A list of HTTP query paths on which to listen. This is the portion
│ │ │ │ of an RFC 3986-compliant URI following the hostname; it must be
│ │ │ │ an absolute path, beginning with “/”. The default value
│ │ │ │ is "/dns-query", if omitted.
│ │ │ │ @@ -7802,28 +7802,28 @@
│ │ │ │
│ │ │ │
│ │ │ │
│ │ │ │ -
│ │ │ │ listener-clients
│ │ │ │ Grammar: listener-clients <integer>;
│ │ │ │ Blocks: http
│ │ │ │ -Tags: server, query
│ │ │ │ +Tags: query, server
│ │ │ │ Specifies a per-listener quota for active connections.
│ │ │ │
│ │ │ │
│ │ │ │ The option specifies a per-listener quota for active connections.
│ │ │ │
│ │ │ │
│ │ │ │
│ │ │ │
│ │ │ │ -
│ │ │ │ streams-per-connection
│ │ │ │ Grammar: streams-per-connection <integer>;
│ │ │ │ Blocks: http
│ │ │ │ -Tags: server, query
│ │ │ │ +Tags: query, server
│ │ │ │ Specifies the maximum number of concurrent HTTP/2 streams over an HTTP/2 connection.
│ │ │ │
│ │ │ │
│ │ │ │ The option specifies the hard limit on the number of concurrent
│ │ │ │ HTTP/2 streams over an HTTP/2 connection.
│ │ │ │
│ │ │ │
│ │ │ │ @@ -10283,15 +10283,15 @@
│ │ │ │
Controls flushing of log messages.
│ │ │ │ |
│ │ │ │
logging |
│ │ │ │
│ │ │ │
| ca-file |
│ │ │ │ Specifies the path to a file containing TLS certificates for trusted CA authorities, used to verify remote peer certificates.
│ │ │ │ |
│ │ │ │ -server, security |
│ │ │ │ +security, server |
│ │ │ │
│ │ │ │
| catalog-zones |
│ │ │ │ Configures catalog zones in named.conf.
│ │ │ │ |
│ │ │ │ zone |
│ │ │ │
│ │ │ │
| category |
│ │ │ │ @@ -10308,15 +10308,15 @@
│ │ │ │ Specifies the digest types to use for CDS resource records.
│ │ │ │ |
│ │ │ │ dnssec |
│ │ │ │
│ │ │ │
| cert-file |
│ │ │ │ Specifies the path to a file containing the TLS certificate for a connection.
│ │ │ │ |
│ │ │ │ -server, security |
│ │ │ │ +security, server |
│ │ │ │
│ │ │ │
| channel |
│ │ │ │ Defines a stream of data that can be independently logged.
│ │ │ │ |
│ │ │ │ logging |
│ │ │ │
│ │ │ │
| check-dup-records |
│ │ │ │ @@ -10423,15 +10423,15 @@
│ │ │ │ Rejects CNAME or DNAME records if the "alias" name matches a given list of domain_name elements.
│ │ │ │ |
│ │ │ │ query |
│ │ │ │
│ │ │ │
| dhparam-file |
│ │ │ │ Specifies the path to a file containing Diffie-Hellman parameters, for enabling cipher suites.
│ │ │ │ |
│ │ │ │ -server, security |
│ │ │ │ +security, server |
│ │ │ │
│ │ │ │
| dialup |
│ │ │ │ Concentrates zone maintenance so that all transfers take place once every heartbeat-interval, ideally during a single call.
│ │ │ │ |
│ │ │ │ deprecated |
│ │ │ │
│ │ │ │
| directory |
│ │ │ │ @@ -10482,25 +10482,25 @@
│ │ │ │ Specifies the time to live (TTL) for DNSKEY resource records.
│ │ │ │ |
│ │ │ │ dnssec |
│ │ │ │
│ │ │ │
| dnsrps-enable |
│ │ │ │ Turns on the DNS Response Policy Service (DNSRPS) interface.
│ │ │ │ |
│ │ │ │ -server, security |
│ │ │ │ +security, server |
│ │ │ │
│ │ │ │
| dnsrps-library |
│ │ │ │ Turns on the DNS Response Policy Service (DNSRPS) interface.
│ │ │ │ |
│ │ │ │ -server, security |
│ │ │ │ +security, server |
│ │ │ │
│ │ │ │
| dnsrps-options |
│ │ │ │ Provides additional RPZ configuration settings, which are passed to the DNS Response Policy Service (DNSRPS) provider library.
│ │ │ │ |
│ │ │ │ -server, security |
│ │ │ │ +security, server |
│ │ │ │
│ │ │ │
| dnssec-accept-expired |
│ │ │ │ Instructs BIND 9 to accept expired DNSSEC signatures when validating.
│ │ │ │ |
│ │ │ │ dnssec |
│ │ │ │
│ │ │ │
| dnssec-dnskey-kskonly |
│ │ │ │ @@ -10599,15 +10599,15 @@
│ │ │ │ Enables or disables all empty zones.
│ │ │ │ |
│ │ │ │ server, zone |
│ │ │ │
│ │ │ │
| endpoints |
│ │ │ │ Specifies a list of HTTP query paths on which to listen.
│ │ │ │ |
│ │ │ │ -server, query |
│ │ │ │ +query, server |
│ │ │ │
│ │ │ │
| errors-per-second |
│ │ │ │ Limits the number of errors for a valid domain name and record type.
│ │ │ │ |
│ │ │ │ server |
│ │ │ │
│ │ │ │
| exclude |
│ │ │ │ @@ -10619,25 +10619,25 @@
│ │ │ │ Exempts specific clients or client groups from rate limiting.
│ │ │ │ |
│ │ │ │ query |
│ │ │ │
│ │ │ │
| fetch-quota-params |
│ │ │ │ Sets the parameters for dynamic resizing of the fetches-per-server quota in response to detected congestion.
│ │ │ │ |
│ │ │ │ -server, query |
│ │ │ │ +query, server |
│ │ │ │
│ │ │ │
| fetches-per-server |
│ │ │ │ Sets the maximum number of simultaneous iterative queries allowed to be sent by a server to an upstream name server before the server blocks additional queries.
│ │ │ │ |
│ │ │ │ -server, query |
│ │ │ │ +query, server |
│ │ │ │
│ │ │ │
| fetches-per-zone |
│ │ │ │ Sets the maximum number of simultaneous iterative queries allowed to any one domain before the server blocks new queries for data in or beneath that zone.
│ │ │ │ |
│ │ │ │ -server, query |
│ │ │ │ +query, server |
│ │ │ │
│ │ │ │
| file |
│ │ │ │ Specifies the zone's filename.
│ │ │ │ |
│ │ │ │ zone |
│ │ │ │
│ │ │ │
| flush-zones-on-shutdown |
│ │ │ │ @@ -10704,35 +10704,35 @@
│ │ │ │ Specifies the hostname of the server to return in response to a hostname.bind query.
│ │ │ │ |
│ │ │ │ server |
│ │ │ │
│ │ │ │
| http |
│ │ │ │ Configures HTTP endpoints on which to listen for DNS-over-HTTPS (DoH) queries.
│ │ │ │ |
│ │ │ │ -server, query |
│ │ │ │ +query, server |
│ │ │ │
│ │ │ │
| http-listener-clients |
│ │ │ │ Limits the number of active concurrent connections on a per-listener basis.
