views (dnsconfig)
- Sri Raghu
Mandatory parameters are denoted by an * (asterisk).
header | type | description | required | encoding | sample | object_headers |
|
|
|
|
|
|
|
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
HEADER-dnsconfig-v2-view* | string | The primary identifier of the header stating the type of object. | TRUE | string |
|
|
|
|
|
|
|
|
|
|
key* | string | The primary identifier of an individual object. For DNS View, the name of the view is used as the key. | TRUE | string |
|
|
|
|
|
|
|
|
|
|
name* | string | The view's name. | TRUE | string |
|
|
|
|
|
|
|
|
|
|
comment | string | The comment for the view. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
disabled | boolean | An indication of whether an object is to be disabled. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
query_acl | array | To make authoritative queries, clients must match this ACL. | FALSE | nios |
| element | access | address | acl | tsig_key | tsig_name | tsig_comment | tsig_algorithm | tsig_secret |
minimal_responses | boolean | When enabled, the DNS server will only add records to the authority and additional data sections when they are required. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
transfer_acl | array | To receive zone transfers, clients must match this ACL. | FALSE | nios |
| element | access | address | acl | tsig_key | tsig_name | tsig_comment | tsig_algorithm | tsig_secret |
recursion_enabled | boolean | If set to "true", recursive DNS queries are allowed. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
recursion_acl | array | To make recursive queries, clients must match this ACL. | FALSE | nios |
| element | access | address | acl | tsig_key | tsig_name | tsig_comment | tsig_algorithm | tsig_secret |
lame_ttl | integer | Not used in the current implementation of the on-prem DNS server. Unsigned integer; min 0, max 3600 (1 hour). | FALSE | string |
|
|
|
|
|
|
|
|
|
|
max_cache_ttl | integer | Seconds to cache positive responses. Unsigned integer; min 1, max 604800 (7 days). | FALSE | string |
|
|
|
|
|
|
|
|
|
|
max_negative_ttl | integer | Seconds to cache negative responses. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
custom_root_ns_enabled | boolean | Indicates whether custom root nameservers are to be used instead of the default ones. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
custom_root_ns | array | The list of custom root nameservers. The order does not matter. Error if empty while custom_root_ns_enabled is "true". Error if there are duplicate items in the list. | FALSE | nios |
| root_ns_address | root_ns_fqdn |
|
|
|
|
|
|
|
forwarders | array | The list of forwarders. | FALSE | nios |
| forwarder_address | forwarder_fqdn |
|
|
|
|
|
|
|
forwarders_only | boolean | Set to "true" to only forward. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
use_forwarders_for_subzones | boolean | Use default forwarders to resolve queries for subzones. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
refresh | integer | ZoneAuthority refresh. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
retry | integer | ZoneAuthority retry. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
expire | integer | ZoneAuthority expire time, in seconds. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
default_ttl | integer | ZoneAuthority default TTL (in seconds) for resource records in the zone. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
negative_ttl | integer | ZoneAuthority negative caching (minimum) TTL, in seconds. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
rname | string | ZoneAuthority rname. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
mname | string | ZoneAuthority master name server in punycode. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
use_default_mname | boolean | Use the default value for the master nameserver. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
update_acl | array | Specifies which hosts are allowed to issue. | FALSE | nios |
| element | access | address | acl | tsig_key | tsig_name | tsig_comment | tsig_algorithm | tsig_secret |
ecs_enabled | boolean | Use to enable EDNS client subnet for recursive queries. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
ecs_forwarding | boolean | Use to enable ECS options in outbound queries. This functionality has additional overhead, so it is disabled by default. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
ecs_prefix_v4 | integer | Maximum scope length for v4 ECS. Unsigned integer; min 1, max 24. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
ecs_prefix_v6 | integer | Maximum scope length for v6 ECS. Unsigned integer; min 1, max 56. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
ecs_zones | array | The list of zones where ECS queries may be sent. | FALSE | nios |
| ecs_zone_fqdn | ecs_zone_access |
|
|
|
|
|
|
|
dnssec_enabled | boolean | The master toggle for all DNSSEC processing. If this is disabled, other dnssec_*_ configuration is not used. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
dnssec_enable_validation | boolean | Set to perform DNSSEC validation. Ignored if dnssec_enabled is "false". Defaults to "true". | FALSE | string |
|
|
|
|
|
|
|
|
|
|
dnssec_validate_expiry | boolean | Set to reject expired DNSSEC keys.Ignored if either dnssec_enabled or dnssec_enable_validation is "false". | FALSE | string |
|
|
|
|
|
|
|
|
|
|
dnssec_trust_anchors | array | DNSSEC trust anchors. Error if there are items with duplicate (zone, sep, algorithm) combinations. | FALSE | nios |
| trust_anchor_zone | trust_anchor_sep | trust_anchor_algorithm | trust_anchor_public_key |
|
|
|
|
|
match_clients_acl | array | Specifies which clients have access to the view. | FALSE | nios |
