File: ixfrdist.yml.5

package info (click to toggle)
pdns 4.4.1-1
  • links: PTS, VCS
  • area: main
  • in suites: bullseye
  • size: 8,856 kB
  • sloc: cpp: 78,652; sh: 5,405; makefile: 2,096; sql: 822; ruby: 598; yacc: 228; ansic: 208; lex: 130; perl: 48; python: 4
file content (176 lines) | stat: -rw-r--r-- 5,418 bytes parent folder | download | duplicates (2)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
.\" Man page generated from reStructuredText.
.
.TH "IXFRDIST.YML" "5" "Feb 06, 2021" "" "PowerDNS Authoritative Server"
.SH NAME
ixfrdist.yml \- The ixfrdist configuration file
.
.nr rst2man-indent-level 0
.
.de1 rstReportMargin
\\$1 \\n[an-margin]
level \\n[rst2man-indent-level]
level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
-
\\n[rst2man-indent0]
\\n[rst2man-indent1]
\\n[rst2man-indent2]
..
.de1 INDENT
.\" .rstReportMargin pre:
. RS \\$1
. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
. nr rst2man-indent-level +1
.\" .rstReportMargin post:
..
.de UNINDENT
. RE
.\" indent \\n[an-margin]
.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
.nr rst2man-indent-level -1
.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
..
.SH SYNOPSIS
.sp
ixfrdist.yml
.SH DESCRIPTION
.sp
\fBixfrdist\fP reads its configuration for a YAML file.
By default, this file is called \fIixfrdist.yml\fP and is read from the directory configured as \fISYSCONFDIR\fP when building the software.
This directory is usually one of \fI/etc/pdns\fP, \fI/etc/powerdns\fP\&.
Run \fIixfrdist \-\-help\fP to see the default.
.SH EXAMPLE
.INDENT 0.0
.INDENT 3.5
.sp
.nf
.ft C
listen:
  \- 192.0.2.2
  \- \(aq[2001:DB8:ABCD::2]:5300\(aq
  \- 127.0.0.1

acl:
  \- 127.0.0.1
  \- \(aq192.0.2.0/24\(aq
  \- \(aq2001:DB8:ABCD:1234::/64\(aq

work\-dir: /var/lib/ixfrdist

uid: ixfrdist
gid: ixfrdist

domains:
  \- domain: example.com
    master: 192.0.2.18:5301
  \- domain: example.net
    master: 2001:DB8:ABCD::2
.ft P
.fi
.UNINDENT
.UNINDENT
.SH OPTIONS
.INDENT 0.0
.TP
.B listen
The list of addresses to listen on.
\fBixfrdist\fP listens on both TCP and UDP.
When no port is specified, 53 is used. When specifying ports for IPv6, use the "bracket" notation.
By default, \fBixfrdist\fP listens on \fB127.0.0.1:53\fP and \fB[::1]:53\fP\&.
.TP
.B acl
A list of netmasks that are allowed to query \fBixfrdist\fP and request AXFRs and IXFRs
Entries without a netmask will be interpreted as a single address.
By default, the ACL is set is \fB127.0.0.0/8\fP and \fB::1/128\fP\&.
.TP
.B axfr\-max\-records
Maximum number of records allowed in an AXFR transaction requested by \fBixfrdist\fP\&.
This may prevent untrusted sources from using all the process memory.
By default, this setting is \fB0\fP, which means "unlimited".
.TP
.B axfr\-timeout
Timeout in seconds an AXFR transaction requested by \fBixfrdist\fP may take.
Increase this when the network to the authoritative servers is slow or the domains are very large and you experience timeouts.
Defaults to 20.
.TP
.B failed\-soa\-retry
Time in seconds between retries of the SOA query for a zone we have never transferred. Defaults to 30.
.TP
.B compress
Whether record compression should be enabled, leading to smaller answers at the cost of an increased CPU and memory usage.
Defaults to false.
.TP
.B work\-dir
The directory where the domain data is stored.
When not set, the current working directory is used.
This working directory has the following structure: \fBwork\-dir/ZONE/SERIAL\fP, e.g. \fBwork\-dir/rpz.example./2018011902\fP\&.
It is highly recommended to set this option, as the current working directory might change between invocations.
This directory must be writable for the user or group \fBixfrdist\fP runs as.
.TP
.B keep
Amount of older copies/IXFR diffs to keep for every domain.
This is set to 20 by default.
.TP
.B tcp\-in\-threads
Number of threads to spawn for TCP connections (AXFRs) from downstream hosts.
This limits the number of concurrent AXFRs to clients.
Set to 10 by default.
.TP
.B gid
Group name or numeric ID to drop privileges to after binding the listen sockets.
By default, \fBixfrdist\fP runs as the user that started the process.
.TP
.B uid
User name or numeric ID to drop privileges to after binding the listen sockets.
By default, \fBixfrdist\fP runs as the user that started the process.
.TP
.B domains
A list of domains to redistribute.
This option is mandatory.
.INDENT 7.0
.TP
.B domain
The domain name to transfer from the \fBmaster\fP\&.
Mandatory.
.TP
.B master
IP address of the server to transfer this domain from.
Mandatory.
.UNINDENT
.TP
.B webserver\-address
IP address to listen on for the built\-in webserver.
When not set, no webserver is started.
.TP
.B webserver\-acl
A list of networks that are allowed to access the \fBixfrdist\fP webserver.
Entries without a netmask will be interpreted as a single address.
By default, this list is set to \fB127.0.0.0/8\fP and \fB::1/128\fP\&.
.TP
.B webserver\-loglevel
How much the webserver should log: \(aqnone\(aq, \(aqnormal\(aq or \(aqdetailed\(aq.
When logging, each log\-line contains the UUID of the request, this allows finding errors caused by certain requests.
With \(aqnone\(aq, nothing is logged except for errors.
With \(aqnormal\(aq (the default), one line per request is logged in the style of the common log format:
.INDENT 7.0
.INDENT 3.5
.sp
.nf
.ft C
[NOTICE] [webserver] 46326eef\-b3ba\-4455\-8e76\-15ec73879aa3 127.0.0.1:57566 "GET /metrics HTTP/1.1" 200 1846
.ft P
.fi
.UNINDENT
.UNINDENT
.sp
with \(aqdetailed\(aq, the full requests and responses (including headers) are logged along with the regular log\-line from \(aqnormal\(aq.
.UNINDENT
.SH SEE ALSO
.sp
\fBixfrdist(1)\fP
.SH AUTHOR
PowerDNS.COM BV
.SH COPYRIGHT
2001-2019, PowerDNS.COM BV
.\" Generated by docutils manpage writer.
.