│ │ │ │ |
│ │ │ │ server |
│ │ │ │
│ │ │ │
| http-port |
│ │ │ │ Specifies the TCP port number the server uses to receive and send unencrypted DNS traffic via HTTP.
│ │ │ │ |
│ │ │ │ -server, query |
│ │ │ │ +query, server |
│ │ │ │
│ │ │ │
| http-streams-per-connection |
│ │ │ │ Limits the number of active concurrent HTTP/2 streams on a per-connection basis.
│ │ │ │ |
│ │ │ │ server |
│ │ │ │
│ │ │ │
| https-port |
│ │ │ │ Specifies the TCP port number the server uses to receive and send DNS-over-HTTPS protocol traffic.
│ │ │ │ |
│ │ │ │ -server, query |
│ │ │ │ +query, server |
│ │ │ │
│ │ │ │
| in-view |
│ │ │ │ Specifies the view in which a given zone is defined.
│ │ │ │ |
│ │ │ │ view, zone |
│ │ │ │
│ │ │ │
| inet |
│ │ │ │ @@ -10764,15 +10764,15 @@
│ │ │ │ Enables automatic IPv4 zones if a dns64 block is configured.
│ │ │ │ |
│ │ │ │ query |
│ │ │ │
│ │ │ │
| ipv4only-server |
│ │ │ │ Specifies the name of the server for the IPV4ONLY.ARPA zone created by dns64.
│ │ │ │ |
│ │ │ │ -server, query |
│ │ │ │ +query, server |
│ │ │ │
│ │ │ │
| ipv6-prefix-length |
│ │ │ │ Specifies the prefix lengths of IPv6 address blocks.
│ │ │ │ |
│ │ │ │ server |
│ │ │ │
│ │ │ │
| ixfr-from-differences |
│ │ │ │ @@ -10794,25 +10794,25 @@
│ │ │ │ Indicates the directory where public and private DNSSEC key files are found.
│ │ │ │ |
│ │ │ │ dnssec |
│ │ │ │
│ │ │ │
| key-file |
│ │ │ │ Specifies the path to a file containing the private TLS key for a connection.
│ │ │ │ |
│ │ │ │ -server, security |
│ │ │ │ +security, server |
│ │ │ │
│ │ │ │
| key-store |
│ │ │ │ Configures a DNSSEC key store.
│ │ │ │ |
│ │ │ │ dnssec |
│ │ │ │
│ │ │ │
| keys |
│ │ │ │ Specifies one or more server_key s to be used with a remote server.
│ │ │ │ |
│ │ │ │ -server, security |
│ │ │ │ +security, server |
│ │ │ │
│ │ │ │
| lame-ttl |
│ │ │ │ Sets the resolver's lame cache.
│ │ │ │ |
│ │ │ │ server |
│ │ │ │
│ │ │ │
| listen-on |
│ │ │ │ @@ -10824,15 +10824,15 @@
│ │ │ │ Specifies the IPv6 addresses on which a server listens for DNS queries.
│ │ │ │ |
│ │ │ │ server |
│ │ │ │
│ │ │ │
| listener-clients |
│ │ │ │ Specifies a per-listener quota for active connections.
│ │ │ │ |
│ │ │ │ -server, query |
│ │ │ │ +query, server |
│ │ │ │
│ │ │ │
| lmdb-mapsize |
│ │ │ │ Sets a maximum size for the memory map of the new-zone database in LMDB database format.
│ │ │ │ |
│ │ │ │ server |
│ │ │ │
│ │ │ │
| log-only |
│ │ │ │ @@ -10928,15 +10928,15 @@
│ │ │ │ Sets the maximum number of levels of recursion permitted at any one time while servicing a recursive query.
│ │ │ │ |
│ │ │ │ server |
│ │ │ │
│ │ │ │
| max-recursion-queries |
│ │ │ │ Sets the maximum number of iterative queries while servicing a recursive query.
│ │ │ │ |
│ │ │ │ -server, query |
│ │ │ │ +query, server |
│ │ │ │
│ │ │ │
| max-refresh-time |
│ │ │ │ Limits the zone refresh interval to no less often than the specified value, in seconds.
│ │ │ │ |
│ │ │ │ transfer |
│ │ │ │
│ │ │ │
| max-retry-time |
│ │ │ │ @@ -10998,15 +10998,15 @@
│ │ │ │ Specifies a maximum permissible time-to-live (TTL) value, in seconds.
│ │ │ │ |
│ │ │ │ deprecated |
│ │ │ │
│ │ │ │
| memstatistics |
│ │ │ │ Controls whether memory statistics are written to the file specified by memstatistics-file at exit.
│ │ │ │ |
│ │ │ │ -server, logging |
│ │ │ │ +logging, server |
│ │ │ │
│ │ │ │
| memstatistics-file |
│ │ │ │ Sets the pathname of the file where the server writes memory usage statistics on exit.
│ │ │ │ |
│ │ │ │ logging |
│ │ │ │
│ │ │ │
| message-compression |
│ │ │ │ @@ -11182,20 +11182,20 @@
│ │ │ │ Configures plugins in named.conf.
│ │ │ │ |
│ │ │ │ server |
│ │ │ │
│ │ │ │
| port |
│ │ │ │ Specifies the UDP/TCP port number the server uses to receive and send DNS protocol traffic.
│ │ │ │ |
│ │ │ │ -server, query |
│ │ │ │ +query, server |
│ │ │ │
│ │ │ │
| prefer-server-ciphers |
│ │ │ │ Specifies that server ciphers should be preferred over client ones.
│ │ │ │ |
│ │ │ │ -server, security |
│ │ │ │ +security, server |
│ │ │ │
│ │ │ │
| preferred-glue |
│ │ │ │ Controls the order of glue records in an A or AAAA response.
│ │ │ │ |
│ │ │ │ query |
│ │ │ │
│ │ │ │
| prefetch |
│ │ │ │ @@ -11262,15 +11262,15 @@
│ │ │ │ Controls the IPv6 address from which queries are issued.
│ │ │ │ |
│ │ │ │ query |
│ │ │ │
│ │ │ │
| querylog |
│ │ │ │ Specifies whether query logging should be active when named first starts.
│ │ │ │ |
│ │ │ │ -server, logging |
│ │ │ │ +logging, server |
│ │ │ │
│ │ │ │
| rate-limit |
│ │ │ │ Controls excessive UDP responses, to prevent BIND 9 from being used to amplify reflection denial-of-service (DoS) attacks.
│ │ │ │ |
│ │ │ │ query |
│ │ │ │
│ │ │ │
| recursing-file |
│ │ │ │ @@ -11342,15 +11342,15 @@
│ │ │ │ Adds an EDNS Padding option to encrypted messages, to reduce the chance of guessing the contents based on size.
│ │ │ │ |
│ │ │ │ query |
│ │ │ │
│ │ │ │
| response-policy |
│ │ │ │ Specifies response policy zones for the view or among global options.
│ │ │ │ |
│ │ │ │ -server, query, security, zone |
│ │ │ │ +query, security, server, zone |
│ │ │ │
│ │ │ │
| responses-per-second |
│ │ │ │ Limits the number of non-empty responses for a valid domain name and record type.