| element | access | address | acl | tsig_key | tsig_name | tsig_comment | tsig_algorithm | tsig_secret |
match_destinations_acl | array | Specifies which destination addresses have access to the view. | FALSE | nios |
| element | access | address | acl | tsig_key | tsig_name | tsig_comment | tsig_algorithm | tsig_secret |
match_recursive_only | boolean | If "true", then only recursive queries from matching clients can access the view. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
query_acl_action | string | The configuration of inheritance for the query_acl field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
minimal_responses_action | string | The configuration of inheritance for the minimal_responses field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
transfer_acl_action | string | The configuration of inheritance for the transfer_acl field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
recursion_enabled_action | string | The configuration of inheritance for the recursion_enabled field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
recursion_acl_action | string | The configuration of inheritance for the recursion_acl field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
lame_ttl_action | string | The configuration of inheritance for the lame_ttl field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
max_cache_ttl_action | string | The configuration of inheritance for the max_cache_ttl field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
max_negative_ttl_action | string | The configuration of inheritance for the max_negative_ttl field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
custom_root_ns_block_action | string | The configuration of inheritance for the custom_root_ns_block field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
forwarders_block_action | string | The configuration of inheritance for the forwarders_block field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
use_forwarders_for_subzones_action | string | The configuration of inheritance for the use_forwarders_for_subzones field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
update_acl_action | string | The configuration of inheritance for the update_acl field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
ecs_block_action | string | The configuration of inheritance for the ecs_block field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
dnssec_validation_block_action | string | The configuration of inheritance for the dnssec_validation_block field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
refresh_action | string | The configuration of inheritance for the refresh field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
retry_action | string | The configuration of inheritance for the retry field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
expire_action | string | The configuration of inheritance for the expire field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
default_ttl_action | string | The configuration of inheritance for the default_ttl field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
negative_ttl_action | string | The configuration of inheritance for the negative_ttl field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
rname_action | string | The configuration of inheritance for the rname field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
protocol_rname_action | string | The configuration of inheritance for the protocol_rname field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
mname_block_action | string | The configuration of inheritance for the mname_block field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
match_recursive_only_action | string | The configuration of inheritance for the match_recursive_only field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
edns_udp_size_action | string | The configuration of inheritance for the edns_udp_size field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
max_udp_size_action | string | The configuration of inheritance for the max_udp_size field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
notify_action | string | The configuration of inheritance for the notify field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
gss_tsig_enabled_action | string | The configuration of inheritance for the gss_tsig_enabled field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
add_edns_option_in_outgoing_query_action | string | The configuration of inheritance for the add_edns_option_in_outgoing_query field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
synthesize_address_records_from_https_action | string | The configuration of inheritance for the synthesize_address_records_from_https field of a View object. | FALSE | string | inherit |
|
|
|
|
|
|
|
|
|
tags | string | The tags for the DNS view, in JSON format. | FALSE | expandtags |
|
|
|
|
|
|
|
|
|
|
edns_udp_size | integer | Represents the edns UDP size. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
max_udp_size | integer | Represents the maximum size of a UDP payload. The maximum number of bytes a responding DNS server will send to a UDP datagram. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
notify | boolean | Notify all external secondary DNS servers. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
gss_tsig_enabled | boolean | Enables or disables GSS-TSIG signed dynamic updates. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
add_edns_option_in_outgoing_query | boolean | Adds the client IP, MAC address, and view name into an outgoing recursive query. | FALSE | string |
|
|
|
|
|
|
|
|
|
|
synthesize_address_records_from_https | boolean | Enables or disables the creation of A/AAAA records from the HTTPS RR. | FALSE | string |
|
|
|
|
|
|
|
|
|
|