DNS_Cache (object)¶

Configures a DNS cache

Properties (* = required):

name	type(s)	allowed values	description
/*/
class*	string	“DNS_Cache”
label	string	“^[^x00-x1fx22#&<>?x5b-x5d`x7f]$”	Optional friendly name for this object. Allows 0-64 chars, excluding a few likely to cause trouble with string searching, JS, TCL, or HTML
remark	string	“^[^x00-x1fx22x5cx7f]*$”	Arbitrary (brief) text pertaining to this object. Allows 0-64 chars, excluding only control characters, double-quote, and backslash. This is permissive enough that you should worry about XSS attacks
type*	string	“transparent”, “resolver”, “validating-resolver”	Type of DNS cache

DNS_Cache_Resolver (object)¶

DNS Cache with recursive resolver

Properties (* = required):

name	type(s)	default	allowed values	description
/*/
allowedQueryTime	integer	200	0 - 4294967295	The time allowed for a query to stay in the queue before replaced by a new query when the number of concurrent distinct queries exceeds the limit. The default value is 200 milliseconds.
answerDefaultZones	boolean	false	true, false	Specifies whether the system answers DNS queries for the default zones localhost, reverse 127.0.0.1 and ::1, and AS112
forwardZones	object			Manage the set of Forward Zones used by this DNS Cache
localZones	object			Configures resource records that a DNS cache uses to resolve matching DNS queries with authoritative DNS responses
maxConcurrentQueries	integer	1024	0 - 4294967295	Maximum number of concurrent queries used by the resolver. The default value is 1024
maxConcurrentTcp	integer	20	0 - 4294967295	Maximum number of concurrent TCP flows used by the resolver. The default value is 20
maxConcurrentUdp	integer	8192	0 - 4294967295	Maximum number of concurrent UDP flows used by the resolver. The default value is 8192
msgCacheSize	integer	1048576	0 - 4294967295	Number of bytes allocated for the message cache. The default value is 1m
nameserverCacheCount	integer	16536	0 - 4294967295	Number of DNS nameservers to cache. The default value is 16k
randomizeQueryNameCase	boolean	true	true, false	Enables resolver to randomize the case of query names. The default value is yes
recordCacheSize	integer	10485760	0 - 4294967295	Number of bytes allocated for the resource record set cache. The default value is 10m
recordRotationMethod	string	“none”	“none”, “query-id”	Select which resource record set rotation method should be used on cache responses
rootHints	array			List of IP addresses to use for root name servers. Defaults are known Internet root servers.
routeDomain	object	{“bigip”:”/Common/0”}		Reference to a route domain
unwantedQueryReplyThreshold	integer	0	0 - 4294967295	The threshold count of unsolicited query replies which triggers an alert (potential DOS attack underway). The default value is 0 (or off)
useIpv4	boolean	true	true, false	Enables resolver to issue IPv4 queries. The default value is yes
useIpv6	boolean	true	true, false	Enables resolver to issue IPv6 queries. The default value is yes
useTcp	boolean	true	true, false	Enables resolver to issue tcp queries. The default value is yes
useUdp	boolean	true	true, false	Enables resolver to issue udp queries. The default value is yes

DNS_Cache_Resolver.forwardZones (object)¶

Manage the set of Forward Zones used by this DNS Cache

Properties (* = required):

name	type(s)	default	allowed values	description
/*/	object			Manage the set of Forward Zones used by DNS Cache

DNS_Cache_Resolver.forwardZones./*/ (object)¶

Manage the set of Forward Zones used by DNS Cache

Properties (* = required):

name	type(s)	default	allowed values	description
/*/
nameservers	array			An array of nameservers and ports

DNS_Cache_Resolver.localZones (object)¶

Configures resource records that a DNS cache uses to resolve matching DNS queries with authoritative DNS responses

Properties (* = required):

name	type(s)	default	allowed values	description
/*/	object			Configures resource records that a DNS cache uses to resolve matching DNS queries with authoritative DNS responses

DNS_Cache_Resolver.localZones./*/ (object)¶

Configures resource records that a DNS cache uses to resolve matching DNS queries with authoritative DNS responses

Properties (* = required):

name	type(s)	default	allowed values	description
/*/
records	array			A or AAAA record entry
type	string	“transparent”	“deny”, “redirect”, “refuse”, “static”, “transparent”, “type-transparent”	Describes how the cache handles a non-matching query for the local zone

DNS_Cache_Resolver.routeDomain (object)¶

Reference to a route domain

Default: {“bigip”:”/Common/0”}

Properties (* = required):

name	type(s)	default	allowed values	description
bigip	string		“f5bigip” formatted string	Pathname of existing BIG-IP route domain

DNS_Cache_Transparent (object)¶

Properties for a DNS transparent cache

Properties (* = required):

name	type(s)	default	allowed values	description
/*/
answerDefaultZones	boolean	false	true, false	Specifies whether the system answers DNS queries for the default zones localhost, reverse 127.0.0.1 and ::1, and AS112
localZones	object			Configures resource records that a DNS cache uses to resolve matching DNS queries with authoritative DNS responses
messageCacheSize	integer	1048576	0 - 4294967295	Specifies the maximum size of the message cache in bytes
recordCacheSize	integer	10485760	1 - 4294967295	Specifies the maximum size of the resource record (RR) cache in bytes
recordRotationMethod	string	“none”	“none”, “query-id”	Specifies the resource record rotation method used within cached responses

DNS_Cache_Transparent.localZones (object)¶

Configures resource records that a DNS cache uses to resolve matching DNS queries with authoritative DNS responses

Properties (* = required):

name	type(s)	default	allowed values	description
/*/	object			Configures resource records that a DNS cache uses to resolve matching DNS queries with authoritative DNS responses