│ │ │ │ |
│ │ │ │ query |
│ │ │ │
│ │ │ │
| retire-safety |
│ │ │ │ @@ -11496,65 +11496,65 @@
│ │ │ │ Sets the number of "slipped" responses to minimize the use of forged source addresses for an attack.
│ │ │ │ |
│ │ │ │ query |
│ │ │ │
│ │ │ │
| sortlist |
│ │ │ │ Controls the ordering of RRs returned to the client, based on the client's IP address.
│ │ │ │ |
│ │ │ │ -query, deprecated |
│ │ │ │ +deprecated, query |
│ │ │ │
│ │ │ │
| stale-answer-client-timeout |
│ │ │ │ Defines the amount of time (in milliseconds) that named waits before attempting to answer a query with a stale RRset from cache.
│ │ │ │ |
│ │ │ │ -server, query |
│ │ │ │ +query, server |
│ │ │ │
│ │ │ │
| stale-answer-enable |
│ │ │ │ Enables the returning of "stale" cached answers when the name servers for a zone are not answering.
│ │ │ │ |
│ │ │ │ -server, query |
│ │ │ │ +query, server |
│ │ │ │
│ │ │ │
| stale-answer-ttl |
│ │ │ │ Specifies the time to live (TTL) to be returned on stale answers, in seconds.
│ │ │ │ |
│ │ │ │ query |
│ │ │ │
│ │ │ │
| stale-cache-enable |
│ │ │ │ Enables the retention of "stale" cached answers.
│ │ │ │ |
│ │ │ │ -server, query |
│ │ │ │ +query, server |
│ │ │ │
│ │ │ │
| stale-refresh-time |
│ │ │ │ Sets the time window for the return of "stale" cached answers before the next attempt to contact, if the name servers for a given zone are not responding.
│ │ │ │ |
│ │ │ │ -server, query |
│ │ │ │ +query, server |
│ │ │ │
│ │ │ │
| startup-notify-rate |
│ │ │ │ Specifies the rate at which NOTIFY requests are sent when the name server is first starting, or when new zones have been added.
│ │ │ │ |
│ │ │ │ transfer, zone |
│ │ │ │
│ │ │ │
| statistics-channels |
│ │ │ │ Specifies the communication channels to be used by system administrators to access statistics information on the name server.
│ │ │ │ |
│ │ │ │ logging |
│ │ │ │
│ │ │ │
| statistics-file |
│ │ │ │ Specifies the pathname of the file where the server appends statistics, when using rndc stats.
│ │ │ │ |
│ │ │ │ -server, logging |
│ │ │ │ +logging, server |
│ │ │ │
│ │ │ │
| stderr |
│ │ │ │ Directs the logging channel output to the server's standard error stream.
│ │ │ │ |
│ │ │ │ logging |
│ │ │ │
│ │ │ │
| streams-per-connection |
│ │ │ │ Specifies the maximum number of concurrent HTTP/2 streams over an HTTP/2 connection.
│ │ │ │ |
│ │ │ │ -server, query |
│ │ │ │ +query, server |
│ │ │ │
│ │ │ │
| suffix |
│ │ │ │ Defines trailing bits for mapped IPv4 address bits in dns64.
│ │ │ │ |
│ │ │ │ query |
│ │ │ │
│ │ │ │
| synth-from-dnssec |
│ │ │ │ @@ -11581,15 +11581,15 @@
│ │ │ │ Sets the amount of time (in milliseconds) that the server waits on an idle TCP connection before closing it, if the EDNS TCP keepalive option is not in use.
│ │ │ │ |
│ │ │ │ query |
│ │ │ │
│ │ │ │
| tcp-initial-timeout |
│ │ │ │ Sets the amount of time (in milliseconds) that the server waits on a new TCP connection for the first message from the client.
│ │ │ │ |
│ │ │ │ -server, query |
│ │ │ │ +query, server |
│ │ │ │
│ │ │ │
| tcp-keepalive |
│ │ │ │ Adds EDNS TCP keepalive to messages sent over TCP.
│ │ │ │ |
│ │ │ │ server |
│ │ │ │
│ │ │ │
| tcp-keepalive-timeout |
│ │ │ │ @@ -11636,15 +11636,15 @@
│ │ │ │ Configures a TLS connection.
│ │ │ │ |
│ │ │ │ security |
│ │ │ │
│ │ │ │
| tls-port |
│ │ │ │ Specifies the TCP port number the server uses to receive and send DNS-over-TLS protocol traffic.
│ │ │ │ |
│ │ │ │ -server, query |
│ │ │ │ +query, server |
│ │ │ │
│ │ │ │
| transfer-format |
│ │ │ │ Controls whether multiple records can be packed into a message during zone transfers.
│ │ │ │ |
│ │ │ │ transfer |
│ │ │ │
│ │ │ │
| transfer-message-size |
│ │ │ │ @@ -11784,15 +11784,15 @@
│ │ │ │ Specifies a list of ports that are valid sources for UDP/IPv6 messages.
│ │ │ │ |
│ │ │ │ deprecated |
│ │ │ │
│ │ │ │
| v6-bias |
│ │ │ │ Indicates the number of milliseconds of preference to give to IPv6 name servers.
│ │ │ │ |
│ │ │ │ -server, query |
│ │ │ │ +query, server |
│ │ │ │
│ │ │ │
| validate-except |
│ │ │ │ Specifies a list of domain names at and beneath which DNSSEC validation should not be performed.
│ │ │ │ |
│ │ │ │ dnssec |
│ │ │ │
│ │ │ │
| version |
│ │ │ │ @@ -11809,20 +11809,20 @@
│ │ │ │ Specifies the length of time during which responses are tracked.
│ │ │ │ |
│ │ │ │ query |
│ │ │ │
│ │ │ │
| zero-no-soa-ttl |
│ │ │ │ Specifies whether to set the time to live (TTL) of the SOA record to zero, when returning authoritative negative responses to SOA queries.
│ │ │ │ |
│ │ │ │ -query, server, zone |
│ │ │ │ +server, query, zone |
│ │ │ │
│ │ │ │
| zero-no-soa-ttl-cache |
│ │ │ │ Sets the time to live (TTL) to zero when caching a negative response to an SOA query.
│ │ │ │ |
│ │ │ │ -query, server, zone |
│ │ │ │ +server, query, zone |
│ │ │ │
│ │ │ │
| zone |
│ │ │ │ Specifies the zone in a BIND 9 configuration.
│ │ │ │ |
│ │ │ │ zone |
│ │ │ │
│ │ │ │
| zone-propagation-delay |
│ │ │ │ ├── html2text {}
│ │ │ │ │ @@ -2478,30 +2478,30 @@
│ │ │ │ │ _�b_�r_�e_�a_�k_�-_�d_�n_�s_�s_�e_�c even if the validated query
│ │ │ │ │ result would cause a DNSSEC
│ │ │ │ │ validation failure.
│ │ │ │ │ _�b_�u_�f_�f_�e_�r_�e_�d Controls flushing of log logging
│ │ │ │ │ messages.
│ │ │ │ │ Specifies the path to a
│ │ │ │ │ file containing TLS
│ │ │ │ │ -_�c_�a_�-_�f_�i_�l_�e certificates for trusted CA server, security
│ │ │ │ │ +_�c_�a_�-_�f_�i_�l_�e certificates for trusted CA security, server
│ │ │ │ │ authorities, used to verify
│ │ │ │ │ remote peer certificates.
