APIRef_tm_ltm_dns_cache_validating-resolverΒΆ
mgmt/tm/ltm/dns/cache/validating-resolver
DNS Cache with recursive resolver and DNSSEC validation.
REST Endpoints
- Collection URI
/mgmt/tm/ltm/dns/cache/validating-resolver
- Collection Methods
OPTIONS, GET
- Resource URI
/mgmt/tm/ltm/dns/cache/validating-resolver/~resource id
- Resource Methods
OPTIONS, GET, PUT, PATCH, DELETE, POST
- Resource Natural Key
name, partition, subPath
Properties
Name | Type | Default Value | Required | Access | Description |
---|---|---|---|---|---|
allowedQueryTime |
integer | 200 | optional | read/write | The time allowed for a query to stay in the queue before replaced by a new query when the number of concurrent distinct queries exceeds the limit. The default value is 200 milliseconds. |
answerDefaultZones |
string | no | optional | read/write | Answer queries for default zones: localhost, reverse 127.0.0.1 and ::1, and AS112 zones. The default value is no. |
appService |
string | optional | read/write | ||
dlvAnchors |
string | optional | read/write | List of DNSKEY or DS resource records used to establish DNSSEC validator trust with a DLV registry. Specified in string form (e.g. dig or drill format). The default is none. | |
idx |
uint64 | 0 | optional | read/write | |
ignoreCd |
string | no | optional | read/write | Ignore client queries setting of checking-disabled. Perform validation anyway and only return secure answers. The default value is no. |
keyCacheSize |
integer | 1048576 | optional | read/write | Number of bytes allocated for the DNSKEY cache. The default value is 1m |
localZones |
string | optional | read/write | Zones and associated resource records for which the cache will provide Authoritative answers. | |
maxConcurrentQueries |
integer | 1024 | optional | read/write | Maximum number of concurrent queries used by the resolver. The default value is 1024. |
maxConcurrentTcp |
integer | 20 | optional | read/write | Maximum number of concurrent TCP flows used by the resolver. The default value is 20. |
maxConcurrentUdp |
integer | 8192 | optional | read/write | Maximum number of concurrent UDP flows used by the resolver. The default value is 8192. |
msgCacheSize |
integer | 1048576 | optional | read/write | Number of bytes allocated for the message cache. The default value is 1m |
nameserverCacheCount |
integer | 16536 | optional | read/write | Number of DNS nameservers to cache. The default value is 16k. |
tmPartition |
string | Common | optional | read/write | |
prefetchKey |
string | yes | optional | read/write | Fetch DNSKEY early in validation process. The default value is yes. |
randomizeQueryNameCase |
string | yes | optional | read/write | Enables resolver to randomize the case of query names. The default value is yes. |
rootHints |
string | optional | read/write | List of IP addresses to use for root name servers. Defaults are known Internet root servers. | |
routeDomain |
string | optional | read/write | Route domain for resolver outbound traffic. The default value is the default route domain. | |
rrsetCacheSize |
integer | 10485760 | optional | read/write | Number of bytes allocated for the resource record set cache. The default value is 10m. |
rrsetRotate |
string | none | optional | read/write | Select which resource record set rotation method should be used on cache responses. |
trustAnchors |
string | optional | read/write | List of DNSKEY or DS resource records used to establish DNSSEC validator trust. Specified in string form (e.g. dig or drill format). The default is none. | |
type |
string | cache-resolver | optional | read/write | |
unwantedQueryReplyThreshold |
integer | 0 | optional | read/write | The threshold count of unsolicited query replies which triggers an alert (potential DOS attack underway). The default value is 0 (or off). |
useIpv4 |
string | yes | optional | read/write | Enables resolver to issue IPv4 queries. The default value is yes. |
useIpv6 |
string | yes | optional | read/write | Enables resolver to issue IPv6 queries. The default value is yes. |
useTcp |
string | yes | optional | read/write | Enables resolver to issue tcp queries. The default value is yes. |
useUdp |
string | yes | optional | read/write | Enables resolver to issue udp queries. The default value is yes. |
Array Structures
Name | Type | Default Value | Required | Access | Description |
---|---|---|---|---|---|
/forward-zones |
array_structure | optional | read/write | Manage the set of Forward Zones used by this DNS Cache | |
/response-policy-zones |
array_structure | optional | read/write | Manage the set of Response Policy Zones used by this DNS Cache. | |
/response-policy-zones/action |
string | donotuse | required | read/write | The action to take upon finding a match to the response policy data. |
/response-policy-zones/app-service |
string | optional | read/write | ||
/response-policy-zones/logs-and-stats-only |
string | no | optional | read/write | If enabled, the action is not enforced, but the logs and statistics are updated as if it were. |
/response-policy-zones/walled-garden |
string | optional | read/write | If action is configured to walled-garden, the name of the local zone containing the records to use in the DNS response. |
Copyright (c) 2016, F5 Networks Inc. All Rights Reserved.
The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.