ltm dns zone
ltm dns zone(1) BIG-IP TMSH Manual ltm dns zone(1)
NAME
zone - Configures zones on the BIG-IP(r) system.
MODULE
ltm dns
SYNTAX
Configure the zone component within the ltm dns module using the syntax in the following sections.
CREATE/MODIFY
create zone [name]
modify zone [name]
options:
app-service [[string] | none]
description [[string] | none]
dns-express-allow-notify [add | delete | none | replace-all-with] {
[IP Address]
}
dns-express-enabled [yes | no]
dns-express-notify-action [ consume | bypass | repeat ]
dns-express-notify-tsig-verify [yes | no]
dns-express-server [server name | none]
response-policy [yes | no]
server-tsig-key [tsig-key name | none]
transfer-clients [add | delete | none | replace-all-with] {
[server name]
}
edit zone [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
reset-stats zone
reset-stats zone [ [ [name] | [glob] | [regex] ] ... ]
DISPLAY
list zone
list zone [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
one-line
show zone [ [ [name] | [glob] | [regex] ] ... ]
options:
(default | exa | gig | kil | meg | peta | raw | tera | yotta | zetta)
field-fmt
DELETE
delete zone [name]
DESCRIPTION
You can use the zone component to configure and view information about a zone.
EXAMPLES
list zone myZone
Displays the properties of the zone named myZone.
create zone myZone transfer-clients add { nameserver1 nameserver2 }
Creates a zone named myZone, which allows zone data to be transferred to nameserver1 and nameserver2.
OPTIONS
app-service
Specifies the name of the application service to which the zone belongs. The default value is none. Note: If the
strict-updates option is enabled on the application service that owns the object, you cannot modify or delete the
zone. Only the application service can modify or delete the zone.
description
User defined description.
dns-express-allow-notify
Specifies a list of IP addresses, in addition to the DNS Zone's DNS-Express Server address, which are allowed to
notify the BIGIP of DNS Zone changes. A notify message coming from an IP which is neither the address of the zone's
DNS Express server nor an address in this list will be dropped by the BIGIP.
dns-express-enabled [yes | no]
Specifies whether DNS Express is enabled to process queries for this zone. The default value is yes.
dns-express-notify-action [ consume | bypass | repeat ]
Action to take when a NOTIFY query is received for a configured zone. Options are consume, bypass, and repeat. Default
is consume, meaning the NOTIFY query is seen only by DNS Express. bypass means the query will NOT go to DNS Express,
but any backend DNS resource (subject to DNS profile unhandled-query-action). repeat means the NOTIFY will go to both
DNS Express and any backend DNS resource. If TSIG is configured, the signature is only validated for consume and
repeat actions. NOTIFY responses are assumed to be sent by the backend DNS resource, except when the action is consume
and DNS Express will generate a response.
dns-express-notify-tsig-verify
Verify NOTIFY query TSIG for a DNS Express zone. Default is yes.
dns-express-server
Specifies the server from which to retrieve zone information for DNS Express.
glob Displays the items that match the glob expression. See help glob for a description of glob expression syntax.
name Specifies a unique name for the component. This option is required for the commands create, delete, and modify.
Note: A successful zone transfer must occur before this zone can service DNS requests.
regex
Displays the items that match the regular expression. The regular expression must be preceded by an at sign (@[regular
expression]) to indicate that the identifier is a regular expression. See help regex for a description of regular
expression syntax.
response-policy
Specifies if this is a response policy zone. If this is set to yes, this zone may be assigned as an RPZ to a DNS
Cache. Default is no.
server-tsig-key
Specifies the server side TSIG key associated with the DNS zone. It should match the TSIG Key associated with the
master name servers.
transfer-clients
Specifies the nameservers allowed to transfer the zone from BIGIP.
SEE ALSO
create, delete, edit, glob, list, show, modify, regex, tmsh
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or by any means, electronic or mechanical, including
photocopying, recording, or information storage and retrieval systems, for any purpose other than the purchaser's personal
use, without the express written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2009-2014. All rights reserved.
BIG-IP 2017-09-07 ltm dns zone(1)