│ │ │ │ │ _�c_�a_�t_�a_�l_�o_�g_�-_�z_�o_�n_�e_�s Configures catalog zones in zone
│ │ │ │ │ _�n_�a_�m_�e_�d_�._�c_�o_�n_�f.
│ │ │ │ │ Specifies the type of data
│ │ │ │ │ _�c_�a_�t_�e_�g_�o_�r_�y logged to a particular logging
│ │ │ │ │ channel.
│ │ │ │ │ Specifies whether a CDNSKEY
│ │ │ │ │ _�c_�d_�n_�s_�k_�e_�y record should be published dnssec
│ │ │ │ │ during KSK rollover.
│ │ │ │ │ Specifies the digest types
│ │ │ │ │ _�c_�d_�s_�-_�d_�i_�g_�e_�s_�t_�-_�t_�y_�p_�e_�s to use for CDS resource dnssec
│ │ │ │ │ records.
│ │ │ │ │ Specifies the path to a
│ │ │ │ │ -_�c_�e_�r_�t_�-_�f_�i_�l_�e file containing the TLS server, security
│ │ │ │ │ +_�c_�e_�r_�t_�-_�f_�i_�l_�e file containing the TLS security, server
│ │ │ │ │ certificate for a
│ │ │ │ │ connection.
│ │ │ │ │ Defines a stream of data
│ │ │ │ │ _�c_�h_�a_�n_�n_�e_�l that can be independently logging
│ │ │ │ │ logged.
│ │ │ │ │ Checks primary zones for
│ │ │ │ │ records that are treated as
│ │ │ │ │ @@ -2578,15 +2578,15 @@
│ │ │ │ │ or IPv6 addresses match a
│ │ │ │ │ given _�a_�d_�d_�r_�e_�s_�s_�__�m_�a_�t_�c_�h_�__�l_�i_�s_�t.
│ │ │ │ │ Rejects CNAME or DNAME
│ │ │ │ │ _�d_�e_�n_�y_�-_�a_�n_�s_�w_�e_�r_�-_�a_�l_�i_�a_�s_�e_�s records if the "alias" name query
│ │ │ │ │ matches a given list of
│ │ │ │ │ _�d_�o_�m_�a_�i_�n_�__�n_�a_�m_�e elements.
│ │ │ │ │ Specifies the path to a
│ │ │ │ │ -_�d_�h_�p_�a_�r_�a_�m_�-_�f_�i_�l_�e file containing Diffie- server, security
│ │ │ │ │ +_�d_�h_�p_�a_�r_�a_�m_�-_�f_�i_�l_�e file containing Diffie- security, server
│ │ │ │ │ Hellman parameters, for
│ │ │ │ │ enabling cipher suites.
│ │ │ │ │ Concentrates zone
│ │ │ │ │ maintenance so that all
│ │ │ │ │ _�d_�i_�a_�l_�u_�p transfers take place once deprecated
│ │ │ │ │ every _�h_�e_�a_�r_�t_�b_�e_�a_�t_�-_�i_�n_�t_�e_�r_�v_�a_�l,
│ │ │ │ │ ideally during a single
│ │ │ │ │ @@ -2611,22 +2611,22 @@
│ │ │ │ │ _�d_�n_�s_�6_�4_�-_�s_�e_�r_�v_�e_�r Specifies the name of the server
│ │ │ │ │ server for _�d_�n_�s_�6_�4 zones.
│ │ │ │ │ _�d_�n_�s_�k_�e_�y_�-_�s_�i_�g_�-_�v_�a_�l_�i_�d_�i_�t_�y obsolete
│ │ │ │ │ Specifies the time to live
│ │ │ │ │ _�d_�n_�s_�k_�e_�y_�-_�t_�t_�l (TTL) for DNSKEY resource dnssec
│ │ │ │ │ records.
│ │ │ │ │ Turns on the DNS Response
│ │ │ │ │ -_�d_�n_�s_�r_�p_�s_�-_�e_�n_�a_�b_�l_�e Policy Service (DNSRPS) server, security
│ │ │ │ │ +_�d_�n_�s_�r_�p_�s_�-_�e_�n_�a_�b_�l_�e Policy Service (DNSRPS) security, server
│ │ │ │ │ interface.
│ │ │ │ │ Turns on the DNS Response
│ │ │ │ │ -_�d_�n_�s_�r_�p_�s_�-_�l_�i_�b_�r_�a_�r_�y Policy Service (DNSRPS) server, security
│ │ │ │ │ +_�d_�n_�s_�r_�p_�s_�-_�l_�i_�b_�r_�a_�r_�y Policy Service (DNSRPS) security, server
│ │ │ │ │ interface.
│ │ │ │ │ Provides additional RPZ
│ │ │ │ │ configuration settings,
│ │ │ │ │ -_�d_�n_�s_�r_�p_�s_�-_�o_�p_�t_�i_�o_�n_�s which are passed to the DNS server, security
│ │ │ │ │ +_�d_�n_�s_�r_�p_�s_�-_�o_�p_�t_�i_�o_�n_�s which are passed to the DNS security, server
│ │ │ │ │ Response Policy Service
│ │ │ │ │ (DNSRPS) provider library.
│ │ │ │ │ Instructs BIND 9 to accept
│ │ │ │ │ _�d_�n_�s_�s_�e_�c_�-_�a_�c_�c_�e_�p_�t_�-_�e_�x_�p_�i_�r_�e_�d expired DNSSEC signatures dnssec
│ │ │ │ │ when validating.
│ │ │ │ │ _�d_�n_�s_�s_�e_�c_�-_�d_�n_�s_�k_�e_�y_�-_�k_�s_�k_�o_�n_�l_�y obsolete
│ │ │ │ │ Sets the frequency of
│ │ │ │ │ @@ -2677,42 +2677,42 @@
│ │ │ │ │ for empty zones.
│ │ │ │ │ Specifies the server name
│ │ │ │ │ _�e_�m_�p_�t_�y_�-_�s_�e_�r_�v_�e_�r in the returned SOA record server, zone
│ │ │ │ │ for empty zones.
│ │ │ │ │ _�e_�m_�p_�t_�y_�-_�z_�o_�n_�e_�s_�-_�e_�n_�a_�b_�l_�e Enables or disables all server, zone
│ │ │ │ │ empty zones.
│ │ │ │ │ Specifies a list of HTTP
│ │ │ │ │ -_�e_�n_�d_�p_�o_�i_�n_�t_�s query paths on which to server, query
│ │ │ │ │ +_�e_�n_�d_�p_�o_�i_�n_�t_�s query paths on which to query, server
│ │ │ │ │ listen.
│ │ │ │ │ Limits the number of errors
│ │ │ │ │ _�e_�r_�r_�o_�r_�s_�-_�p_�e_�r_�-_�s_�e_�c_�o_�n_�d for a valid domain name and server
│ │ │ │ │ record type.
│ │ │ │ │ Allows a list of IPv6
│ │ │ │ │ addresses to be ignored if
│ │ │ │ │ _�e_�x_�c_�l_�u_�d_�e they appear in a domain query
│ │ │ │ │ name's AAAA records in
│ │ │ │ │ _�d_�n_�s_�6_�4.
