.0.1:8080
  83
  84 # The IP address(masks) that allowed to access the webserver. When not set,
  85 # it defaults to 127.0.0.0/8, ::1/128
  86 #
  87 webserver-acl:
  88   - 127.0.0.0/8
  89   - ::1/128
  90
  91 # How much the webserver should log: 'none', 'normal' or 'detailed'
  92 # With 'none', nothing is logged except for errors
  93 # With 'normal' (the default), one line per request is logged in the style of the common log format
  94 # with 'detailed', the full requests and responses (including headers) are logged
  95 webserver-loglevel: normal
  96
  97 # The domains to redistribute, the 'master' and 'domains' keys are mandatory.
  98 # When no port is specified, 53 is used. When specifying ports for IPv6, use the
  99 # "bracket" notation:
 100 #
 101 #    domains:
 102 #      - domain: example.com
 103 #        master: 192.0.2.15
 104 #      - domain: rpz.example
 105 #        master: [2001:DB8:a34:543::53]:5353
 106 #
 107 domains: []