DELPHINUSDNS.CONF(5) | File Formats Manual | DELPHINUSDNS.CONF(5) |
delphinusdns.conf
—
the delphinus DNS daemon configuration file
The delphinusdnsd(8) has a default configfile it
is called delphinusdns.conf
and it is found in
/var/delphinusdnsd/etc. You may wonder why there is a missing d, so I ask
you to look up syslogd(8) and
syslog.conf(5) which also drop the d in the config file.
This follows that name convention.
Here is a sample delphinusdns.conf
file:
version "1"; options "cool stuff" { interface "lo0"; interface "em0"; ;bind 127.0.0.1; ;bind 192.168.34.4; ratelimit-pps 6; port 53; ;fork 2; log; ;dnssec; ;tcp-on-any-only; } axfrport "10053"; axfr-for "these hosts" { 127.0.0.1; ::1; 192.168.0.0/16; } mzone "centroid.eu" { zonename "centroid.eu"; notifydest 192.168.34.1 NOKEY; notifydest ::1 port 8053 NOKEY; } zone "centroid.eu" { centroid.eu,soa,3600,ns1.centroid.eu.,hostmaster.centroid.eu.,2019111901,3600,1800,7200,3600 centroid.eu,ns,3600,somenameserver.delphinusdns.org. centroid.eu,ns,3600,anothernameserver.delphinusdns.org. ; all lines in zone start with domainname, RR Type, RR TTL, RDATA centroid.eu,a,3600,127.0.0.1 centroid.eu,a,3600,10.0.0.10 }
delphinusdns.conf
file suited for
DNSSEC:
version "1"; options "some options" { ratelimit-pps 12; bind 127.0.0.1; bind ::1; bind 10.110.99.87; port 32253; log; dnssec; versionstring "delphinusdnsd 1.5.0"; } axfr-for "these hosts" { ::1/128; 127.0.0.1/32; 10.110.99.88/32; } axfrport "10053"; mzone "centroid.eu" { zonename "centroid.eu"; notifydest 10.1110.99.88 NOKEY; notifydest ::1 port 8053 NOKEY; } zinclude "/var/delphinusdnsd/master/centroid.eu.signed";
A forwarding-only config may look like this:
version "1"; options "this mess" { interface "em0"; interface "lo0"; port 8053; versionstring ""; dnssec; } tsig-auth secret "9qD4Qi4ghqFR1xm0fIwGF9t0aLx+SZWVEPAqEvysZFg="; tsig "these hosts" { 0.0.0.0/0; } forward "to these hosts" { incoming-tsig yes; destination 127.0.0.1 port 5353 key NOKEY; }
Finally below is a sample replicant
delphinusdns.conf
as taken from a
delphinusdnsd with only one zone:
version "1"; options "arrowhead" { ratelimit-pps 12; interface "lo0"; interface "vio0"; port 53; log; dnssec; versionstring "delphinusdnsd-20191103"; } include "/var/delphinusdnsd/etc/delphinusdns.tsig"; rzone "ip6.centroid.eu." { constraints 600, 600, 600; bytelimit 65536; ; do make sure you have a tsig "" {} for this tsigkey "pass"; masterport 10053; master 2a01:4f8:162:e700:881c:fe60:3582:f49c; zonename "ip6.centroid.eu."; filename "/var/delphinusdnsd/replicant/ip6.centroid.eu.repl"; }
Syntax for delphinusdns.conf
in BNF:
line = ( version | axfrport | include | zinclude | zone | region | axfr | mzone | passlist | filter | recurse | comment | options | forward | rzone | tsig | tsig-auth | tsigpassname ) version = "version" ("number") ; axfrport = "axfrport" ("port number") ; include = "include" ("filename") ; zinclude = "zinclude" ("filename") ; hostname = string zone = "zone" ("hostname") [ "{" zonedata "}" ] zonedata = { [hostname] [ "," dnstype] [ "," ttl ] ["," variablednsdata] } dnstype = ( "a" | "aaaa" | "caa" | "cname" | "dnskey" | "ds" | "hinfo" | "hint" | "mx" | "naptr" | "ns" | "nsec3" | "nsec3param" | "ptr" | "rp" | "rrsig" | "soa" | "srv" | "sshfp" | "tlsa" | "txt" ) ttl = number region = "region" ("string") [ "{" cidrlist "}" cidrlist = { [ cidr-address ] ; ... } axfr = "axfr-for" ("string") [ "{" cidrlist "}" ] mzonelist = ( optzonename | optnotifydest | optnotifybind ) optzonename = "zonename" ("string") ; optnotifydest = "notifydest" cidr-address ["port number"] "tsigkey" ; optnotifybind = "notifybind" cidr-address ; mzone = "mzone" ("string") [ "{" mzonelist "}" ] passlist = "passlist" ("string") [ "{" cidrlist "}" ] filter = "filter" ("string") [ "{" cidrlist "}" ] recurse = "recurse-for" ("string") [ "{" cidrlist "}" ] base64-string = (string) tsig-auth = "tsig-auth" (string) ("base64-string") ; tsig = "tsig" ("string") [ "{" cidrlist "}" ] tsigpassname = "tsigpassname" ("string") [ "{" ("hostname") "}" ] rzone = "rzone" ("string") [ "{" rzonelist "}" ] rzonelist = ( opttsig | optmaster | optmasterport | optrzonename | optfilename | optconstraints | optbytelimit ) opttsig = "tsigkey" ("string") ; optmaster = "master" ("cidr-address") ; optmasterport = "masterport" (number) ; optrzonename = "zonename" ("string") ; optfilename = "filename" ("string") ; optconstraints = "constraints" (number), (number), (number) ; optbytelimit = "bytelimit" (number) ; forward = "forward" ("string") [ "{" forwardlist "}" ] forwardlist = ( optdestination | optstrictx20 | optcache | optincomingtsig | optfudge ) optdestination = "destination" ("cidr-address") "port" ("integer") "key" (string | "NOKEY") ; optstrictx20 = "strictx20" ("yes" | "no") ; optcache = "cache" ("yes" | "no") ; optincomingtsig = "incoming-tsig" ("yes" | "no") ; optfudge = "fudge" (number) ; comment = ( ; | pound ) line options = "options" ("string") [ "{" optionlist "}" ] optionlist = ( optrecurse | optinterface | optfork | optport | optratelimit | optbind | optdnssec | opttcponanyonly | optmaxudppayload) optrecurse = "recurse" ; optinterface = "interface" ("string") ; optfork = "fork" number ; optratelimit = "ratelimit-pps" number ; optbind = "bind" cidr-address ; optdnssec = "dnssec" ; opttcponanyonly = "tcp-on-any-only" ; optmaxudppayload = "max-udp-payload" number ;
/var/delphinusdnsd/etc/delphinusdns.conf
This software and manual was written by Peter J. Philipp ⟨petphi@delphinusdns.org⟩
January 7, 2021 | OpenBSD 6.8 |