│ │ │ │ │ Exempts specific clients or
│ │ │ │ │ _�e_�x_�e_�m_�p_�t_�-_�c_�l_�i_�e_�n_�t_�s client groups from rate query
│ │ │ │ │ limiting.
│ │ │ │ │ Sets the parameters for
│ │ │ │ │ dynamic resizing of the
│ │ │ │ │ -_�f_�e_�t_�c_�h_�-_�q_�u_�o_�t_�a_�-_�p_�a_�r_�a_�m_�s _�f_�e_�t_�c_�h_�e_�s_�-_�p_�e_�r_�-_�s_�e_�r_�v_�e_�r quota in server, query
│ │ │ │ │ +_�f_�e_�t_�c_�h_�-_�q_�u_�o_�t_�a_�-_�p_�a_�r_�a_�m_�s _�f_�e_�t_�c_�h_�e_�s_�-_�p_�e_�r_�-_�s_�e_�r_�v_�e_�r quota in query, server
│ │ │ │ │ response to detected
│ │ │ │ │ congestion.
│ │ │ │ │ Sets the maximum number of
│ │ │ │ │ simultaneous iterative
│ │ │ │ │ queries allowed to be sent
│ │ │ │ │ -_�f_�e_�t_�c_�h_�e_�s_�-_�p_�e_�r_�-_�s_�e_�r_�v_�e_�r by a server to an upstream server, query
│ │ │ │ │ +_�f_�e_�t_�c_�h_�e_�s_�-_�p_�e_�r_�-_�s_�e_�r_�v_�e_�r by a server to an upstream query, server
│ │ │ │ │ name server before the
│ │ │ │ │ server blocks additional
│ │ │ │ │ queries.
│ │ │ │ │ Sets the maximum number of
│ │ │ │ │ simultaneous iterative
│ │ │ │ │ -_�f_�e_�t_�c_�h_�e_�s_�-_�p_�e_�r_�-_�z_�o_�n_�e queries allowed to any one server, query
│ │ │ │ │ +_�f_�e_�t_�c_�h_�e_�s_�-_�p_�e_�r_�-_�z_�o_�n_�e queries allowed to any one query, server
│ │ │ │ │ domain before the server
│ │ │ │ │ blocks new queries for data
│ │ │ │ │ in or beneath that zone.
│ │ │ │ │ _�f_�i_�l_�e Specifies the zone's zone
│ │ │ │ │ filename.
│ │ │ │ │ Controls whether pending
│ │ │ │ │ _�f_�l_�u_�s_�h_�-_�z_�o_�n_�e_�s_�-_�o_�n_�-_�s_�h_�u_�t_�d_�o_�w_�n zone writes are flushed zone
│ │ │ │ │ @@ -2758,29 +2758,29 @@
│ │ │ │ │ maintenance tasks for all
│ │ │ │ │ zones marked as _�d_�i_�a_�l_�u_�p.
│ │ │ │ │ Specifies the hostname of
│ │ │ │ │ _�h_�o_�s_�t_�n_�a_�m_�e the server to return in server
│ │ │ │ │ response to a hostname.bind
│ │ │ │ │ query.
│ │ │ │ │ Configures HTTP endpoints
│ │ │ │ │ -_�h_�t_�t_�p on which to listen for DNS- server, query
│ │ │ │ │ +_�h_�t_�t_�p on which to listen for DNS- query, server
│ │ │ │ │ over-HTTPS (DoH) queries.
│ │ │ │ │ Limits the number of active
│ │ │ │ │ _�h_�t_�t_�p_�-_�l_�i_�s_�t_�e_�n_�e_�r_�-_�c_�l_�i_�e_�n_�t_�s concurrent connections on a server
│ │ │ │ │ per-listener basis.
│ │ │ │ │ Specifies the TCP port
│ │ │ │ │ number the server uses to
│ │ │ │ │ -_�h_�t_�t_�p_�-_�p_�o_�r_�t receive and send server, query
│ │ │ │ │ +_�h_�t_�t_�p_�-_�p_�o_�r_�t receive and send query, server
│ │ │ │ │ unencrypted DNS traffic via
│ │ │ │ │ HTTP.
│ │ │ │ │ _�h_�t_�t_�p_�-_�s_�t_�r_�e_�a_�m_�s_�-_�p_�e_�r_�- Limits the number of active
│ │ │ │ │ _�c_�o_�n_�n_�e_�c_�t_�i_�o_�n concurrent HTTP/2 streams server
│ │ │ │ │ on a per-connection basis.
│ │ │ │ │ Specifies the TCP port
│ │ │ │ │ -_�h_�t_�t_�p_�s_�-_�p_�o_�r_�t number the server uses to server, query
│ │ │ │ │ +_�h_�t_�t_�p_�s_�-_�p_�o_�r_�t number the server uses to query, server
│ │ │ │ │ receive and send DNS-over-
│ │ │ │ │ HTTPS protocol traffic.
│ │ │ │ │ _�i_�n_�-_�v_�i_�e_�w Specifies the view in which view, zone
│ │ │ │ │ a given zone is defined.
│ │ │ │ │ _�i_�n_�e_�t Specifies a TCP socket as a server
│ │ │ │ │ control channel.
│ │ │ │ │ Specifies whether BIND 9
│ │ │ │ │ @@ -2795,15 +2795,15 @@
│ │ │ │ │ Specifies the contact for
│ │ │ │ │ _�i_�p_�v_�4_�o_�n_�l_�y_�-_�c_�o_�n_�t_�a_�c_�t the IPV4ONLY.ARPA zone server
│ │ │ │ │ created by _�d_�n_�s_�6_�4.
│ │ │ │ │ Enables automatic IPv4
│ │ │ │ │ _�i_�p_�v_�4_�o_�n_�l_�y_�-_�e_�n_�a_�b_�l_�e zones if a _�d_�n_�s_�6_�4 block is query
│ │ │ │ │ configured.
│ │ │ │ │ Specifies the name of the
│ │ │ │ │ -_�i_�p_�v_�4_�o_�n_�l_�y_�-_�s_�e_�r_�v_�e_�r server for the server, query
│ │ │ │ │ +_�i_�p_�v_�4_�o_�n_�l_�y_�-_�s_�e_�r_�v_�e_�r server for the query, server
│ │ │ │ │ IPV4ONLY.ARPA zone created
│ │ │ │ │ by _�d_�n_�s_�6_�4.
│ │ │ │ │ Specifies the prefix
│ │ │ │ │ _�i_�p_�v_�6_�-_�p_�r_�e_�f_�i_�x_�-_�l_�e_�n_�g_�t_�h lengths of IPv6 address server
│ │ │ │ │ blocks.
│ │ │ │ │ _�i_�x_�f_�r_�-_�f_�r_�o_�m_�-_�d_�i_�f_�f_�e_�r_�e_�n_�c_�e_�s Controls how IXFR transfers transfer
│ │ │ │ │ are calculated.
│ │ │ │ │ @@ -2813,31 +2813,31 @@
│ │ │ │ │ Defines a shared secret key
│ │ │ │ │ _�k_�e_�y for use with _�T_�S_�I_�G or the security
│ │ │ │ │ command channel.
