Commit Diff
Diff:
dc12159628e906d4655c53c2e528541ed631976e
df2d445fca3e5e78a840fc14a20c93248d654e24
Commit:
df2d445fca3e5e78a840fc14a20c93248d654e24
Tree:
fb195a0febdc660bc19138e52928221165003b62
Author:
pjp <pjp@delphinusdns.org>
Committer:
pjp <pjp@delphinusdns.org>
Date:
Fri Jul 17 06:04:52 2020 UTC
Message:
update documentation (with examples) for the forwarding
blob - bb9e526fbbf3785673735f1ddb4a2f7ddd2b87f0
blob + 7b5b93a09007964cf0ab4ea3b9409279075cb017
--- delphinusdns.conf.5
+++ delphinusdns.conf.5
@@ -23,7 +23,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd November 19, 2019
+.Dd July 17, 2020
.Dt DELPHINUSDNS.CONF 5
.Os
.Sh NAME
@@ -122,6 +122,29 @@ zinclude "/etc/delphinusdns/centroid.eu.signed";
Then the included files are output of
.Xr dddctl 8
.Pp
+A forwarding-only config may look like this:
+.Bd -literal
+version "1";
+
+options "this mess" {
+ interface "em0";
+ interface "lo0";
+ port 8053;
+ versionstring "";
+ dnssec;
+}
+
+tsig-auth secret "9qD4Qi4ghqFR1xm0fIwGF9t0aLx+SZWVEPAqEvysZFg=";
+tsig "these hosts" {
+ 0.0.0.0/0;
+}
+
+forward "to these hosts" {
+ incoming-tsig yes;
+ destination 127.0.0.1 port 5353 key NOKEY;
+}
+.Ed
+.Pp
Finally below is a sample replicant
.Nm
as taken from a
@@ -160,7 +183,7 @@ in BNF:
.Bd -literal
line = ( version | axfrport | include | zinclude | zone | region |
axfr | mzone | passlist | filter | recurse | comment |
- options )
+ options | forward )
version = "version" ("number") ;
@@ -203,14 +226,24 @@ base64-string = (string)
tsig-auth = "tsig-auth" (string) ("base64-string") ;
tsig = "tsig" ("string") [ "{" cidrlist "}" ]
+rzone = "rzone" ("string") [ "{" rzonelist "}" ]
rzonelist = ( opttsig | optmaster | optmasterport | optrzonename | optfilename )
+
opttsig = "tsigkey" ("string") ;
optmaster = "master" ("cidr-address") ;
optmasterport = "masterport" (number) ;
optrzonename = "zonename" ("string") ;
optfilename = "filename" ("string") ;
-rzone = "rzone" ("string") [ "{" rzonelist "}" ]
+
+forward = "forward" ("string") [ "{" forwardlist "}" ]
+forwardlist = ( optdestination | optstrictx20 | optcache | optincomingtsig )
+
+optdestination = "destination" ("cidr-address") "port" ("integer") "key"
+ (string | "NOKEY") ;
+optstrictx20 = "strictx20" ("yes" | "no") ;
+optcache = "cache" ("yes" | "no") ;
+optincomingtsig = "incoming-tsig" ("yes" | "no") ;
comment = ( ; | pound ) line
blob - 30abd31a125d029b82958a9bf37d1e57c1fffe39
blob + 2ddf9efc6b94e736e9970c7abff7c7a7c38a1e6b
--- delphinusdnsd.8
+++ delphinusdnsd.8
@@ -1,4 +1,4 @@
-.\" Copyright (c) 2005-2019 Peter J. Philipp
+.\" Copyright (c) 2005-2020 Peter J. Philipp
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
@@ -23,7 +23,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd November 19, 2019
+.Dd July 17, 2020
.Dt DELPHINUSDNSD 8
.Os
.Sh NAME
@@ -97,7 +97,8 @@ Be more verbose in debug mode. This shows configfile
.El
.Pp
.Nm
-is an authoritative only DNS server. It can run as master or replicant.
+is an authoritative and forwarding DNS server. It can run as master or
+replicant.
When new configfiles are written it must be restarted. For replicants that
receive notifies or timeout on the refresh or retry SOA values the daemon is
restarted automatically.
repomaster@centroid.eu