OPTIONS Original: Paul Vixie, 28Mar92 Revised: $Id: OPTIONS,v 4.9.1.1 1993/05/02 22:43:03 vixie Rel $ Options available in this version of BIND are controlled by conf/options.h, rather than by $(DEFS) in the Makefile. The options are: DEBUG (origin: U C Berkeley) enables the -d command line option, and allows SIGUSR1 to increment and SIGUSR2 to decrement the internal variable "debug", which in turn controls hundreds of fprintf()'s out to /usr/tmp/named.run. you probably want this. it makes the binary bigger but not slower (or at least not much slower), but SIGUSR[12] are the only way you'll track down misconfigured name servers that hose you down with billions of bogus requests. STATS (origin: U C Berkeley) enables the SIGIOT handler that writes interesting statistics out to the /usr/tmp/named.stats file. these statistics include information about the number of queries, number of forwards, number of cache misses, and so on. you probably do not care about this. ALLOW_T_UNSPEC (origin: MIT Project Athena) enables the "unspec" RR type for ancient athena software that does not know about TXT RR's. you probably do not care about this. ALLOW_UPDATES (origin: Mike Schwartz, University of Washington) enables "dynamic updates", described in "doc/DynamicUpdate". this lets you update named's in-memory database on the fly if you have the right client. there is absolutely no security around this; if you enable it, anyone who can reach your server can update your database. you probably do not want to enable this. INVQ (origin: U C Berkeley, with #ifdef's by Paul Vixie) enables "inverse queries", which in all of the internet only one client ever uses: ancient nslookup. if you build named with INVQ defined as "1", you get the time-honored behaviour of supporting this whole class of queries for no real purpose other than to waste a few hundred kilobytes of your memory and about 3% of named's total CPU time. if you build with INVQ set to "0", old nslookups will not be able to reach your server in their startup phase, and you will have to use the "server" command after it fails over to some other server. you probably want this. DSTORAGE (origin: U C Berkeley, with #ifdef's by Paul Vixie) enables a malloc-debugger that checks for overruns on both ends of each allocated block of memory. used when debugging since C has no bounds or type checking. you probably do not want this. DMALLOC (origin: Paul Vixie of Digital) enables a malloc-debugger that traces all allocated blocks of memory such that SIGIOT's output (see STATS, above) includes a list of all malloc's in the program, how many times each has been called, how many blocks of memory allocated by that malloc are not yet free, and how many bytes they use up. under each one will be a list of each free/realloc that has deallocated a block of that malloc's memory, and how many times it has done so. this is extremely helpful for finding memory leaks. as such, you probably do not want this unless you are debugging named. CRED (origin: Paul Vixie of Digital) enables a system of "credibility checking" on all data in the memory- resident database. every RR that comes in will be tagged with a credibility index with zone files being highest, followed by authoritative answers, then non-authoritative answers, then finally by additional data. when any RR is being added to a node ("name") in the database, all RR's of that type with a lower credibility index will be flushed. this tends to do away with additional data, which is one of the greatest sources of database pollution in the DNS. data that comes in with lower credibility than what we already have is ignored. with CRED enabled, additional data is deprecated such that every time an additional-data RR is used, its Time To Live (TTL) is multiplied by 0.95, effectively lowering it by 5% of its current value. this causes additional data to be timed out rather quickly, and as soon as it times out, a sysquery() will be sent to some authoritative server, which in turn results in a real live answer which tends to lock out future additional data on that <name,type> tuple. due to source dependencies, CRED also controls a bug fix that keeps all sysquery() responses from being entered into the "root cache". you can see the effect of this by dumping your database to disk with SIGINT and looking at the bottom of the file. try it with and without CRED, letting a few million queries through first. without CRED, you'll see a bunch of non-root junk in the section of the dump that is reserved for the "hints". you probably want this. XFRNETS (origin: Paul Vixie of Digital) enables the "xfrnets" command in named.boot. this has the same syntax as "forwarders" and "sortlist" -- that is, a list of dotted quads. each one is a network (16.0.0.0 and 130.180.0.0 are examples) or a host. if you put any xfrnets commands into your named.boot, then zone transfers will only be honored if they come from inside one of the specified networks. this is very useful if you want to keep people outside from being able to trivially map your entire network, but it doesn't stop them from iterating so it's more annoying than secure. this feature was once called "tcplist" out of ignorance on my part, but with advice from phil almquist i decided to rename it "xfrnets" and make it only control zone transfers -- previously it controlled all TCP connections which made certain TCP-only resolvers unable to use our servers. the "tcplist" syntax still works; it is a synonym for "xfrnets". you probably do not care about this. PID_FIX (origin: Don Lewis of Harris) tells named that if it starts up but can't keep going because another nameserver is already running (and sitting on the server port), it should put the /etc/named.pid (/var/run/named.pid) file back the way it found it. you probably want this. FWD_LOOP (origin: Don Lewis of Harris) tells named that if you list any of your own IP addresses in a "forwarders" command in your named.boot file, you should be scolded. you probably want this. NO_GLUE (origin: Don Lewis of Harris, and Andrew Partan of UUNET) tells named-xfer that incoming zone transfers should be checked for "glue" that comes from a zone outside the zone being transferred, and comment this garbage out in the zone file so that when named reads in the zone file after named-xfer exits, the garbage will not be entered into the memory-resident database. also tells named that when it is performing an outgoing zone transfer, it should not send any of these "glue" records. you definitely want this. BOGUSNS (origin: Piet Beertema of EUNet) enables the "bogusns" command in named.boot. this has the same syntax as forwarders and sortlist. any NS RR's that come in whose addresses are on the list of "bogusns" addresses will be ignored. this is the last resort when someone is bogusly advertising themselves as a root server. you probably want this, just in case, though you won't use it