slb template dns¶

DNS template

dns Specification¶

Type Collection

Object Key(s) name

Collection Name dns-list

Collection URI /axapi/v3/slb/template/dns

Element Name dns

Element URI /axapi/v3/slb/template/dns/{name}

Element Attributes dns_attributes

Schema dns schema

Operations Allowed:

Operation	Method	URI	Payload
Create Object	POST	/axapi/v3/slb/template/dns	dns attributes
Create List	POST	/axapi/v3/slb/template/dns	dns attributes
Get Object	GET	/axapi/v3/slb/template/dns/{name}	dns attributes
Get List	GET	/axapi/v3/slb/template/dns	dns-list
Modify Object	POST	/axapi/v3/slb/template/dns/{name}	dns attributes
Replace Object	PUT	/axapi/v3/slb/template/dns/{name}	dns attributes
Replace List	PUT	/axapi/v3/slb/template/dns	dns-list
Delete Object	DELETE	/axapi/v3/slb/template/dns/{name}	dns attributes

dns-list¶

dns-list is JSON List of dns attributes

dns-list : [

{ dns attributes },

{ dns attributes },

…

]

dns attributes¶

add-padding-to-client

Description ‘block-length’: Block-Length Padding; ‘random-block-length’: Random-Block-Length Padding;

Type: string

Supported Values: block-length, random-block-length

cache-record-serving-policy

Description ‘global’: Follow global cofiguration (Default); ‘no-change’: No change in record order; ‘round-robin’: Round-robin;

Type: string

Supported Values: global, no-change, round-robin

class-list

Description: class-list is a JSON Block. Please see below for class-list

Type: Object

Reference Object: /axapi/v3/slb/template/dns/{name}/class-list

default-policy

Description ‘nocache’: Cache disable; ‘cache’: Cache enable;

Type: string

Supported Values: nocache, cache

Default: nocache

disable-dns-template

Description Disable DNS template

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

disable-ra-cached-resp

Description Disable DNS recursive available flag in cached response

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

disable-rpz-attach-soa

Description Disable attaching SOA due to RPZ

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

dns-logging

Description dns logging template (DNS Logging template name)

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/slb/template/dns-logging

dnssec-service-group

Description Use different service group if DNSSEC DO bit set (Service Group Name)

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/slb/service-group

drop

Description Drop the malformed query

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: drop and forward are mutually exclusive

enable-cache-sharing

Description Enable DNS cache sharing

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

forward

Description Forward to service group (Service group name)

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

Mutual Exclusion: forward and drop are mutually exclusive

Reference Object: /axapi/v3/slb/service-group

local-dns-resolution

Description: local-dns-resolution is a JSON Block. Please see below for local-dns-resolution

Type: Object

Reference Object: /axapi/v3/slb/template/dns/{name}/local-dns-resolution

max-cache-entry-size

Description Define maximum cache entry size (Maximum cache entry size per VIP (default 1024))

Type: number

Range: 1-4096

Default: 1024

max-cache-size

Description Define maximum cache size (Maximum cache entry per VIP)

Type: number

max-query-length

Description Define Maximum DNS Query Length, default is unlimited (Specify Maximum Length)

Type: number

Range: 1-4095

name

Description DNS Template Name

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

period

Description Period in minutes

Type: number

Range: 1-10000

query-class-filter

Description: query-class-filter is a JSON Block. Please see below for query-class-filter

Type: Object

Reference Object: /axapi/v3/slb/template/dns/{name}/query-class-filter

query-id-switch

Description Use DNS query ID to create sesion

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

query-type-filter

Description: query-type-filter is a JSON Block. Please see below for query-type-filter

Type: Object

Reference Object: /axapi/v3/slb/template/dns/{name}/query-type-filter

recursive-dns-resolution

Description: recursive-dns-resolution is a JSON Block. Please see below for recursive-dns-resolution

Type: Object

Reference Object: /axapi/v3/slb/template/dns/{name}/recursive-dns-resolution

redirect-to-tcp-port

Description Direct the client to retry with TCP for DNS UDP request

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

remove-aa-flag

Description Make answers created from cache non-authoritative

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

remove-edns-csubnet-to-server

Description Remove EDNS(0) client subnet from client queries

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

remove-padding-to-server

Description Remove EDNS(0) padding to server

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

response-rate-limiting

Description: response-rate-limiting is a JSON Block. Please see below for response-rate-limiting

