23 lines
720 B
Plaintext
23 lines
720 B
Plaintext
// This is the primary configuration file for the BIND DNS server named.
|
|
//
|
|
// Please read /usr/share/doc/bind9/README.Debian for information on the
|
|
// structure of BIND configuration files in Debian, *BEFORE* you customize
|
|
// this configuration file.
|
|
//
|
|
// If you are just adding zones, please do that in /etc/bind/named.conf.local
|
|
|
|
include "/etc/bind/named.conf.options";
|
|
include "/etc/bind/named.conf.local";
|
|
include "/etc/bind/named.conf.default-zones";
|
|
|
|
dnssec-policy "algo13" {
|
|
keys {
|
|
ksk lifetime unlimited algorithm 13;
|
|
zsk lifetime 30d algorithm 13;
|
|
};
|
|
max-zone-ttl 1d;
|
|
signatures-validity 14d;
|
|
signatures-refresh 7d;
|
|
nsec3param iterations 10 optout no salt-length 0;
|
|
};
|