often. QRYLOG (origin: Bryan Beecher of UMich) enables "query logging", such that SIGWINCH toggles tracing of all incoming queries. the trace is sent to syslog, and is huge, but when you need this you will need it bad and it does not slow named down or make it larger. If you define QRYLOG you may also start up named in query logging mode by using the -q flag. If you do so you will probably want to analyze the logs produced, the dnsstats and lamers scrips (in the contrib/umich directory) will do it for you. you probably want this. YPKLUDGE (origin: Piet Beertema of EUNet) certain versions of NIS/YP are capable of using the DNS for names that cannot be found in the YP servers. of these, certain versions can't tell the difference between a dotted quad and a domain name, and they send queries to the DNS for dotted quads as if they were domain names. if your named does not do anything special with these queries, they will end up getting forwarded to other servers, effectively hosing all of you down with endless useless network traffic. YPKLUDGE enables some checking in named that lets it catch these bogus queries and send back immediate errors. If you run "ypserv -i" you definitely want this, as a malconfigured NIS server can cause DNS "flood" queries otherwise. Trust me. TRACEROOT (origin: pma@cnd.hp.com and Bryan Beecher of UMich) enables some checking in named for bogus root nameservers. This code has been in use at U-M for years, so it is pretty well tested, plus we have never been burned by the "bogus root NS scares" that have plagued the DNS off and on. this is a feature that people will very much want to use. LOCALDOM (origin: Berkeley) if set, the "domain" directive is recognized in the named.boot file. this causes us to retry queries with the specified domain appended to the name if the first lookup fails. this is a very bad idea since a given name server will often be used by clients in more than one domain -- a name server should _not_ make any presumptions as to the "home domain" of a requestor. you almost certainly do not want this. SLAVE_FORWARD (origin: pma@sdd.hp.com) if set, "slave" servers behave in an arguably more-correct way. this is an experimental addition to BIND 4.9 that causes slaves to time out queries in 60/N seconds where N is the number of forwarders defined. previously a query would time out almost immediately, which caused a lot of unneccessary network traffic. you probably want this, and you will get it by default in 4.9.1. FORCED_RELOAD (origin: pma@sdd.hp.com) if set, then when a HUP signal is received, all secondary zones are scheduled for serial-number comparison with the primaries. this has the effect that if you HUP your server, it will refresh any zones which have changed, even if those zones refresh times have not been reached. you probably want this, and you will get it by default in 4.9.1. WANT_PIDFILE (origin: berkeley, parameterized by arc@sgi) if set, a file called named.pid will be created in /etc or /var/run when the name server has started. this file can be used to send signals to BIND, as in "kill -HUP `cat /etc/named.pid`". you probably want this, unless you are on an SGI (where killall(1M) makes the pid file unnecessary) DOTTED_SERIAL (origin: berkeley; parameterized by vixie) if set, allows a somewhat arcane n.m syntax in the serial number field of an SOA. this is officially deprecated for 4.9; you should use straight integer values and find an encoding that does not depend on scaled-integer pseudodecimals. i suggest YYYYMMDDnn where YYYY is the four-digit year, MM is the two-digit month, DD is the two-digit day-of-month, and nn is a daily version number in case you change your serial number more than once in a day. this encoding will overflow in the year 4294 gregorian. you almost certainly do not want this, but if you have old zone files laying around and you don't want to think your way through converting their serial numbers, this deprecated behaviour is available. SENSIBLE_DOTS (origin: kagotani@cs.titech.ac.jp; parameterized by vixie) if set, changes the semantics of an "n.m" serial number from n*10^(3+int(0.9+log10(m))) + m to n*10000+m if you are using DOTTED_SERIAL in spite of its deprecated status, and you are interested in a more predictable and sensible interpretation of dotted numbers, then you probably want this. ## ++Copyright++ 1989 ## - ## Copyright (c) 1989 Regents of the University of California. ## All rights reserved. ## ## Redistribution and use in source and binary forms, with or without ## modification, are permitted provided that the following conditions ## are met: ## 1. Redistributions of source code must retain the above copyright ## notice, this list of conditions and the following disclaimer. ## 2. Redistributions in binary form must reproduce the above copyright ## notice, this list of conditions and the following disclaimer in the ## documentation and/or other materials provided with the distribution. ## 3. All advertising materials mentioning features or use of this software ## must display the following acknowledgement: ## This product includes software developed by the University of ## California, Berkeley and its contributors. ## 4. Neither the name of the University nor the names of its contributors ## may be used to endorse or promote products derived from this software ## without specific prior written permission. ## ## THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND ## ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ## IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ## ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE ## FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL ## DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS ## OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ## HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT ## LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY ## OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF ## SUCH DAMAGE. ## - ## Portions Copyright (c) 1993 by Digital Equipment Corporation. ## ## Permission to use, copy, modify, and distribute this software for any ## purpose with or without fee is hereby granted, provided that the above ## copyright notice and this permission notice appear in all copies, and that ## the name of Digital Equipment Corporation not be used in advertising or ## publicity pertaining to distribution of the document or software without ## specific, written prior permission. ## ## THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL ## WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES ## OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT ## CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL ## DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR ## PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ## ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS ## SOFTWARE. ## - ## --Copyright--