│ │ │ │ │ Indicates the directory
│ │ │ │ │ _�k_�e_�y_�-_�d_�i_�r_�e_�c_�t_�o_�r_�y where public and private dnssec
│ │ │ │ │ DNSSEC key files are found.
│ │ │ │ │ Specifies the path to a
│ │ │ │ │ -_�k_�e_�y_�-_�f_�i_�l_�e file containing the private server, security
│ │ │ │ │ +_�k_�e_�y_�-_�f_�i_�l_�e file containing the private security, server
│ │ │ │ │ TLS key for a connection.
│ │ │ │ │ _�k_�e_�y_�-_�s_�t_�o_�r_�e Configures a DNSSEC key dnssec
│ │ │ │ │ store.
│ │ │ │ │ Specifies one or more
│ │ │ │ │ -_�k_�e_�y_�s _�s_�e_�r_�v_�e_�r_�__�k_�e_�y s to be used server, security
│ │ │ │ │ +_�k_�e_�y_�s _�s_�e_�r_�v_�e_�r_�__�k_�e_�y s to be used security, server
│ │ │ │ │ with a remote server.
│ │ │ │ │ _�l_�a_�m_�e_�-_�t_�t_�l Sets the resolver's lame server
│ │ │ │ │ cache.
│ │ │ │ │ Specifies the IPv4
│ │ │ │ │ _�l_�i_�s_�t_�e_�n_�-_�o_�n addresses on which a server server
│ │ │ │ │ listens for DNS queries.
│ │ │ │ │ Specifies the IPv6
│ │ │ │ │ _�l_�i_�s_�t_�e_�n_�-_�o_�n_�-_�v_�6 addresses on which a server server
│ │ │ │ │ listens for DNS queries.
│ │ │ │ │ Specifies a per-listener
│ │ │ │ │ -_�l_�i_�s_�t_�e_�n_�e_�r_�-_�c_�l_�i_�e_�n_�t_�s quota for active server, query
│ │ │ │ │ +_�l_�i_�s_�t_�e_�n_�e_�r_�-_�c_�l_�i_�e_�n_�t_�s quota for active query, server
│ │ │ │ │ connections.
│ │ │ │ │ Sets a maximum size for the
│ │ │ │ │ _�l_�m_�d_�b_�-_�m_�a_�p_�s_�i_�z_�e memory map of the new-zone server
│ │ │ │ │ database in LMDB database
│ │ │ │ │ format.
│ │ │ │ │ Tests rate-limiting
│ │ │ │ │ _�l_�o_�g_�-_�o_�n_�l_�y parameters without actually query, logging
│ │ │ │ │ @@ -2907,15 +2907,15 @@
│ │ │ │ │ zone.
│ │ │ │ │ Sets the maximum number of
│ │ │ │ │ levels of recursion
│ │ │ │ │ _�m_�a_�x_�-_�r_�e_�c_�u_�r_�s_�i_�o_�n_�-_�d_�e_�p_�t_�h permitted at any one time server
│ │ │ │ │ while servicing a recursive
│ │ │ │ │ query.
│ │ │ │ │ Sets the maximum number of
│ │ │ │ │ -_�m_�a_�x_�-_�r_�e_�c_�u_�r_�s_�i_�o_�n_�-_�q_�u_�e_�r_�i_�e_�s iterative queries while server, query
│ │ │ │ │ +_�m_�a_�x_�-_�r_�e_�c_�u_�r_�s_�i_�o_�n_�-_�q_�u_�e_�r_�i_�e_�s iterative queries while query, server
│ │ │ │ │ servicing a recursive
│ │ │ │ │ query.
│ │ │ │ │ Limits the zone refresh
│ │ │ │ │ _�m_�a_�x_�-_�r_�e_�f_�r_�e_�s_�h_�-_�t_�i_�m_�e interval to no less often transfer
│ │ │ │ │ than the specified value,
│ │ │ │ │ in seconds.
│ │ │ │ │ Limits the zone refresh
│ │ │ │ │ @@ -2960,15 +2960,15 @@
│ │ │ │ │ Set the maximum number of
│ │ │ │ │ _�m_�a_�x_�-_�v_�a_�l_�i_�d_�a_�t_�i_�o_�n_�s_�-_�p_�e_�r_�-_�f_�e_�t_�c_�h DNSSEC validations that can server
│ │ │ │ │ happen in single fetch
│ │ │ │ │ Specifies a maximum
│ │ │ │ │ _�m_�a_�x_�-_�z_�o_�n_�e_�-_�t_�t_�l permissible time-to-live deprecated
│ │ │ │ │ (TTL) value, in seconds.
│ │ │ │ │ Controls whether memory
│ │ │ │ │ -_�m_�e_�m_�s_�t_�a_�t_�i_�s_�t_�i_�c_�s statistics are written to server, logging
│ │ │ │ │ +_�m_�e_�m_�s_�t_�a_�t_�i_�s_�t_�i_�c_�s statistics are written to logging, server
│ │ │ │ │ the file specified by
│ │ │ │ │ _�m_�e_�m_�s_�t_�a_�t_�i_�s_�t_�i_�c_�s_�-_�f_�i_�l_�e at exit.
│ │ │ │ │ Sets the pathname of the
│ │ │ │ │ _�m_�e_�m_�s_�t_�a_�t_�i_�s_�t_�i_�c_�s_�-_�f_�i_�l_�e file where the server logging
│ │ │ │ │ writes memory usage
│ │ │ │ │ statistics on exit.
│ │ │ │ │ Controls whether DNS name
│ │ │ │ │ @@ -3100,19 +3100,19 @@
│ │ │ │ │ Specifies the pathname of
│ │ │ │ │ _�p_�i_�d_�-_�f_�i_�l_�e the file where the server server
│ │ │ │ │ writes its process ID.
│ │ │ │ │ _�p_�k_�c_�s_�1_�1_�-_�u_�r_�i dnssec, pkcs11
│ │ │ │ │ _�p_�l_�u_�g_�i_�n Configures plugins in server
│ │ │ │ │ _�n_�a_�m_�e_�d_�._�c_�o_�n_�f.
│ │ │ │ │ Specifies the UDP/TCP port
│ │ │ │ │ -_�p_�o_�r_�t number the server uses to server, query
│ │ │ │ │ +_�p_�o_�r_�t number the server uses to query, server
│ │ │ │ │ receive and send DNS
│ │ │ │ │ protocol traffic.
│ │ │ │ │ Specifies that server
│ │ │ │ │ -_�p_�r_�e_�f_�e_�r_�-_�s_�e_�r_�v_�e_�r_�-_�c_�i_�p_�h_�e_�r_�s ciphers should be preferred server, security
│ │ │ │ │ +_�p_�r_�e_�f_�e_�r_�-_�s_�e_�r_�v_�e_�r_�-_�c_�i_�p_�h_�e_�r_�s ciphers should be preferred security, server
│ │ │ │ │ over client ones.
│ │ │ │ │ Controls the order of glue
│ │ │ │ │ _�p_�r_�e_�f_�e_�r_�r_�e_�d_�-_�g_�l_�u_�e records in an A or AAAA query
│ │ │ │ │ response.
