This is a summary of the named.conf options supported by this version of BIND 9. acl { ; ... }; // may occur multiple times controls { inet ( | | * ) [ port ( | * ) ] allow { ; ... } [ keys { ; ... } ]; // may occur multiple times unix perm owner group [ keys { ; ... } ]; // may occur multiple times }; // may occur multiple times dlz { database ; search ; }; // may occur multiple times key { algorithm ; secret ; }; // may occur multiple times logging { category { ; ... }; // may occur multiple times channel { file [ versions ( "unlimited" | ) ] [ size ]; null; print-category ; print-severity ; print-time ; severity ; stderr; syslog [ ]; }; // may occur multiple times }; lwres { listen-on [ port ] [ dscp ] { ( | ) [ port ] [ dscp ]; ... }; ndots ; search { ; ... }; view [ ]; }; // may occur multiple times managed-keys { ; ... }; // may occur multiple times masters [ port ] [ dscp ] { ( | [ port ] | [ port ] ) [ key ]; ... }; // may occur multiple times options { acache-cleaning-interval ; acache-enable ; additional-from-auth ; additional-from-cache ; allow-new-zones ; allow-notify { ; ... }; allow-query { ; ... }; allow-query-cache { ; ... }; allow-query-cache-on { ; ... }; allow-query-on { ; ... }; allow-recursion { ; ... }; allow-recursion-on { ; ... }; allow-transfer { ; ... }; allow-update { ; ... }; allow-update-forwarding { ; ... }; allow-v6-synthesis { ; ... }; // obsolete also-notify [ port ] [ dscp ] { ( | [ port ] | [ port ] ) [ key ]; ... }; alt-transfer-source ( | * ) [ port ( | * ) ] [ dscp ]; alt-transfer-source-v6 ( | * ) [ port ( | * ) ] [ dscp ]; attach-cache ; auth-nxdomain ; // default changed auto-dnssec ( allow | maintain | off ); automatic-interface-scan ; avoid-v4-udp-ports { ; ... }; avoid-v6-udp-ports { ; ... }; bindkeys-file ; blackhole { ; ... }; cache-file ; check-dup-records ( fail | warn | ignore ); check-integrity ; check-mx ( fail | warn | ignore ); check-mx-cname ( fail | warn | ignore ); check-names ( master | slave | response ) ( fail | warn | ignore ); // may occur multiple times check-sibling ; check-spf ( warn | ignore ); check-srv-cname ( fail | warn | ignore ); check-wildcard ; cleaning-interval ; clients-per-query ; coresize ( default | unlimited | ); datasize ( default | unlimited | ); deallocate-on-exit ; // obsolete deny-answer-addresses { ; ... } [ except-from { ; ... } ]; deny-answer-aliases { ; ... } [ except-from { ; ... } ]; dialup ( notify | notify-passive | passive | refresh | ); directory ; disable-algorithms { ; ... }; // may occur multiple times disable-ds-digests { ; ... }; // may occur multiple times disable-empty-zone ; // may occur multiple times dns64 { break-dnssec ; clients { ; ... }; exclude { ; ... }; mapped { ; ... }; recursive-only ; suffix ; }; // may occur multiple times dns64-contact ; dns64-server ; dnssec-accept-expired ; dnssec-dnskey-kskonly ; dnssec-enable ; dnssec-loadkeys-interval ; dnssec-lookaside ( trust-anchor | auto | no ); // may occur multiple times dnssec-must-be-secure ; // may occur multiple times dnssec-secure-to-insecure ; dnssec-update-mode ( maintain | no-resign ); dnssec-validation ( yes | no | auto ); dscp ; dual-stack-servers [ port ] { ( [ port ] [ dscp ] | [ port ] [ dscp ] | [ port ] [ dscp ] ); ... }; dump-file ; edns-udp-size ; empty-contact ; empty-server ; empty-zones-enable ; fake-iquery ; // obsolete fetch-glue ; // obsolete fetch-quota-params ; // not configured fetches-per-server [ ( drop | fail ) ]; // not configured fetches-per-zone [ ( drop | fail ) ]; // not configured files ( default | unlimited | ); filter-aaaa { ; ... }; // not configured filter-aaaa-on-v4 ( break-dnssec | ); // not configured filter-aaaa-on-v6 ( break-dnssec | ); // not configured flush-zones-on-shutdown ; forward ( first | only ); forwarders [ port ] [ dscp ] { ( | ) [ port ] [ dscp ]; ... }; geoip-directory ( | none ); // not configured has-old-clients ; // obsolete heartbeat-interval ; host-statistics ; // not implemented host-statistics-max ; // not implemented hostname ( | none ); inline-signing ; interface-interval ; ixfr-from-differences ( master | slave | ); key-directory ; lame-ttl ; listen-on [ port ] [ dscp ] { ; ... }; // may occur multiple times listen-on-v6 [ port ] [ dscp ] { ; ... }; // may occur multiple times maintain-ixfr-base ; // obsolete managed-keys-directory ; masterfile-format ( map | raw | text ); match-mapped-addresses ; max-acache-size ; max-cache-size ; max-cache-ttl ; max-clients-per-query ; max-ixfr-log-size ( default | unlimited | ); // obsolete max-journal-size ; max-ncache-ttl ; max-records ; max-recursion-depth ; max-recursion-queries ; max-refresh-time ; max-retry-time ; max-rsa-exponent-size ; max-transfer-idle-in ; max-transfer-idle-out ; max-transfer-time-in ; max-transfer-time-out ; max-udp-size ; max-zone-ttl ( unlimited | ); memstatistics ; memstatistics-file ; min-refresh-time ; min-retry-time ; min-roots ; // not implemented minimal-responses ; multi-master ; multiple-cnames ; // obsolete named-xfer ; // obsolete no-case-compress { ; ... }; nosit-udp-size ; // not configured, experimental notify ( explicit | master-only | ); notify-delay ; notify-source ( | * ) [ port ( | * ) ] [ dscp ]; notify-source-v6 ( | * ) [ port ( | * ) ] [ dscp ]; notify-to-soa ; nsec3-test-zone ; // test only pid-file ( | none ); port ; preferred-glue ; prefetch [ ]; provide-ixfr ; query-source ( ( [ address ] ( | * ) [ port ( | * ) ] ) | ( [ [ address ] ( | * ) ] port ( | * ) ) ) [ dscp ]; query-source-v6 ( ( [ address ] ( | * ) [ port ( | * ) ] ) | ( [ [ address ] ( | * ) ] port ( | * ) ) ) [ dscp ]; querylog ; queryport-pool-ports ; // obsolete queryport-pool-updateinterval ; // obsolete random-device ; rate-limit { all-per-second ; errors-per-second ; exempt-clients { ; ... }; ipv4-prefix-length ; ipv6-prefix-length ; log-only ; max-table-size ; min-table-size ; nodata-per-second ; nxdomains-per-second ; qps-scale ; referrals-per-second ; responses-per-second ; slip ; window ; }; recursing-file ; recursion ; recursive-clients ; request-ixfr ; request-nsid ; request-sit ; // not configured, experimental reserved-sockets ; resolver-query-timeout ; response-policy { zone [ policy ( cname | disabled | drop | given | no-op | nodata | nxdomain | passthru | tcp-only ) ] [ recursive-only ] [ max-policy-ttl ]; ... } [ recursive-only ] [ break-dnssec ] [ max-policy-ttl ] [ min-ns-dots ] [ qname-wait-recurse ]; rfc2308-type1 ; // not yet implemented root-delegation-only [ exclude { ; ... } ]; rrset-order { [ class ] [ type ] [ name ] ; ... }; secroots-file ; serial-queries ; // obsolete serial-query-rate ; serial-update-method ( increment | unixtime ); server-id ( | none | hostname ); session-keyalg ; session-keyfile ( | none ); session-keyname ; sig-signing-nodes ; sig-signing-signatures ; sig-signing-type ; sig-validity-interval [ ]; sit-secret ; // not configured, experimental sortlist { ; ... }; stacksize ( default | unlimited | ); statistics-file ; statistics-interval ; // not yet implemented suppress-initial-notify ; // not yet implemented tcp-clients ; tcp-listen-queue ; tkey-dhkey ; tkey-domain ; tkey-gssapi-credential ; tkey-gssapi-keytab ; topology { ; ... }; // not implemented transfer-format ( many-answers | one-answer ); transfer-source ( | * ) [ port ( | * ) ] [ dscp ]; transfer-source-v6 ( | * ) [ port ( | * ) ] [ dscp ]; transfers-in ; transfers-out ; transfers-per-ns ; treat-cr-as-space ; // obsolete trust-anchor-telemetry ; // experimental try-tcp-refresh ; update-check-ksk ; use-alt-transfer-source ; use-id-pool ; // obsolete use-ixfr ; // obsolete use-queryport-pool ; // obsolete use-v4-udp-ports { ; ... }; use-v6-udp-ports { ; ... }; version ( | none ); zero-no-soa-ttl ; zero-no-soa-ttl-cache ; zone-statistics ( full | terse | none | ); }; server { bogus ; edns ; edns-udp-size ; keys ; max-udp-size ; notify-source ( | * ) [ port ( | * ) ] [ dscp ]; notify-source-v6 ( | * ) [ port ( | * ) ] [ dscp ]; provide-ixfr ; query-source ( ( [ address ] ( | * ) [ port ( | * ) ] ) | ( [ [ address ] ( | * ) ] port ( | * ) ) ) [ dscp ]; query-source-v6 ( ( [ address ] ( | * ) [ port ( | * ) ] ) | ( [ [ address ] ( | * ) ] port ( | * ) ) ) [ dscp ]; request-ixfr ; request-nsid ; request-sit ; // not configured, experimental support-ixfr ; // obsolete tcp-only ; transfer-format ( many-answers | one-answer ); transfer-source ( | * ) [ port ( | * ) ] [ dscp ]; transfer-source-v6 ( | * ) [ port ( | * ) ] [ dscp ]; transfers ; }; // may occur multiple times statistics-channels { inet ( | | * ) [ port ( | * ) ] [ allow { ; ... } ]; // may occur multiple times }; // may occur multiple times trusted-keys { ; ... }; // may occur multiple times view [ ] { acache-cleaning-interval ; acache-enable ; additional-from-auth ; additional-from-cache ; allow-new-zones ; allow-notify { ; ... }; allow-query { ; ... }; allow-query-cache { ; ... }; allow-query-cache-on { ; ... }; allow-query-on { ; ... }; allow-recursion { ; ... }; allow-recursion-on { ; ... }; allow-transfer { ; ... }; allow-update { ; ... }; allow-update-forwarding { ; ... }; allow-v6-synthesis { ; ... }; // obsolete also-notify [ port ] [ dscp ] { ( | [ port ] | [ port