F5BigDnsApp Reference¶
The F5BigDnsApp Custom Resource (CR) configuration parameters. Each heading below represents the top-level parameter element. For example, to set the virtual server destination address, use spec.destination.address.
Parameters¶
spec¶
| Parameter | Description |
|---|---|
dns |
Specifies configuration of a Domain Name System (DNS) profile used by the virtual server. See spec.dns below for more parameter options. |
destination |
Specifies the destination IP address for clients to use as a DNS resolver. See spec.destination below for more parameter options. |
pool |
Specifies the load balancing pool configuration of the remote DNS servers used to resolve DNS queries. |
monitors |
Specifies the monitor configuration for the pool members. When a member is detected down, DNS queries will not be sent until the status changes to up. See spec.monitors below for more parameter options. |
snat |
Specifies Source Network Address Translation (SNAT) configuration used by the virtual server. See spec.snat below for more parameter options. |
tcpSettings.clientSide |
Specifies a client side F5BigTcpSetting CR referenced by the virtual server, using the metadata.name parameter. |
tcpSettings.serverSide |
Specifies a server side F5BigTcpSetting CR referenced by the virtual server, using the metadata.name parameter. |
udpSettings.clientSide |
Specifies a client side F5BigUdpSetting CR referenced by the virtual server, using the metadata.name parameter. |
udpSettings.serverSide |
Specifies a server side F5BigUdpSetting CR referenced by the virtual server, using the metadata.name parameter. |
vlans |
Specifies a F5BigNetVlan CR to reference that accepts network traffic, using the metadata.name parameter. |
loadBalancingMethod |
Specifies the load balancing algorithm used to load balance name resolution requests among the members: round-robin (default) distributes connections evenly across all pool members. ratio-least-connections distributes connections first to members with the least number of active connections. weighted-round-robin distributes connections across all pool members based on specified weights and ratio-session distributes connections according to the ratio of the number of sessions each pool member has active. |
ipProtocol |
Specifies the IP protocol for the virtual server to direct traffic: udp (default) or tcp. |
logProfile |
Specifies DNS F5BigLogProfile to be used. |
protocolInspectionProfile |
Specifies a F5BigIpsPolicy CR to reference using the spec.name parameter. |
spec.destination¶
| Parameter | Description |
|---|---|
address |
Specifies the virtual server's address. Any of this field and ipv6Address is required to be specified for virtual server destination. |
ipv6Address |
Specifies the virtual server's IPV6 address. Any of this field and address is required to be specified for virtual server destination. |
port |
Specifies the virtual server's port. The default is 53. |
spec.dns¶
| Parameter | Description |
|---|---|
useLocalBind |
Enables local bind DNS server: true or false (default). |
dns64Mode |
Specifies the DNS64 mode: disable (default), secondary, immediate, and v4-only. See spec.dns.dns64mode below for more parameter options. Refer to the CNFs NAT64 guide for implementation assistance. |
dns64Prefix |
The IPv6 prefix used for DNS64 mapping; mapping A to AAAA type records. The default is ::. |
dns64AdditionalSectionRewrite |
Sets DNS64 additional section rewriting. For AAAA and A records in additional section. This field specifies how they are being rewritten. The options are disable (default), v6-only, v4-only, any. See spec.dns.dns64AdditionalSectionRewrite below for more parameter options. |
dnsCache |
Indicates whether to allow queries to be answered non-authoritatively by a DNS cache. It enables caching when referencing a F5BIGDnscache CR (Custom Resource) by metadata.name. The default is empty which means caching is disabled. |
spec.dns.dns64Mode¶
| Value | Description |
|---|---|
disabled |
The BIG-IP system does not map IPv4 addresses to IPv6 addresses. |
secondary |
The BIG-IP system receives an AAAA query and forwards the query to a DNS server. The BIG-IP system then forwards the first good response from the DNS server to the client. If the system receives an A response first, it appends a 96-bit prefix to the record and forwards it to the client. If the system receives an AAAA response first, it simply forwards the response to the client. The system disregards the second response from the DNS server. |
immediate |
The BIG-IP system receives an AAAA query and forwards the query to a DNS server. Only if the server fails to return a response does the BIG-IP system send an A query. If the BIG-IP system receives an A response, it appends a 96-bit user-configured prefix to the record and forwards it to the client. |
v4-only |
The BIG-IP system receives an AAAA query, but forwards an A query to a DNS server. After receiving an A response from the server, the BIG-IP system appends a 96-bit user-configured prefix to the record and forwards it to the client. Important: Select this option only if you know that all your DNS servers are IPv4 only servers. |
spec.dns.dns64AdditionalSectionRewrite¶
| Value | Description |
|---|---|
disable |
The BIG-IP system does not perform additional rewrite. |
v6-only |
The BIG-IP system accepts only A records. The system appends the 96-bit user-configured prefix to a record and returns an IPv6 response to the client. |
v4-only |
The BIG-IP system accepts only AAAA records and returns an IPv6 response to the client. |
any |
The BIG-IP system accepts and returns both A and AAAA records. If the DNS server returns an A record in the Additional section of a DNS message, the BIG-IP system appends the 96-bit user-configured prefix to the record and returns an IPv6 response to the client. |
spec.monitors¶
Note: For all F5BigDnsApp monitors, F5 recommends setting the timeout value to be the same or less than the interval value.
