ltm dns zone
ltm dns zone(1) BIG-IP TMSH Manual ltm dns zone(1)
NAME
zone - Configures zones on the BIG-IP(r) system.
MODULE
ltm dns
SYNTAX
Configure the zone component within the ltm dns module using the syntax
in the following sections.
CREATE/MODIFY
create zone [name]
modify zone [name]
options:
app-service [[string] | none]
dns-express-allow-notify [add | delete | none | replace-all-with] {
[IP Address]
}
dns-express-enabled [yes | no]
dns-express-notify-action [ consume | bypass | repeat ]
dns-express-notify-tsig-verify [yes | no]
dns-express-server [server name | none]
response-policy [yes | no]
server-tsig-key [tsig-key name | none]
transfer-clients [add | delete | none | replace-all-with] {
[server name]
}
edit zone [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
reset-stats zone
reset-stats zone [ [ [name] | [glob] | [regex] ] ... ]
DISPLAY
list zone
list zone [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
one-line
show zone [ [ [name] | [glob] | [regex] ] ... ]
options:
(default | exa | gig | kil | meg | peta | raw | tera | yotta | zetta)
field-fmt
DELETE
delete zone [name]
DESCRIPTION
You can use the zone component to configure and view information about
a zone.
EXAMPLES
list zone myZone
Displays the properties of the zone named myZone.
create zone myZone transfer-clients add { nameserver1 nameserver2 }
Creates a zone named myZone, which allows zone data to be transferred
to nameserver1 and nameserver2.
OPTIONS
app-service
Specifies the name of the application service to which the zone
belongs. The default value is none. Note: If the strict-updates
option is enabled on the application service that owns the object,
you cannot modify or delete the zone. Only the application service
can modify or delete the zone.
dns-express-allow-notify
Specifies a list of IP addresses, in addition to the DNS Zone's
DNS-Express Server address, which are allowed to notify the BIGIP
of DNS Zone changes. A notify message coming from an IP which is
neither the address of the zone's DNS Express server nor an
address in this list will be dropped by the BIGIP.
dns-express-enabled [yes | no]
Specifies whether DNS Express is enabled to process queries for
this zone. The default value is yes.
dns-express-notify-action [ consume | bypass | repeat ]
Action to take when a NOTIFY query is received for a configured
zone. Options are consume, bypass, and repeat. Default is consume,
meaning the NOTIFY query is seen only by DNS Express. bypass means
the query will NOT go to DNS Express, but any backend DNS resource
(subject to DNS profile unhandled-query-action). repeat means the
NOTIFY will go to both DNS Express and any backend DNS resource.
If TSIG is configured, the signature is only validated for consume
and repeat actions. NOTIFY responses are assumed to be sent by the
backend DNS resource, except when the action is consume and DNS
Express will generate a response.
dns-express-notify-tsig-verify
Verify NOTIFY query TSIG for a DNS Express zone. Default is yes.
dns-express-server
Specifies the server from which to retrieve zone information for
DNS Express.
glob Displays the items that match the glob expression. See help glob
for a description of glob expression syntax.
name Specifies a unique name for the component. This option is required
for the commands create, delete, and modify.
Note: A successful zone transfer must occur before this zone can
service DNS requests.
regex
Displays the items that match the regular expression. The regular
expression must be preceded by an at sign (@[regular expression])
to indicate that the identifier is a regular expression. See help
regex for a description of regular expression syntax.
response-policy
Specifies if this is a response policy zone. If this is set to
yes, this zone may be assigned as an RPZ to a DNS Cache. Default
is no.
server-tsig-key
Specifies the server side TSIG key associated with the DNS zone.
It should match the TSIG Key associated with the master name
servers.
transfer-clients
Specifies the nameservers allowed to transfer the zone from BIGIP.
SEE ALSO
create, delete, edit, glob, list, show, modify, regex, tmsh
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or
by any means, electronic or mechanical, including photocopying,
recording, or information storage and retrieval systems, for any
purpose other than the purchaser's personal use, without the express
written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2009-2014. All rights reserved.
BIG-IP 2014-10-21 ltm dns zone(1)