DNS_Zone (object)¶
Configures a DNS zone
Properties (* = required):
name | type(s) | default | allowed values | description |
---|---|---|---|---|
class* | string | “DNS_Zone” | ||
dnsExpress | object | Configure zone DNS Express settings | ||
label | string | “^[^x00-x1fx22#&*<>?x5b-x5d`x7f]*$” | Optional friendly name for this object. Allows 0-64 chars, excluding a few likely to cause trouble with string searching, JS, TCL, or HTML | |
remark | string | “^[^x00-x1fx22x5cx7f]*$” | Arbitrary (brief) text pertaining to this object. Allows 0-64 chars, excluding only control characters, double-quote, and backslash. This is permissive enough that you should worry about XSS attacks | |
responsePolicyEnabled | boolean | false | true, false | Specifies if this is a response policy zone. If this is set to yes, this zone may be assigned as an RPZ to a DNS Cache |
serverTsigKey | object | Reference to a DNS TSIG key | ||
transferClients | array | Specifies the DNS nameservers to which the system sends NOTIFY messages. The system allows only the DNS nameservers in the Active column to initiate AXFR zone transfers for this DNS zone. |
DNS_Zone.dnsExpress (object)¶
Configure zone DNS Express settings
Properties (* = required):
name | type(s) | default | allowed values | description |
---|---|---|---|---|
allowNotifyFrom | array | Specifies the IP addresses from which the system accepts NOTIFY messages for this DNS Express zone | ||
enabled | boolean | true | true, false | Specifies whether DNS Express is enabled to process queries for this zone |
nameserver* | object | Specifies the back-end authoritative DNS server from which the BIG-IP system receives AXFR zone transfers for the DNS Express zone. The options are None and user-defined nameservers.,Reference to a DNS nameserver | ||
notifyAction | string | “consume” | “consume”, “bypass”, “repeat” | Specifies the action the system takes when a NOTIFY message is received for this DNS Express zone. NOTIFY responses are assumed to be sent by the authoritative nameserver for the zone, except when the action is Consume, and then DNS Express generates the response. Note: If a TSIG key is configured for the zone, the signature is only validated for Consume and Repeat actions. |
verifyNotifyTsig | boolean | true | true, false | Specifies whether the system verifies the identity of the authoritative nameserver that sends updated information for this DNS Express zone |
DNS_Zone.dnsExpress.nameserver (object)¶
Specifies the back-end authoritative DNS server from which the BIG-IP system receives AXFR zone transfers for the DNS Express zone. The options are None and user-defined nameservers. Reference to a DNS nameserver
Properties (* = required):
name | type(s) | default | allowed values | description |
---|---|---|---|---|
bigip | string | “f5bigip” formatted string | Pathname of existing BIG-IP DNS nameserver | |
use | string | AS3 pointer to DNS nameserver declaration |
DNS_Zone.serverTsigKey (object)¶
Reference to a DNS TSIG key
Properties (* = required):
name | type(s) | default | allowed values | description |
---|---|---|---|---|
bigip | string | “f5bigip” formatted string | Pathname of existing BIG-IP DNS TSIG key | |
use | string | AS3 pointer to DNS TSIG key declaration |
DNS_Zone_DNS_Express (object)¶
Configure zone DNS Express settings
Properties (* = required):
name | type(s) | default | allowed values | description |
---|---|---|---|---|
allowNotifyFrom | array | Specifies the IP addresses from which the system accepts NOTIFY messages for this DNS Express zone | ||
enabled | boolean | true | true, false | Specifies whether DNS Express is enabled to process queries for this zone |
nameserver* | object | Specifies the back-end authoritative DNS server from which the BIG-IP system receives AXFR zone transfers for the DNS Express zone. The options are None and user-defined nameservers.,Reference to a DNS nameserver | ||
notifyAction | string | “consume” | “consume”, “bypass”, “repeat” | Specifies the action the system takes when a NOTIFY message is received for this DNS Express zone. NOTIFY responses are assumed to be sent by the authoritative nameserver for the zone, except when the action is Consume, and then DNS Express generates the response. Note: If a TSIG key is configured for the zone, the signature is only validated for Consume and Repeat actions. |
verifyNotifyTsig | boolean | true | true, false | Specifies whether the system verifies the identity of the authoritative nameserver that sends updated information for this DNS Express zone |
DNS_Zone_DNS_Express.nameserver (object)¶
Specifies the back-end authoritative DNS server from which the BIG-IP system receives AXFR zone transfers for the DNS Express zone. The options are None and user-defined nameservers. Reference to a DNS nameserver
Properties (* = required):
name | type(s) | default | allowed values | description |
---|---|---|---|---|
bigip | string | “f5bigip” formatted string | Pathname of existing BIG-IP DNS nameserver | |
use | string | AS3 pointer to DNS nameserver declaration |