DNS Settings

DNS Settings are accessed by clicking the "DNS" sub-tab at the top of the Admin Settings page. DNS Settings are used to support various DNS functions, including DNSSEC, Dynamic updates, backup settings, push settings, DNS cache settings, and DNS server statistics.

DNSSEC Settings

If using DNSSEC, select whether to enabled DNSSEC local signing, or sign zones by dnssec-tools, then enter the following information:

zonesigner path : Enter the zonesigner path that will be used for DNS. Zonesigner is required if dnssec-keygen and dnssec-signzone are not set.

Sign zones by ISC BIND Utilities: Select whether to use ISC BIND utilities to sign zones.

dnssec-dsfromkey path : Enter the dnssec-dsfromkey path that will be used for DNS. Required in all cases.

Additional Entropy

If delays occur due to lack of available entropy on servers, see the following article on how to set up additional entropy using haveged here:

https://www.digitalocean.com/community/tutorials/how-to-setup-additional-entropy-for-cloud-servers-using-haveged

DNS Dynamic Update Settings

Dynamic Update Timeout: Timeout for DDNS (the default is 5 seconds).

Increase SOA Zone Serial on update: Toggle to "On" if you wish the zone serial to be increased automatically.

Force TCP Update: If enabled all DDNS requests will be over TCP.

Dynamic Update via nsupdate: Toggle to "On" if you wish to use Dynamic Updates via nsupdate, instead of ProVision's internal implementation.

Enable DDNS Queue on failure: Toggle to "On" if you wish to enable the automatic creation of a queue record on DDNS error.

Clear DDNS Failure Queue: Clears the current DDNS failure queue.

DNS Backup Settings

Records Limit : The limit for the number of records a zone may have for a zone to process a backup. If the records count exceed this number, zone backups will be omitted at zone push.

DNS Import Settings

Keep Import File: Toggle to "on" if you wish to retain the zone import file inside the zone.

DNS Push Settings

Continue Push on Error: If enabled, if there is an error on push with a subset of the servers, ProVision will continue to push the remaining non-erroring servers.

Enable DNS Push Lock: If enabled on push, ProVision will check if there is ongoing push and throw an error.

Enable DNS Push Queue: If enabled on push, ProVision won't throw an error, but will add the push to a queue. The queue will be executed by the Task Scheduler.

Enable Lock on Dynamic Updates: If enabled on DDNS operation, ProVision will lock the servers for a regular push.

Clear Servers Locks: Clears the lock state of the servers.

Clear Push Queue: Clears the current push queue.

DNS Cache Settings

Enable DNS Cache for Modules and Group: Toggle to "on" prior to push if you wish to cache the servers and views in advance.

Enable DNS Cache for Zones per Group: Toggle to "on" prior to push if you wish to cache the Zones Views Linkage.

DNS Server statistics

Enable DNS Server statistics for snmp: Toggle to "on" and it will gather information about zone pushes for each server.

Catalog Zone Settings

Masters List: The default value for the Masters List Metadata on creating a new zone record.

Allow Query List: The default value for the Allow Query List Metadata on creating a new zone record.

Allow Transfer List: The default value for the Allow Transfer List Metadata on creating a new zone record.

Additional Details:

For details on working with DNS, see the following areas:

Page tree