# named.conf.local
#
# - local zones and views

view "internal" {
	match-clients {
	    any;
	};
	recursion yes;

	zone "xai-corp.net." IN {
		type master;
		file "/etc/bind/db.xai-corp.net.internal";
		allow-query { any; };
		allow-transfer { none; };
	};

	zone "4.168.192.in-addr.arpa." IN {
		type master;
		file "/etc/bind/db.xai-corp.net.reverse";
		allow-update { none; };
	};

};

//view "external" {
//	match-clients { none; };
//	recursion no;


//	zone "xai-corp.net" {
//		type master;
//		file "/etc/bind/db.xai-corp.net.external";
//		allow-query { none; };
//		allow-transfer { 127.0.0.1; };
//	};
//};

/*
 * Briefly, a zone which has been declared delegation-only will be effectively
 * limited to containing NS RRs for subdomains, but no actual data beyond its
 * own apex (for example, its SOA RR and apex NS RRset). This can be used to
 * filter out "wildcard" or "synthesized" data from NAT boxes or from
 * authoritative name servers whose undelegated (in-zone) data is of no
 * interest.
 * See http://www.isc.org/software/bind/delegation-only for more info
 */

//zone "COM" { type delegation-only; };
//zone "NET" { type delegation-only; };

//zone "YOUR-DOMAIN.TLD" {
//	type master;
//	file "/var/bind/pri/YOUR-DOMAIN.TLD.zone";
//	allow-query { any; };
//	allow-transfer { xfer; };
//};

//zone "YOUR-SLAVE.TLD" {
//	type slave;
//	file "/var/bind/sec/YOUR-SLAVE.TLD.zone";
//	masters { <MASTER>; };

	/* Anybody is allowed to query but transfer should be controlled by the master. */
//	allow-query { any; };
//	allow-transfer { none; };

	/* The master should be the only one who notifies the slaves, shouldn't it? */
//	allow-notify { <MASTER>; };
//	notify no;
//};