Mandatory parameters are denoted by an * (asterisk).
header | type | description | required | encoding | sample | object_headers | ||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
key* | string | The primary identifier of an individual object. For DNS View, the name of the view is used as the key. | TRUE | string | ||||||||||
name* | string | The view's name. | TRUE | string | ||||||||||
comment | string | The comment for the view. | FALSE | string | ||||||||||
disabled | boolean | An indication of whether an object is to be disabled. | FALSE | string | ||||||||||
query_acl | array | To make authoritative queries, clients must match this ACL. | FALSE | nios | element | access | address | acl | tsig_key | tsig_name | tsig_comment | tsig_algorithm | tsig_secret | |
minimal_responses | boolean | When enabled, the DNS server will only add records to the authority and additional data sections when they are required. | FALSE | string | ||||||||||
transfer_acl | array | To receive zone transfers, clients must match this ACL. | FALSE | nios | element | access | address | acl | tsig_key | tsig_name | tsig_comment | tsig_algorithm | tsig_secret | |
recursion_enabled | boolean | If set to "true", recursive DNS queries are allowed. | FALSE | string | ||||||||||
recursion_acl | array | To make recursive queries, clients must match this ACL. | FALSE | nios | element | access | address | acl | tsig_key | tsig_name | tsig_comment | tsig_algorithm | tsig_secret | |
lame_ttl | integer | Not used in the current implementation of the on-prem DNS server. Unsigned integer; min 0, max 3600 (1 hour). | FALSE | string | ||||||||||
max_cache_ttl | integer | Seconds to cache positive responses. Unsigned integer; min 1, max 604800 (7 days). | FALSE | string | ||||||||||
max_negative_ttl | integer | Seconds to cache negative responses. | FALSE | string | ||||||||||
custom_root_ns_enabled | boolean | Indicates whether custom root nameservers are to be used instead of the default ones. | FALSE | string | ||||||||||
custom_root_ns | array | The list of custom root nameservers. The order does not matter. Error if empty while custom_root_ns_enabled is "true". Error if there are duplicate items in the list. | FALSE | nios | root_ns_address | root_ns_fqdn | ||||||||
forwarders | array | The list of forwarders. | FALSE | nios | forwarder_address | forwarder_fqdn | ||||||||
forwarders_only | boolean | Set to "true" to only forward. | FALSE | string | ||||||||||
use_forwarders_for_subzones | boolean | Use default forwarders to resolve queries for subzones. | FALSE | string | ||||||||||
refresh | integer | ZoneAuthority refresh. | FALSE | string | ||||||||||
retry | integer | ZoneAuthority retry. | FALSE | string | ||||||||||
expire | integer | ZoneAuthority expire time, in seconds. | FALSE | string | ||||||||||
default_ttl | integer | ZoneAuthority default TTL (in seconds) for resource records in the zone. | FALSE | string | ||||||||||
negative_ttl | integer | ZoneAuthority negative caching (minimum) TTL, in seconds. | FALSE | string | ||||||||||
rname | string | ZoneAuthority rname. | FALSE | string | ||||||||||
mname | string | ZoneAuthority master name server in punycode. | FALSE | string | ||||||||||
use_default_mname | boolean | Use the default value for the master nameserver. | FALSE | string | ||||||||||
update_acl | array | Specifies which hosts are allowed to issue. | FALSE | nios | element | access | address | acl | tsig_key | tsig_name | tsig_comment | tsig_algorithm | tsig_secret | |
ecs_enabled | boolean | Use to enable EDNS client subnet for recursive queries. | FALSE | string | ||||||||||
ecs_forwarding | boolean | Use to enable ECS options in outbound queries. This functionality has additional overhead, so it is disabled by default. | FALSE | string | ||||||||||
ecs_prefix_v4 | integer | Maximum scope length for v4 ECS. Unsigned integer; min 1, max 24. | FALSE | string | ||||||||||
ecs_prefix_v6 | integer | Maximum scope length for v6 ECS. Unsigned integer; min 1, max 56. | FALSE | string | ||||||||||
ecs_zones | array | The list of zones where ECS queries may be sent. | FALSE | nios | ecs_zone_fqdn | ecs_zone_access | ||||||||
dnssec_enabled | boolean | The master toggle for all DNSSEC processing. If this is disabled, other dnssec_*_ configuration is not used. | FALSE | string | ||||||||||
dnssec_enable_validation | boolean | Set to perform DNSSEC validation. Ignored if dnssec_enabled is "false". Defaults to "true". | FALSE | string | ||||||||||
dnssec_validate_expiry | boolean | Set to reject expired DNSSEC keys.Ignored if either dnssec_enabled or dnssec_enable_validation is "false". | FALSE | string | ||||||||||
dnssec_trust_anchors | array | DNSSEC trust anchors. Error if there are items with duplicate (zone, sep, algorithm) combinations. | FALSE | nios | trust_anchor_zone | trust_anchor_sep | trust_anchor_algorithm | trust_anchor_public_key | ||||||
match_clients_acl | array | Specifies which clients have access to the view. | FALSE | nios | element | access | address | acl | tsig_key | tsig_name | tsig_comment | tsig_algorithm | tsig_secret | |
match_destinations_acl | array | Specifies which destination addresses have access to the view. | FALSE | nios | element | access | address | acl | tsig_key | tsig_name | tsig_comment | tsig_algorithm | tsig_secret | |