| Parameter | Description |
|---|---|
dns |
DNS monitor configuration. |
icmp |
ICMP monitor configuration. |
tcp |
TCP monitor configuration. |
spec.monitors.dns¶
| Parameter | Description |
|---|---|
acceptRcode |
The RCODE required in the response for an 'up' status: no-error or anything. The default is no-error. |
aliasAddress |
The IP address of the resource that is the destination of this monitor. |
aliasPort |
The port of the resource that is the destination. |
answerContains |
The record types requred in the answer section of the response in order to mark the status of a node up: query-type (default), any-type, or anything. |
enabled |
Specifies whether this monitor is enabled or not: true or false (default). |
queryName |
The query name that the monitor sends a DNS query for. This is a required field of a DNS monitor. |
queryType |
The DNS query type that the monitor sends: a (default) or aaaa. |
recv |
The IP address that the monitor looks for in the DNS response's resource record sections. |
reverse |
Enables the monitor operates in reverse mode. When the monitor is in reverse mode, a successful receive string match marks the monitored object down instead of up: true or false (default). |
interval |
The value applies only when it is greater than the timeout: Endpoints are marked down when unanswered probes exceed the configured interval: 0 to 4294967295. The default is 5. |
timeout |
The value applies only when it is less than the interval value: Endpoints are marked down when unanswered probes exceed the configured timeout: 0 to 4294967295. The default is 5. |
timeUntilUp |
The amount of time, in seconds, after the first successful response before a node is marked up: 0 to 4294967295. The default is 0. |
upInterval |
The frequency, in seconds, at which the system issues the monitor check when the resource is up: 0 to 4294967295. The default is 0. |
spec.monitors.icmp¶
| Parameter | Description |
|---|---|
enabled |
Specifies whether this monitor is enabled or not: true or false (default). |
interval |
The value applies only when it is greater than the timeout: Endpoints are marked down when unanswered probes exceed the configured interval: 0 to 4294967295. The default is 5. |
timeout |
The value applies only when it is less than the interval value: Endpoints are marked down when an unanswered probes exceed the configured timeout: 0 to 4294967295. The default is 5. |
spec.monitors.tcp¶
| Parameter | Description |
|---|---|
enabled |
Specifies whether this monitor is enabled or not: true or false (default). |
interval |
The value applies only when it is greater than the timeout: Endpoints are marked down when unanswered probes exceed the configured interval: 0 to 4294967295. The default is 5. |
timeout |
The value applies only when it is less than the interval value: Endpoints are marked down when unanswered probe exceed the configured timeout: 0 to 4294967295. The default is 5. |
receiveDisableString |
The regular expression, when matched, disables the target. |
receiveString |
The regular expression, when matched, indicated the target is up. |
sendString |
Text string to send to the target. |
spec.pool¶
| Parameter | Description |
|---|---|
minActiveMembers |
Specifies the minimum number of members that must be available in one priority group: 0 (default) to 65535. |
members |
Specifies a list of IP addresses and ports for the service. This is a required field for a pool. |
spec.pool.members¶
| Parameter | Description |
|---|---|
address |
Specifies the address of the service. This is a required field of a pool member. |
port |
Specifies the port of the service: 0 to 65535. The default value is 53. |
priorityGroup |
Specifies the port of the service: 0 (default) to 8. |
spec.snat¶
| Parameter | Description |
|---|---|
type |
Specifies the type of source address translation to use: none (default), snat, or automap. When using snat a snat.pool must be defined. |
pool |
Specifies the name of a F5BigCneSnatpool. The name of F5BigCneSnatpool uses its CR (Custome Resource) metadata.name parameter. You can only use this option when automap and translation are not used. |
spec.tcpSettings¶
| Parameter | Description |
|---|---|
clientSide |
Specifies the name of client-side TCP profile F5BigTcpSetting. The name of F5BigTcpSetting uses its CR (Custome Resource) metadata.name parameter. If not specified, the default sys-default-tcp will be used. |
serverSide |
Specifies the name of server-side TCP profile F5BigTcpSetting. The name of F5BigTcpSetting uses its CR (Custome Resource) metadata.name parameter. If not specified, the default sys-default-tcp will be used. |
spec.udpSettings¶
| Parameter | Description |
|---|---|
clientSide |
Specifies the name of client-side UDP profile F5BigUdpSetting. The name of F5BigUdpSetting uses its CR (Custome Resource) metadata.name parameter. If not specified, the default sys-default-dns-udp will be used. |
serverSide |
Specifies the name of server-side UDP profile F5BigUdpSetting. The name of F5BigUdpSetting uses its CR (Custome Resource) metadata.name parameter. If not specified, the default sys-default-dns-udp will be used. |
spec.vlans¶
| Parameter | Description |
|---|---|
vlanList |
Specifies a list names of F5BigNetVlan that the virtual server will use to either accept traffic. The name of F5BigNetVlan uses its CR (Custome Resource) metadata.name parameter. |
vlanList.item |
A reference to a F5BigNetVlan name. |
disableListedVlans |
When enabled, accept traffic on all VLANs except those defined in the vlans.vlanlist. The parameter: true (default) or false. |