]> git.saurik.com Git - apple/mdnsresponder.git/blob - mDNSShared/dnsextd.conf
mDNSResponder-1096.60.2.tar.gz
[apple/mdnsresponder.git] / mDNSShared / dnsextd.conf
1 // ----------------------------------------------------------------------------
2 //
3 // Instructions for /etc/dnsextd.conf (this file)
4 //
5 // In most cases, you should not need to change these default options in
6 // the "options" section below. The dnsextd daemon will receive DNS packets
7 // on port 53, and forward them on as appropriate to BIND on localhost:5030.
8 //
9 // You need to edit the "zone" statement below to give the name of your
10 // dynamic zone that will be accepting Wide-Area Bonjour DNS updates.
11 //
12 // ----------------------------------------------------------------------------
13 //
14 // Instructions for /etc/named.conf
15 //
16 // In /etc/named.conf you will need to modify the "options" section to
17 // tell BIND to accept packets from localhost:5030, like this:
18 //
19 // listen-on port 5030 { 127.0.0.1; };
20 //
21 // You also need a "zone" statement in /etc/named.conf to tell BIND the update
22 // policy for your dynamic zone. For example, within a small closed private
23 // network, you might allow anyone to perform updates. To do that, you just
24 // permit any and all updates coming from dnsextd on the same machine:
25 //
26 // zone "my-dynamic-subdomain.example.com."
27 // { type master; file "db.xxx"; allow-update { 127.0.0.1; }; };
28 //
29 // On a machine connected to the Internet or other large open network,
30 // you'll want to limit updates to only users with keys. For example,
31 // you could choose to allow anyone with a DNS key on your server to
32 // perform updates in your dynamic zone, like this:
33 //
34 // key keyname. { algorithm hmac-md5; secret "abcdefghijklmnopqrstuv=="; };
35 // zone "my-dynamic-subdomain.example.com." in
36 // {
37 // type master;
38 // file "db.my-dynamic-subdomain.example.com";
39 // update-policy { grant * wildcard *.my-dynamic-subdomain.example.com.; };
40 // };
41 //
42 // You could use a single key which you give to all authorized users, but
43 // it is better (though more work) to create a unique key for each user.
44 //
45 // ----------------------------------------------------------------------------
46
47 options {
48 // This defaults to: * port 53
49 // listen-on port 53 { 192.168.2.10; 127.0.0.1; };
50 // This defaults to: 127.0.0.1:5030
51 // nameserver address 127.0.0.1 port 5030;
52 // This defaults to: 5533
53 // private port 5533;
54 // This defaults to: 5352
55 // llq port 5352;
56 };
57
58 zone "my-dynamic-subdomain.example.com." {
59 type public;
60 };