match_recursive_only | boolean | If "true", then only recursive queries from matching clients can access the view. | FALSE | string | ||||||||||
query_acl_action | string | The configuration of inheritance for the query_acl field of a View object. | FALSE | string | inherit | |||||||||
minimal_responses_action | string | The configuration of inheritance for the minimal_responses field of a View object. | FALSE | string | inherit | |||||||||
transfer_acl_action | string | The configuration of inheritance for the transfer_acl field of a View object. | FALSE | string | inherit | |||||||||
recursion_enabled_action | string | The configuration of inheritance for the recursion_enabled field of a View object. | FALSE | string | inherit | |||||||||
recursion_acl_action | string | The configuration of inheritance for the recursion_acl field of a View object. | FALSE | string | inherit | |||||||||
lame_ttl_action | string | The configuration of inheritance for the lame_ttl field of a View object. | FALSE | string | inherit | |||||||||
max_cache_ttl_action | string | The configuration of inheritance for the max_cache_ttl field of a View object. | FALSE | string | inherit | |||||||||
max_negative_ttl_action | string | The configuration of inheritance for the max_negative_ttl field of a View object. | FALSE | string | inherit | |||||||||
custom_root_ns_block_action | string | The configuration of inheritance for the custom_root_ns_block field of a View object. | FALSE | string | inherit | |||||||||
forwarders_block_action | string | The configuration of inheritance for the forwarders_block field of a View object. | FALSE | string | inherit | |||||||||
use_forwarders_for_subzones_action | string | The configuration of inheritance for the use_forwarders_for_subzones field of a View object. | FALSE | string | inherit | |||||||||
update_acl_action | string | The configuration of inheritance for the update_acl field of a View object. | FALSE | string | inherit | |||||||||
ecs_block_action | string | The configuration of inheritance for the ecs_block field of a View object. | FALSE | string | inherit | |||||||||
dnssec_validation_block_action | string | The configuration of inheritance for the dnssec_validation_block field of a View object. | FALSE | string | inherit | |||||||||
refresh_action | string | The configuration of inheritance for the refresh field of a View object. | FALSE | string | inherit | |||||||||
retry_action | string | The configuration of inheritance for the retry field of a View object. | FALSE | string | inherit | |||||||||
expire_action | string | The configuration of inheritance for the expire field of a View object. | FALSE | string | inherit | |||||||||
default_ttl_action | string | The configuration of inheritance for the default_ttl field of a View object. | FALSE | string | inherit | |||||||||
negative_ttl_action | string | The configuration of inheritance for the negative_ttl field of a View object. | FALSE | string | inherit | |||||||||
rname_action | string | The configuration of inheritance for the rname field of a View object. | FALSE | string | inherit | |||||||||
protocol_rname_action | string | The configuration of inheritance for the protocol_rname field of a View object. | FALSE | string | inherit | |||||||||
mname_block_action | string | The configuration of inheritance for the mname_block field of a View object. | FALSE | string | inherit | |||||||||
match_recursive_only_action | string | The configuration of inheritance for the match_recursive_only field of a View object. | FALSE | string | inherit | |||||||||
edns_udp_size_action | string | The configuration of inheritance for the edns_udp_size field of a View object. | FALSE | string | inherit | |||||||||
max_udp_size_action | string | The configuration of inheritance for the max_udp_size field of a View object. | FALSE | string | inherit | |||||||||
notify_action | string | The configuration of inheritance for the notify field of a View object. | FALSE | string | inherit | |||||||||
gss_tsig_enabled_action | string | The configuration of inheritance for the gss_tsig_enabled field of a View object. | FALSE | string | inherit | |||||||||
add_edns_option_in_outgoing_query_action | string | The configuration of inheritance for the add_edns_option_in_outgoing_query field of a View object. | FALSE | string | inherit | |||||||||
synthesize_address_records_from_https_action | string | The configuration of inheritance for the synthesize_address_records_from_https field of a View object. | FALSE | string | inherit | |||||||||
tags | string | The tags for the DNS view, in JSON format. | FALSE | expandtags | ||||||||||
edns_udp_size | integer | Represents the edns UDP size. | FALSE | string | ||||||||||
max_udp_size | integer | Represents the maximum size of a UDP payload. The maximum number of bytes a responding DNS server will send to a UDP datagram. | FALSE | string | ||||||||||
notify | boolean | Notify all external secondary DNS servers. | FALSE | string | ||||||||||
gss_tsig_enabled | boolean | Enables or disables GSS-TSIG signed dynamic updates. | FALSE | string | ||||||||||
add_edns_option_in_outgoing_query | boolean | Adds the client IP, MAC address, and view name into an outgoing recursive query. | FALSE | string | ||||||||||
synthesize_address_records_from_https | boolean | Enables or disables the creation of A/AAAA records from the HTTPS RR. | FALSE | string |