a10_slb_template_dns

Synopsis

DNS template

Parameters

Parameters

Choices/Defaults

Comment

state

str/required

[‘noop’, ‘present’, ‘absent’]

State of the object to be created.

ansible_host

str/required

Host for AXAPI authentication

ansible_username

str/required

Username for AXAPI authentication

ansible_password

str/required

Password for AXAPI authentication

ansible_port

int/required

Port for AXAPI authentication

a10_device_context_id

int

[‘1-8’]

Device ID for aVCS configuration

a10_partition

str

Destination/target partition for object/command

name

str/required

DNS Template Name

default_policy

str

‘nocache’= Cache disable; ‘cache’= Cache enable;

cache_record_serving_policy

str

‘global’= Follow global cofiguration (Default); ‘no-change’= No change in record order; ‘round-robin’= Round-robin;

remove_aa_flag

bool

Make answers created from cache non-authoritative

disable_dns_template

bool

Disable DNS template

period

int

Period in minutes

drop

bool

Drop the malformed query

forward

str

Forward to service group (Service group name)

max_query_length

int

Define Maximum DNS Query Length, default is unlimited (Specify Maximum Length)

max_cache_entry_size

int

Define maximum cache entry size (Maximum cache entry size per VIP (default 1024))

max_cache_size

int

Define maximum cache size (Maximum cache entry per VIP)

enable_cache_sharing

bool

Enable DNS cache sharing

disable_ra_cached_resp

bool

Disable DNS recursive available flag in cached response

remove_padding_to_server

bool

Remove EDNS(0) padding to server

add_padding_to_client

str

‘block-length’= Block-Length Padding; ‘random-block-length’= Random-Block- Length Padding;

remove_edns_csubnet_to_server

bool

Remove EDNS(0) client subnet from client queries

redirect_to_tcp_port

bool

Direct the client to retry with TCP for DNS UDP request

query_id_switch

bool

Use DNS query ID to create sesion

dnssec_service_group

str

Use different service group if DNSSEC DO bit set (Service Group Name)

disable_rpz_attach_soa

bool

Disable attaching SOA due to RPZ

dns_logging

str

dns logging template (DNS Logging template name)

uuid

str

uuid of the object

user_tag

str

Customized tag

udp_retransmit

dict

Field udp_retransmit

retry_interval

int

DNS Retry Interval value 1 - 400 in units of 100ms, default is 10 (default is 1000ms) (1 - 400 in units of 100ms, default is 10 (1000ms/1sec))

max_trials

int

Total number of times to try DNS query to server before closing client connection, default 3

uuid

str

uuid of the object

query_type_filter

dict

Field query_type_filter

query_type_action

str

‘allow’= Allow only certain DNS query types; ‘deny’= Deny only certain DNS query types;

query_type

list

Field query_type

uuid

str

uuid of the object

query_class_filter

dict

Field query_class_filter

query_class_action

str

‘allow’= Allow only certain DNS query classes; ‘deny’= Deny only certain DNS query classes;

query_class

list

Field query_class

uuid

str

uuid of the object

rpz_list

list

Field rpz_list

seq_id

int

sequential id of RPZ

name

str

Specify a Response Policy Zone name

uuid

str

uuid of the object

user_tag

str

Customized tag

logging

dict

Field logging

class_list

dict

Field class_list

name

str

Specify a class list name

uuid

str

uuid of the object

lid_list

list

Field lid_list

response_rate_limiting

dict

Field response_rate_limiting

response_rate

int

Responses exceeding this rate within the window will be dropped (default 5 per second)

filter_response_rate

int

Maximum allowed request rate for the filter. This should match average traffic. (default 10 per seconds)

slip_rate

int

Every n’th response that would be rate-limited will be let through instead

window

int

Rate-Limiting Interval in Seconds (default is one)

enable_log

bool

Enable logging

action

str

‘log-only’= Only log rate-limiting, do not actually rate limit. Requires enable-log configuration; ‘rate-limit’= Rate-Limit based on configuration (Default); ‘whitelist’= Whitelist, disable rate-limiting;

uuid

str

uuid of the object

rrl_class_list_list

list

Field rrl_class_list_list

local_dns_resolution

dict

Field local_dns_resolution

host_list_cfg

list

Field host_list_cfg

local_resolver_cfg

list

Field local_resolver_cfg

uuid

str

uuid of the object

recursive_dns_resolution

dict

Field recursive_dns_resolution

host_list_cfg

list

Field host_list_cfg

ns_cache_lookup

str

‘disabled’= Disable NS Cache Lookup; ‘enabled’= Enable NS Cache Lookup;

use_service_group_response

str

‘disabled’= Start Recursive Resolver if Server response doesnt have final answer; ‘enabled’= Forward Backend Server response to client and dont start recursive resolver;

ipv4_nat_pool

str

IPv4 Source NAT pool or pool group

ipv6_nat_pool

str

IPv6 Source NAT pool or pool group

retries_per_level

int

Number of DNS query retries at each server level before closing client connection, default 6

full_response

bool

Serve all records (authority and additional) when applicable

max_trials

int

Total number of times to try DNS query to server before closing client connection, default 0

request_for_pending_resolution

str

‘drop’= Drop of the request during ongoing; ‘respond-with-servfail’= Respond with SERVFAIL of the request during ongoing; ‘start-new-resolution’= Start new resolution of the request during ongoing;

udp_retry_interval

int

UDP DNS Retry Interval value 1-6, default is 1 sec (1-6 , default is 1 sec)

udp_initial_interval

int

UDP DNS Retry Interval value 1-6, default is 5 sec (1-6, default is 5sec)

use_client_qid

bool

Use client side query id for recursive query

default_recursive

bool

Default recursive mode, forward query to bound service-group if hostnames matched

force_cname_resolution

str

‘enabled’= Force CNAME resolution always; ‘disabled’= Use answer record in CNAME response if it exists, else resolve;

cname_resolution_enabled_slow_parse

bool

Use answer record in CNAME response if it exists, else resolve

uuid

str

uuid of the object

Examples


Return Values

modified_values (changed, dict, )

Values modified (or potential changes if using check_mode) as a result of task operation

axapi_calls (always, list, )

Sequential list of AXAPI calls made by the task

endpoint (, str, [‘/axapi/v3/slb/virtual_server’, ‘/axapi/v3/file/ssl-cert’])

The AXAPI endpoint being accessed.

http_method (, str, [‘POST’, ‘GET’])

HTTP method being used by the primary task to interact with the AXAPI endpoint.

request_body (, complex, )

Params used to query the AXAPI

response_body (, complex, )

Response from the AXAPI

Status

  • This module is not guaranteed to have a backwards compatible interface. [preview]

  • This module is maintained by community.

Authors

  • A10 Networks