│ │ │ │ │ Specifies the "trigger"
│ │ │ │ │ _�p_�r_�e_�f_�e_�t_�c_�h time-to-live (TTL) value at query
│ │ │ │ │ which prefetch of the
│ │ │ │ │ @@ -3153,15 +3153,15 @@
│ │ │ │ │ Controls the IPv4 address
│ │ │ │ │ _�q_�u_�e_�r_�y_�-_�s_�o_�u_�r_�c_�e from which queries are query
│ │ │ │ │ issued.
│ │ │ │ │ Controls the IPv6 address
│ │ │ │ │ _�q_�u_�e_�r_�y_�-_�s_�o_�u_�r_�c_�e_�-_�v_�6 from which queries are query
│ │ │ │ │ issued.
│ │ │ │ │ Specifies whether query
│ │ │ │ │ -_�q_�u_�e_�r_�y_�l_�o_�g logging should be active server, logging
│ │ │ │ │ +_�q_�u_�e_�r_�y_�l_�o_�g logging should be active logging, server
│ │ │ │ │ when _�n_�a_�m_�e_�d first starts.
│ │ │ │ │ Controls excessive UDP
│ │ │ │ │ responses, to prevent BIND
│ │ │ │ │ _�r_�a_�t_�e_�-_�l_�i_�m_�i_�t 9 from being used to query
│ │ │ │ │ amplify reflection denial-
│ │ │ │ │ of-service (DoS) attacks.
│ │ │ │ │ Specifies the pathname of
│ │ │ │ │ @@ -3218,15 +3218,15 @@
│ │ │ │ │ _�r_�e_�s_�o_�l_�v_�e_�r_�-_�u_�s_�e_�-_�d_�n_�s_�6_�4 DNS64 mappings when sending server
│ │ │ │ │ queries.
│ │ │ │ │ Adds an EDNS Padding option
│ │ │ │ │ to encrypted messages, to
│ │ │ │ │ _�r_�e_�s_�p_�o_�n_�s_�e_�-_�p_�a_�d_�d_�i_�n_�g reduce the chance of query
│ │ │ │ │ guessing the contents based
│ │ │ │ │ on size.
│ │ │ │ │ - Specifies response policy server, query, security,
│ │ │ │ │ + Specifies response policy query, security, server,
│ │ │ │ │ _�r_�e_�s_�p_�o_�n_�s_�e_�-_�p_�o_�l_�i_�c_�y zones for the view or among zone
│ │ │ │ │ global options.
│ │ │ │ │ Limits the number of non-
│ │ │ │ │ _�r_�e_�s_�p_�o_�n_�s_�e_�s_�-_�p_�e_�r_�-_�s_�e_�c_�o_�n_�d empty responses for a valid query
│ │ │ │ │ domain name and record
│ │ │ │ │ type.
│ │ │ │ │ Increases the amount of
│ │ │ │ │ @@ -3325,36 +3325,36 @@
│ │ │ │ │ period of DNSKEY records.
│ │ │ │ │ Sets the number of
│ │ │ │ │ "slipped" responses to
│ │ │ │ │ _�s_�l_�i_�p minimize the use of forged query
│ │ │ │ │ source addresses for an
│ │ │ │ │ attack.
│ │ │ │ │ Controls the ordering of
│ │ │ │ │ -_�s_�o_�r_�t_�l_�i_�s_�t RRs returned to the client, query, deprecated
│ │ │ │ │ +_�s_�o_�r_�t_�l_�i_�s_�t RRs returned to the client, deprecated, query
│ │ │ │ │ based on the client's IP
│ │ │ │ │ address.
│ │ │ │ │ Defines the amount of time
│ │ │ │ │ (in milliseconds) that
│ │ │ │ │ -_�s_�t_�a_�l_�e_�-_�a_�n_�s_�w_�e_�r_�-_�c_�l_�i_�e_�n_�t_�- _�n_�a_�m_�e_�d waits before server, query
│ │ │ │ │ +_�s_�t_�a_�l_�e_�-_�a_�n_�s_�w_�e_�r_�-_�c_�l_�i_�e_�n_�t_�- _�n_�a_�m_�e_�d waits before query, server
│ │ │ │ │ _�t_�i_�m_�e_�o_�u_�t attempting to answer a
│ │ │ │ │ query with a stale RRset
│ │ │ │ │ from cache.
│ │ │ │ │ Enables the returning of
│ │ │ │ │ -_�s_�t_�a_�l_�e_�-_�a_�n_�s_�w_�e_�r_�-_�e_�n_�a_�b_�l_�e "stale" cached answers when server, query
│ │ │ │ │ +_�s_�t_�a_�l_�e_�-_�a_�n_�s_�w_�e_�r_�-_�e_�n_�a_�b_�l_�e "stale" cached answers when query, server
│ │ │ │ │ the name servers for a zone
│ │ │ │ │ are not answering.
│ │ │ │ │ Specifies the time to live
│ │ │ │ │ _�s_�t_�a_�l_�e_�-_�a_�n_�s_�w_�e_�r_�-_�t_�t_�l (TTL) to be returned on query
│ │ │ │ │ stale answers, in seconds.
│ │ │ │ │ -_�s_�t_�a_�l_�e_�-_�c_�a_�c_�h_�e_�-_�e_�n_�a_�b_�l_�e Enables the retention of server, query
│ │ │ │ │ +_�s_�t_�a_�l_�e_�-_�c_�a_�c_�h_�e_�-_�e_�n_�a_�b_�l_�e Enables the retention of query, server
│ │ │ │ │ "stale" cached answers.
│ │ │ │ │ Sets the time window for
│ │ │ │ │ the return of "stale"
│ │ │ │ │ cached answers before the
│ │ │ │ │ -_�s_�t_�a_�l_�e_�-_�r_�e_�f_�r_�e_�s_�h_�-_�t_�i_�m_�e next attempt to contact, if server, query
│ │ │ │ │ +_�s_�t_�a_�l_�e_�-_�r_�e_�f_�r_�e_�s_�h_�-_�t_�i_�m_�e next attempt to contact, if query, server
│ │ │ │ │ the name servers for a
│ │ │ │ │ given zone are not
│ │ │ │ │ responding.
│ │ │ │ │ Specifies the rate at which
│ │ │ │ │ NOTIFY requests are sent
│ │ │ │ │ _�s_�t_�a_�r_�t_�u_�p_�-_�n_�o_�t_�i_�f_�y_�-_�r_�a_�t_�e when the name server is transfer, zone
│ │ │ │ │ first starting, or when new
│ │ │ │ │ @@ -3362,22 +3362,22 @@
│ │ │ │ │ Specifies the communication
│ │ │ │ │ channels to be used by
│ │ │ │ │ _�s_�t_�a_�t_�i_�s_�t_�i_�c_�s_�-_�c_�h_�a_�n_�n_�e_�l_�s system administrators to logging
│ │ │ │ │ access statistics
│ │ │ │ │ information on the name
│ │ │ │ │ server.
│ │ │ │ │ Specifies the pathname of
│ │ │ │ │ -_�s_�t_�a_�t_�i_�s_�t_�i_�c_�s_�-_�f_�i_�l_�e the file where the server server, logging
│ │ │ │ │ +_�s_�t_�a_�t_�i_�s_�t_�i_�c_�s_�-_�f_�i_�l_�e the file where the server logging, server
│ │ │ │ │ appends statistics, when
│ │ │ │ │ using _�r_�n_�d_�c_� _�s_�t_�a_�t_�s.