Type: Object

Reference Object: /axapi/v3/slb/template/dns/{name}/response-rate-limiting

rpz-list

Type: List

Reference Object: /axapi/v3/slb/template/dns/{name}/rpz/{seq-id}

udp-retransmit

Description: udp-retransmit is a JSON Block. Please see below for udp-retransmit

Type: Object

Reference Object: /axapi/v3/slb/template/dns/{name}/udp-retransmit

user-tag

Description Customized tag

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

response-rate-limiting¶

Specification

Type object

action

Description ‘log-only’: Only log rate-limiting, do not actually rate limit. Requires enable-log configuration; ‘rate-limit’: Rate-Limit based on configuration (Default); ‘whitelist’: Whitelist, disable rate-limiting;

Type: string

Supported Values: log-only, rate-limit, whitelist

Default: rate-limit

enable-log

Description Enable logging

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

filter-response-rate

Description Maximum allowed request rate for the filter. This should match average traffic. (default 10 per seconds)

Type: number

Range: 1-1000

Default: 10

response-rate

Description Responses exceeding this rate within the window will be dropped (default 5 per second)

Type: number

Range: 1-1000

Default: 5

rrl-class-list-list

Type: List

Reference Object: /axapi/v3/slb/template/dns/{name}/response-rate-limiting/rrl-class-list/{name}

slip-rate

Description Every n’th response that would be rate-limited will be let through instead

Type: number

Range: 2-10

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

window

Description Rate-Limiting Interval in Seconds (default is one)

Type: number

Range: 1-60

Default: 1

response-rate-limiting_rrl-class-list-list¶

Specification

Type list

Block object keys

lid-list

Type: List

Reference Object: /axapi/v3/slb/template/dns/{name}/response-rate-limiting/rrl-class-list/{name}/lid/{lidnum}

name

Description Class-list name

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

user-tag

Description Customized tag

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

response-rate-limiting_rrl-class-list-list_lid-list¶

Specification

Type list

Block object keys

lid-action

Description ‘log-only’: Only log rate-limiting, do not actually rate limit. Requires enable-log configuration; ‘rate-limit’: Rate-Limit based on configuration (Default); ‘whitelist’: Whitelist, disable rate-limiting;

Type: string

Supported Values: log-only, rate-limit, whitelist

Default: rate-limit

lid-enable-log

Description Enable logging

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

lid-response-rate

Description Responses exceeding this rate within the window will be dropped (default 5 per second)

Type: number

Range: 1-1000

Default: 5

lid-slip-rate

Description Every n’th response that would be rate-limited will be let through instead

Type: number

Range: 2-10

lid-window

Description Rate-Limiting Interval in Seconds (default is one)

Type: number

Range: 1-60

Default: 1

lidnum

Description Specify a limit ID

Type: number

Range: 1-1023

user-tag

Description Customized tag

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

rpz-list¶

Specification

Type list

Block object keys

logging

Description: logging is a JSON Block. Please see below for rpz-list_logging

Type: Object

Reference Object: /axapi/v3/slb/template/dns/{name}/rpz/{seq-id}/logging

name

Description Specify a Response Policy Zone name

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

seq-id

Description sequential id of RPZ

Type: number

Range: 1-8

user-tag

Description Customized tag

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

rpz-list_logging¶

Specification

Type object

enable

Description Log RPZ triggered action

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

rpz-action

Type: List

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

rpz-list_logging_rpz-action¶

Specification

Type list

Block object keys

str-rpz-action

Description ‘drop’: Log RPZ due to drop action; ‘pass-thru’: Log RPZ due to pass-thru action; ‘nxdomain’: Log RPZ due to nxdomain action; ‘nodata’: Log RPZ due to nodata action; ‘tcp-only’: Log RPZ due to tcp-only action; ‘local-data’: Log RPZ due to local-data action;

Type: string

Supported Values: drop, pass-thru, nxdomain, nodata, tcp-only, local-data

recursive-dns-resolution¶

Specification

Type object

full-response

Description Serve all records (authority and additional) when applicable

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

host-list-cfg

Type: List

ipv4-nat-pool

Description IPv4 Source NAT pool or pool group

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/ip/nat/pool

ipv6-nat-pool

Description IPv6 Source NAT pool or pool group

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/ipv6/nat/pool

max-trials

Description Total number of times to try DNS query to server before closing client connection, default 0

Type: number

Range: 0-255

Default: 0

ns-cache-lookup

Description ‘disabled’: Disable NS Cache Lookup; ‘enabled’: Enable NS Cache Lookup;

Type: string

Supported Values: disabled, enabled

Default: enabled

retries-per-level

Description Number of DNS query retries at each server level before closing client connection, default 6

