diff --git a/bind/templates/named.conf.options.j2 b/bind/templates/named.conf.options.j2
new file mode 100644
index 00000000..7ffa4aeb
--- /dev/null
+++ b/bind/templates/named.conf.options.j2
@@ -0,0 +1,56 @@
+options {
+        directory "/var/cache/bind";
+
+        // If there is a firewall between you and nameservers you want
+        // to talk to, you may need to fix the firewall to allow multiple
+        // ports to talk.  See http://www.kb.cert.org/vuls/id/800113
+
+        // If your ISP provided one or more IP addresses for stable
+        // nameservers, you probably want to use them as forwarders.
+        // Uncomment the following block, and insert the addresses replacing
+        // the all-0's placeholder.
+
+        // forwarders {
+        //      0.0.0.0;
+        // };
+
+        version "Bingo";
+
+        auth-nxdomain no;    # conform to RFC1035
+        //listen-on-v6 { ::1; };
+        //listen-on { 127.0.0.1; };
+
+      allow-query { localhost;};
+      allow-transfer { localhost; };
+      allow-recursion { localhost; };
+
+    statistics-file "/var/run/named.stats";
+};
+
+logging {
+        //category default { default_syslog; default_debug; };
+        category default { default_debug; };
+
+        channel default_syslog {
+                syslog daemon;
+                severity info;
+        };
+
+        channel default_debug {
+                file "/var/log/bind.log";
+                severity debug;
+        };
+        channel query {
+            file "/var/log/query.log" versions 2 size 1m;
+            print-time yes;
+            severity info;
+        };
+        category queries { query; };
+};
+
+//key "external" {
+//        algorithm hmac-md5;
+//        secret "UOQfHEoBzBSC6sD4mwfxLw==";
+//};
+//
+//server 85.118.59.1 { keys external; };