│ │ │ │ │ Directs the logging channel
│ │ │ │ │ _�s_�t_�d_�e_�r_�r output to the server's logging
│ │ │ │ │ standard error stream.
│ │ │ │ │ Specifies the maximum
│ │ │ │ │ -_�s_�t_�r_�e_�a_�m_�s_�-_�p_�e_�r_�-_�c_�o_�n_�n_�e_�c_�t_�i_�o_�n number of concurrent HTTP/ server, query
│ │ │ │ │ +_�s_�t_�r_�e_�a_�m_�s_�-_�p_�e_�r_�-_�c_�o_�n_�n_�e_�c_�t_�i_�o_�n number of concurrent HTTP/ query, server
│ │ │ │ │ 2 streams over an HTTP/
│ │ │ │ │ 2 connection.
│ │ │ │ │ Defines trailing bits for
│ │ │ │ │ _�s_�u_�f_�f_�i_�x mapped IPv4 address bits in query
│ │ │ │ │ _�d_�n_�s_�6_�4.
│ │ │ │ │ Enables support for _�R�R_�F�F_�C�C
│ │ │ │ │ _�s_�y_�n_�t_�h_�-_�f_�r_�o_�m_�-_�d_�n_�s_�s_�e_�c _�8�8_�1�1_�9�9_�8�8, Aggressive Use of dnssec
│ │ │ │ │ @@ -3398,15 +3398,15 @@
│ │ │ │ │ server waits on an idle TCP
│ │ │ │ │ _�t_�c_�p_�-_�i_�d_�l_�e_�-_�t_�i_�m_�e_�o_�u_�t connection before closing query
│ │ │ │ │ it, if the EDNS TCP
│ │ │ │ │ keepalive option is not in
│ │ │ │ │ use.
│ │ │ │ │ Sets the amount of time (in
│ │ │ │ │ milliseconds) that the
│ │ │ │ │ -_�t_�c_�p_�-_�i_�n_�i_�t_�i_�a_�l_�-_�t_�i_�m_�e_�o_�u_�t server waits on a new TCP server, query
│ │ │ │ │ +_�t_�c_�p_�-_�i_�n_�i_�t_�i_�a_�l_�-_�t_�i_�m_�e_�o_�u_�t server waits on a new TCP query, server
│ │ │ │ │ connection for the first
│ │ │ │ │ message from the client.
│ │ │ │ │ _�t_�c_�p_�-_�k_�e_�e_�p_�a_�l_�i_�v_�e Adds EDNS TCP keepalive to server
│ │ │ │ │ messages sent over TCP.
│ │ │ │ │ Sets the amount of time (in
│ │ │ │ │ milliseconds) that the
│ │ │ │ │ _�t_�c_�p_�-_�k_�e_�e_�p_�a_�l_�i_�v_�e_�-_�t_�i_�m_�e_�o_�u_�t server waits on an idle TCP query
│ │ │ │ │ @@ -3433,15 +3433,15 @@
│ │ │ │ │ protocol.
│ │ │ │ │ Sets the KRB5 keytab file
│ │ │ │ │ _�t_�k_�e_�y_�-_�g_�s_�s_�a_�p_�i_�-_�k_�e_�y_�t_�a_�b to use for GSS-TSIG security
│ │ │ │ │ updates.
│ │ │ │ │ _�t_�l_�s Configures a TLS security
│ │ │ │ │ connection.
│ │ │ │ │ Specifies the TCP port
│ │ │ │ │ -_�t_�l_�s_�-_�p_�o_�r_�t number the server uses to server, query
│ │ │ │ │ +_�t_�l_�s_�-_�p_�o_�r_�t number the server uses to query, server
│ │ │ │ │ receive and send DNS-over-
│ │ │ │ │ TLS protocol traffic.
│ │ │ │ │ Controls whether multiple
│ │ │ │ │ _�t_�r_�a_�n_�s_�f_�e_�r_�-_�f_�o_�r_�m_�a_�t records can be packed into transfer
│ │ │ │ │ a message during zone
│ │ │ │ │ transfers.
│ │ │ │ │ Limits the uncompressed
│ │ │ │ │ @@ -3535,15 +3535,15 @@
│ │ │ │ │ Specifies a list of ports
│ │ │ │ │ _�u_�s_�e_�-_�v_�4_�-_�u_�d_�p_�-_�p_�o_�r_�t_�s that are valid sources for deprecated
│ │ │ │ │ UDP/IPv4 messages.
│ │ │ │ │ Specifies a list of ports
│ │ │ │ │ _�u_�s_�e_�-_�v_�6_�-_�u_�d_�p_�-_�p_�o_�r_�t_�s that are valid sources for deprecated
│ │ │ │ │ UDP/IPv6 messages.
│ │ │ │ │ Indicates the number of
│ │ │ │ │ -_�v_�6_�-_�b_�i_�a_�s milliseconds of preference server, query
│ │ │ │ │ +_�v_�6_�-_�b_�i_�a_�s milliseconds of preference query, server
│ │ │ │ │ to give to IPv6 name
│ │ │ │ │ servers.
│ │ │ │ │ Specifies a list of domain
│ │ │ │ │ _�v_�a_�l_�i_�d_�a_�t_�e_�-_�e_�x_�c_�e_�p_�t names at and beneath which dnssec
│ │ │ │ │ DNSSEC validation should
│ │ │ │ │ not be performed.
│ │ │ │ │ Specifies the version
│ │ │ │ │ @@ -3555,20 +3555,20 @@
│ │ │ │ │ differently depending on
│ │ │ │ │ who is asking.
│ │ │ │ │ Specifies the length of
│ │ │ │ │ _�w_�i_�n_�d_�o_�w time during which responses query
│ │ │ │ │ are tracked.
│ │ │ │ │ Specifies whether to set
│ │ │ │ │ the time to live (TTL) of
│ │ │ │ │ -_�z_�e_�r_�o_�-_�n_�o_�-_�s_�o_�a_�-_�t_�t_�l the SOA record to zero, query, server, zone
│ │ │ │ │ +_�z_�e_�r_�o_�-_�n_�o_�-_�s_�o_�a_�-_�t_�t_�l the SOA record to zero, server, query, zone
│ │ │ │ │ when returning
│ │ │ │ │ authoritative negative
│ │ │ │ │ responses to SOA queries.
│ │ │ │ │ Sets the time to live (TTL)
│ │ │ │ │ -_�z_�e_�r_�o_�-_�n_�o_�-_�s_�o_�a_�-_�t_�t_�l_�-_�c_�a_�c_�h_�e to zero when caching a query, server, zone
│ │ │ │ │ +_�z_�e_�r_�o_�-_�n_�o_�-_�s_�o_�a_�-_�t_�t_�l_�-_�c_�a_�c_�h_�e to zero when caching a server, query, zone
│ │ │ │ │ negative response to an SOA
│ │ │ │ │ query.
│ │ │ │ │ _�z_�o_�n_�e Specifies the zone in a zone
│ │ │ │ │ BIND 9 configuration.
│ │ │ │ │ Sets the propagation delay
│ │ │ │ │ from the time a zone is
│ │ │ │ │ _�z_�o_�n_�e_�-_�p_�r_�o_�p_�a_�g_�a_�t_�i_�o_�n_�-_�d_�e_�l_�a_�y first updated to when the dnssec, zone