Type: number

Range: 1-6

Default: 6

use-client-qid

Description Use client side query id for recursive query

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

use-service-group-response

Description ‘disabled’: Start Recursive Resolver if Server response doesnt have final answer; ‘enabled’: Forward Backend Server response to client and dont start recursive resolver;

Type: string

Supported Values: disabled, enabled

Default: enabled

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

recursive-dns-resolution_host-list-cfg¶

Specification

Type list

Block object keys

hostnames

Description Hostnames class-list name (ac type)

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/class-list

class-list¶

Specification

Type object

lid-list

Type: List

Reference Object: /axapi/v3/slb/template/dns/{name}/class-list/lid/{lidnum}

name

Description Specify a class list name

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

class-list_lid-list¶

Specification

Type list

Block object keys

action-value

Description ‘dns-cache-disable’: Disable DNS cache when it exceeds limit; ‘dns-cache-enable’: Enable DNS cache when it exceeds limit; ‘forward’: Forward the traffic even it exceeds limit;

Type: string

Supported Values: dns-cache-disable, dns-cache-enable, forward

conn-rate-limit

Description Connection rate limit

Type: number

Range: 1-2147483647

dns

Description: dns is a JSON Block. Please see below for class-list_lid-list_dns

Type: Object

lidnum

Description Specify a limit ID

Type: number

Range: 1-1023

lockout

Description Don’t accept any new connection for certain time (Lockout duration in minutes)

Type: number

Range: 1-1023

log

Description Log a message

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

log-interval

Description Log interval (minute, by default system will log every over limit instance)

Type: number

Range: 1-255

over-limit-action

Description Action when exceeds limit

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

per

Description Per (Number of 100ms)

Type: number

Range: 1-65535

user-tag

Description Customized tag

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

class-list_lid-list_dns¶

Specification

Type object

cache-action

Description ‘cache-disable’: Disable dns cache; ‘cache-enable’: Enable dns cache;

Type: string

Supported Values: cache-disable, cache-enable

Default: cache-disable

honor-server-response-ttl

Description Honor the server reponse TTL

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ttl

Description TTL for cache entry (TTL in seconds)

Type: number

Range: 1-65535

weight

Description Weight for cache entry

Type: number

Range: 1-7

udp-retransmit¶

Specification

Type object

max-trials

Description Total number of times to try DNS query to server before closing client connection, default 3

Type: number

Range: 1-5

Default: 3

retry-interval

Description DNS Retry Interval value 1 - 400 in units of 100ms, default is 10 (default is 1000ms) (1 - 400 in units of 100ms, default is 10 (1000ms/1sec))

Type: number

Range: 1-400

Default: 10

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

query-class-filter¶

Specification

Type object

query-class

Type: List

query-class-action

Description ‘allow’: Allow only certain DNS query classes; ‘deny’: Deny only certain DNS query classes;

Type: string

Supported Values: allow, deny

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

query-class-filter_query-class¶

Specification

Type list

Block object keys

num-query-class

Description Other query class value

Type: number

Range: 1-65535

str-query-class

Description ‘INTERNET’: INTERNET query class; ‘CHAOS’: CHAOS query class; ‘HESIOD’: HESIOD query class; ‘NONE’: NONE query class; ‘ANY’: ANY query class;

Type: string

Supported Values: INTERNET, CHAOS, HESIOD, NONE, ANY

local-dns-resolution¶

Specification

Type object

host-list-cfg

Type: List

local-resolver-cfg

Type: List

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

local-dns-resolution_host-list-cfg¶

Specification

Type list

Block object keys

hostnames

Description Hostnames class-list name (ac type)

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/class-list

local-dns-resolution_local-resolver-cfg¶

Specification

Type list

Block object keys

local-resolver

Description Local dns servers (address)

Type: string

Format: ipv4-address

query-type-filter¶

Specification

Type object

query-type

Type: List

query-type-action

Description ‘allow’: Allow only certain DNS query types; ‘deny’: Deny only certain DNS query types;

Type: string

Supported Values: allow, deny

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

query-type-filter_query-type¶

Specification

Type list

Block object keys

num-query-type

Description Other record type value

Type: number

Range: 1-65535

str-query-type

Description ‘A’: Address record; ‘AAAA’: IPv6 Address record; ‘CNAME’: Canonical name record; ‘MX’: Mail exchange record; ‘NS’: Name server record; ‘SRV’: Service locator; ‘PTR’: PTR resource record; ‘SOA’: Start of authority record; ‘TXT’: Text record; ‘ANY’: All cached record;

Type: string

Supported Values: A, AAAA, CNAME, MX, NS, SRV, PTR, SOA, TXT, ANY