// --------------------------------------------
// Please DON'T CHANGE THIS FILE !!!  
// This file is generated from llxcfg conffile:
// "dns/bin/named.conf.options"
// ---------------------------------------------

options {
	directory "/var/cache/bind";

	// If there is a firewall between you and nameservers you want
	// to talk to, you might need to uncomment the query-source
	// directive below.  Previous versions of BIND always asked
	// questions using port 53, but BIND 8.1 and later use an unprivileged
	// port by default.

	// query-source address * port 53;

	// If your ISP provided one or more IP addresses for stable 
	// nameservers, you probably want to use them as forwarders.  
	// Uncomment the following block, and insert the addresses replacing 
	// the all-0's placeholder.

#if  LLXTMPL_TESTVAR(_@_DNS_EXTRA_NS_@_)
	forwarders {
		_@_DNS_EXTRA_NS_@_;
	};
#endif

	auth-nxdomain no;    # conform to RFC1035
	listen-on-v6 { any; };

	// By default, name servers should only perform recursive domain
	// lookups for their direct clients.  If recursion is left open
	// to the entire Internet, your name server could be used to
	// perform distributed denial of service attacks against other
	// innocent computers.  For more information on DDoS recursion:
	// http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0987

	allow-recursion { localnets; };

	// If you have DNS clients on other subnets outside of your
	// server's "localnets", you can explicitly add their networks
	// without opening up your server to the Internet at large:
	// allow-recursion { localnets; 192.168.0.0/24; };

	// If your name server is only listening on 127.0.0.1, consider:
	// allow-recursion { 127.0.0.1; };
};