DNS_Cache_Transparent.localZones./*/ (object)¶

Configures resource records that a DNS cache uses to resolve matching DNS queries with authoritative DNS responses

Properties (* = required):

name	type(s)	default	allowed values	description
/*/
records	array			A or AAAA record entry
type	string	“transparent”	“deny”, “redirect”, “refuse”, “static”, “transparent”, “type-transparent”	Describes how the cache handles a non-matching query for the local zone

DNS_Cache_Validating_Resolver (object)¶

DNS Cache with recursive resolver and DNSSEC validation

Properties (* = required):

name	type(s)	default	allowed values	description
/*/
allowedQueryTime	integer	200	0 - 4294967295	The time allowed for a query to stay in the queue before replaced by a new query when the number of concurrent distinct queries exceeds the limit. The default value is 200 milliseconds.
answerDefaultZones	boolean	false	true, false	Specifies whether the system answers DNS queries for the default zones localhost, reverse 127.0.0.1 and ::1, and AS112
forwardZones	object			Manage the set of Forward Zones used by this DNS Cache
ignoreCd	boolean	false	true, false	Ignore client queries setting of checking-disabled. Perform validation anyway and only return secure answers. The default value is no
keyCacheSize	integer	1048576	0 - 4294967295	Number of bytes allocated for the DNSKEY cache. The default value is 1m
localZones	object			Configures resource records that a DNS cache uses to resolve matching DNS queries with authoritative DNS responses
maxConcurrentQueries	integer	1024	0 - 4294967295	Maximum number of concurrent queries used by the resolver. The default value is 1024
maxConcurrentTcp	integer	20	0 - 4294967295	Maximum number of concurrent TCP flows used by the resolver. The default value is 20
maxConcurrentUdp	integer	8192	0 - 4294967295	Maximum number of concurrent UDP flows used by the resolver. The default value is 8192
msgCacheSize	integer	1048576	0 - 4294967295	Number of bytes allocated for the message cache. The default value is 1m
nameserverCacheCount	integer	16536	0 - 4294967295	Number of DNS nameservers to cache. The default value is 16k
prefetchKey	boolean	true	true, false	Fetch DNSKEY early in validation process. The default value is yes
randomizeQueryNameCase	boolean	true	true, false	Enables resolver to randomize the case of query names. The default value is yes
recordCacheSize	integer	10485760	0 - 4294967295	Number of bytes allocated for the resource record set cache. The default value is 10m
recordRotationMethod	string	“none”	“none”, “query-id”	Select which resource record set rotation method should be used on cache responses
rootHints	array			List of IP addresses to use for root name servers. Defaults are known Internet root servers.
routeDomain	object	{“bigip”:”/Common/0”}		Reference to a route domain
trustAnchors	array			List of DNSKEY or DS resource records used to establish DNSSEC validator trust. Specified in string form (e.g. dig or drill format). The default is none
unwantedQueryReplyThreshold	integer	0	0 - 4294967295	The threshold count of unsolicited query replies which triggers an alert (potential DOS attack underway). The default value is 0 (or off)
useIpv4	boolean	true	true, false	Enables resolver to issue IPv4 queries. The default value is yes
useIpv6	boolean	true	true, false	Enables resolver to issue IPv6 queries. The default value is yes
useTcp	boolean	true	true, false	Enables resolver to issue tcp queries. The default value is yes
useUdp	boolean	true	true, false	Enables resolver to issue udp queries. The default value is yes

DNS_Cache_Validating_Resolver.forwardZones (object)¶

Manage the set of Forward Zones used by this DNS Cache

Properties (* = required):

name	type(s)	default	allowed values	description
/*/	object			Manage the set of Forward Zones used by DNS Cache

DNS_Cache_Validating_Resolver.forwardZones./*/ (object)¶

Manage the set of Forward Zones used by DNS Cache

Properties (* = required):

name	type(s)	default	allowed values	description
/*/
nameservers	array			An array of nameservers and ports

DNS_Cache_Validating_Resolver.localZones (object)¶

Configures resource records that a DNS cache uses to resolve matching DNS queries with authoritative DNS responses

Properties (* = required):

name	type(s)	default	allowed values	description
/*/	object			Configures resource records that a DNS cache uses to resolve matching DNS queries with authoritative DNS responses

DNS_Cache_Validating_Resolver.localZones./*/ (object)¶

Configures resource records that a DNS cache uses to resolve matching DNS queries with authoritative DNS responses

Properties (* = required):

name	type(s)	default	allowed values	description
/*/
records	array			A or AAAA record entry
type	string	“transparent”	“deny”, “redirect”, “refuse”, “static”, “transparent”, “type-transparent”	Describes how the cache handles a non-matching query for the local zone

DNS_Cache_Validating_Resolver.routeDomain (object)¶

Reference to a route domain

Default: {“bigip”:”/Common/0”}

Properties (* = required):

name	type(s)	default	allowed values	description
bigip	string		“f5bigip” formatted string	Pathname of existing BIG-IP route domain

DNS_Zone_Forward (object)¶

Manage the set of Forward Zones used by DNS Cache

Properties (* = required):

name	type(s)	default	allowed values	description
/*/
nameservers	array			An array of nameservers and ports

DNS_Zone_Local (object)¶

Configures resource records that a DNS cache uses to resolve matching DNS queries with authoritative DNS responses

Properties (* = required):

name	type(s)	default	allowed values	description
/*/
records	array			A or AAAA record entry
type	string	“transparent”	“deny”, “redirect”, “refuse”, “static”, “transparent”, “type-transparent”	Describes how the cache handles a non-matching query for the local zone

Previous Next