// Sample pdnsd configuration file. Must be customized to obtain a working pdnsd

1. // Sample pdnsd configuration file. Must be customized to obtain a working pdnsd setup!
2. // Read the pdnsd.conf(5) manpage for an explanation of the options.
3. // Add or remove '#' in front of options you want to disable or enable, respectively.
4. // Remove '/*' and '*/' to enable complete sections.
5.  
6. global {
7. perm_cache=999999;
8. cache_dir="/usr/local/var/cache/pdnsd";
9. # pid_file = /var/run/pdnsd.pid;
10. run_as="nobody";
11. server_ip = 127.0.0.1; # Use eth0 here if you want to allow other
12. # machines on your network to query pdnsd.
13. status_ctl = on;
14. # paranoid=on; # This option reduces the chance of cache poisoning
15. # but may make pdnsd less efficient, unfortunately.
16. query_method=udp_tcp;
17. min_ttl=1d; # Retain cached entries at least 1 day.
18. max_ttl=2d; # Two days
19. timeout=10; # Global timeout option (10 seconds).
20. neg_domain_pol=on;
21. }
22.  
23. # The following section is most appropriate if you have a fixed connection to
24. # the Internet and an ISP which provides good DNS servers.
25. server {
26. label= "Google Public DNS";
27. ip = 8.8.8.8, 8.8.4.4, 4.2.2.2; # Put your ISP's DNS-server address(es) here.
28. proxy_only=on; # Do not query any name servers beside your ISP's.
29. # This may be necessary if you are behind some
30. # kind of firewall and cannot receive replies
31. # from outside name servers.
32. timeout=4; # Server timeout; this may be much shorter
33. # that the global timeout option.
34. uptest=ping; # Test if the network interface is active.
35. ping_timeout=100;
36. #interface=eth0; # The name of the interface to check.
37. interval=10m; # Check every 10 minutes.
38. purge_cache=off; # Keep stale cache entries in case the ISP's
39. # DNS servers go offline.
40. }
41.  
42. /*
43. # The following section is more appropriate for dial-up connections.
44. # Read about how to use pdnsd-ctl for dynamic configuration in the documentation.
45. server {
46. label= "dialup";
47. file = "/etc/ppp/resolv.conf"; # Preferably do not use /etc/resolv.conf
48. proxy_only=on;
49. timeout=4;
50. uptest=if;
51. interface = ppp0;
52. interval=10; # Check the interface every 10 seconds.
53. purge_cache=off;
54. preset=off;
55. }
56. */
57.  
58. /*
59. # The servers provided by OpenDNS are fast, but they do not reply with
60. # NXDOMAIN for non-existant domains, instead they supply you with an
61. # address of one of their search engines. They also lie about the addresses of
62. # of the search engines of google, microsoft and yahoo.
63. # If you do not like this behaviour the "reject" option may be useful.
64. server {
65. label = "opendns";
66. ip = 208.67.222.222, 208.67.220.220;
67. reject = 208.69.32.0/24, # You may need to add additional address ranges
68. 208.69.34.0/24, # here if the addresses of their search engines
69. 208.67.219.0/24; # change.
70. reject_policy = fail; # If you do not provide any alternative server
71. # sections, like the following root-server
72. # example, "negate" may be more appropriate here.
73. timeout = 4;
74. uptest = ping; # Test availability using ICMP echo requests.
75. ping_timeout = 100; # ping test will time out after 10 seconds.
76. interval = 15m; # Test every 15 minutes.
77. preset = off;
78. }
79. */
80.  
81. /*
82. # This section is meant for resolving from root servers.
83. server {
84. label = "root-servers";
85. root_server = discover; # Query the name servers listed below
86. # to obtain a full list of root servers.
87. randomize_servers = on; # Give every root server an equal chance
88. # of being queried.
89. ip = 198.41.0.4, # This list will be expanded to the full
90. 192.228.79.201; # list on start up.
91. timeout = 5;
92. uptest = query; # Test availability using empty DNS queries.
93. interval = 30m; # Test every half hour.
94. ping_timeout = 300; # Test should time out after 30 seconds.
95. purge_cache = off;
96. exclude = .localdomain;
97. policy = included;
98. preset = off;
99. }
100. */
101.  
102. source {
103. owner=localhost;
104. # serve_aliases=on;
105. file="/etc/hosts";
106. }
107.  
108. /*
109. include {file="/etc/pdnsd.include";} # Read additional definitions from /etc/pdnsd.include.
110. */
111.  
112. rr {
113. name=localhost;
114. reverse=on;
115. a=127.0.0.1;
116. owner=localhost;
117. soa=localhost,root.localhost,42,86400,900,86400,86400;
118. }
119.  
120. /*
121. neg {
122. name=doubleclick.net;
123. types=domain; # This will also block xxx.doubleclick.net, etc.
124. }
125. */
126.  
127. /*
128. neg {
129. name=bad.server.com; # Badly behaved server you don't want to connect to.
130. types=A,AAAA;
131. }
132. */