--- /home/paul/BUILD/nsd-4.2.4/nsd.conf.sample 2019-12-11 10:48:38.027799676 -0500 +++ nsd.conf.fedora 2019-12-11 11:03:47.426519188 -0500 @@ -44,6 +44,9 @@ # enable debug mode, does not fork daemon process into the background. # debug-mode: no + # use systemd for readiness signalling. + use-systemd: yes + # listen on IPv4 connections # do-ip4: yes @@ -83,7 +86,7 @@ # pidfile: "/run/nsd/nsd.pid" # The file where secondary zone refresh and expire timeouts are kept. - # If you delete this file, all secondary zones are forced to be + # If you delete this file, all secondary zones are forced to be # 'refreshing' (as if nsd got a notify). Set to "" to disable. # xfrdfile: "/var/lib/nsd/ixfr.state" @@ -141,7 +144,7 @@ # Number of seconds between reloads triggered by xfrd. # xfrd-reload-timeout: 1 - + # log timestamp in ascii (y-m-d h:m:s.msec), yes is default. # log-time-ascii: yes @@ -161,7 +164,7 @@ # check mtime of all zone files on start and sighup # zonefiles-check: yes - + # write changed zonefiles to disk, every N seconds. # default is 0(disabled) or 3600(if database is ""). # zonefiles-write: 3600 @@ -186,11 +189,11 @@ # rrl-slip: 2 # Response Rate Limiting, IPv4 prefix length. Addresses are - # grouped by netblock. + # grouped by netblock. # rrl-ipv4-prefix-length: 24 # Response Rate Limiting, IPv6 prefix length. Addresses are - # grouped by netblock. + # grouped by netblock. # rrl-ipv6-prefix-length: 64 # Response Rate Limiting, maximum QPS allowed (from one query source) @@ -262,7 +272,7 @@ # Patterns have zone configuration and they are shared by one or more zones. -# +# # pattern: # name by which the pattern is referred to #name: "myzones" @@ -274,7 +284,7 @@ # if label or character does not exist you get a dot '.'. # for example "%s.zone" or "zones/%1/%2/%3/%s" or "secondary/%z/%s" #zonefile: "%s.zone" - + # If no master and slave access control elements are provided, # this zone will not be served to/from other servers. @@ -299,7 +309,7 @@ # If you want to make use of IXFR/UDP use: UDP addr tsigkey # for a master that only speaks AXFR (like NSD) use AXFR addr tsigkey #request-xfr: 192.0.2.2 the_tsig_key_name - # Attention: You cannot use UDP and AXFR together. AXFR is always over + # Attention: You cannot use UDP and AXFR together. AXFR is always over # TCP. If you use UDP, we higly recommend you to deploy TSIG. # Allow AXFR fallback if the master does not support IXFR. Default # is yes. @@ -312,6 +322,7 @@ #min-refresh-time: 0 #max-retry-time: 1209600 #min-retry-time: 0 + # Slave server tries zone transfer to all masters and picks highest # zone version available, for when masters have different versions. #multi-master-check: no @@ -325,7 +336,7 @@ # zonestats: "%s" # if you give another pattern name here, at this point the settings - # from that pattern are inserted into this one (as if it were a + # from that pattern are inserted into this one (as if it were a # macro). The statement can be given in between other statements, # because the order of access control elements can make a difference # (which master to request from first, which slave to notify first). @@ -336,13 +347,13 @@ # Zones that are dynamically added and deleted are put in the zonelist file. # # zone: - # name: "example.com" - # you can give a pattern here, all the settings from that pattern - # are then inserted at this point - # include-pattern: "master" - # You can also specify (additional) options directly for this zone. - # zonefile: "example.com.zone" - # request-xfr: 192.0.2.1 example.com.key + # name: "example.com" + # you can give a pattern here, all the settings from that pattern + # are then inserted at this point + # include-pattern: "master" + # You can also specify (additional) options directly for this zone. + # zonefile: "example.com.zone" + # request-xfr: 192.0.2.1 example.com.key # RRLconfig # Response Rate Limiting, whitelist types