.SS GENERAL DIRECTIVES
These directives specify general configuration details. They should
appear before directives specifying zones, as each will affect only
-later zone directives.
+later zone directives. Foreign zones (zones explicitly specified on
+the command line but not mentioned in the configuration) use the
+configuration settings prevailing at the end of the config file.
.TP
\fBadmin\fP \fIemail\-address\fP
Specifies the email address of the local administrator. This is used
Specifies the list of addresses that are forbidden as any nameserver
for any zone. The default is no such addresses.
.TP
+\fBforbid\-addr\fP [\fIip-address ...\fP]
+Specifies the list of addresses that are forbidden as a nameserver
+for a zone for which we are the primary - ie, the list of our old or
+to-be-obsoleted slaves. The default is no such addresses.
+.TP
\fBserverless\-glueless\fP \fIdomain ...\fP
Specifies a list of domains under which we do not expect to find any
-nameservers; for these zones it is OK to find glueless referrals.
+nameservers without glue; for these zones it is OK to find glueless
+referrals.
Each domain listed names a complete subtree of the DNS, starting at
the named point. The default is
.BR "in\-addr.arpa ip6.arpa ip6.int" .
(which delay or prevent lookups) it is necessary for all sites to
effectively implement similar conventions; currently the author
believes that only the reverse lookup namespaces are conventionally
-devoid of nameservers, and therefore fine to provide glueless
-referrals for. See GLUELESSNESS below.
+devoid of (glueless) nameservers, and therefore fine to provide
+glueless referrals for. See GLUELESSNESS below.
+.TP
+\fBallow-\-indirect\-glue\fP \fInameserver-superdomain ...\fP
+Specifies a list of domains under which we expect to find glueless
+nameservers, with up to one layer of indirection.
+For nameservers under these domains it is OK to to find glueless
+referrals, but only when listed as a nameserver for a zone which is
+not itself a subdomain of an \fBallow-indirect-glue\fR
+\fInameserver-superdomain\fR.
+
+This supports to common configuration style where DNS operator(s) set
+up all of their nameservers with names within a small subsection of
+the DNS (the portions under \fInameserver-superdomain\fRs), and
+provide glueless referrals naming these nameservers for all other
+zones. This provides at most one level of missing glue.
+
+Note that if the DNS administrators collectively able to influence the
+service for some zone (including the admins for its superzones, the
+zones containing its nameservers, and their superzones and so forth)
+are not in sufficiently close communication do not all agree on the
+proper set of \fInameserver-superdomain\fR then they might still set
+up circular glue and \fBchiark-named-conf\fR would not necessarily be
+able to detect this even if it was run on every relevant nameserver.
.TP
\fBmail\-state\-dir\fP \fIdirectory\fP
Uses
details.
You should have received a copy of the GNU General Public License along
-with this program; if not, write to the Free Software Foundation, Inc.,
-59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+with this program; if not, consult the Free Software Foundation's
+website at www.fsf.org, or the GNU Project website at www.gnu.org.
~ian / chiark-utils.git / blobdiff