DNS Global Settings
DNS Global Settings are accessed by clicking the "DNS" sub-tab at the top of the Admin Settings page. The page is ably to be accessed by users with Admin level permissions on locally installed instances.
DNS Settings are used to support various DNS functions, including DNSSEC, Dynamic updates, backup settings, push settings, DNS cache settings, and DNS server statistics.
DNSSEC Settings
If using DNSSEC, select whether to enabled DNSSEC local signing, or sign zones by dnssec-tools, then enter the following information:
- Sign zones by ISC BIND Utilities: Select whether to use ISC BIND utilities to sign zones.
- dnssec-dsfromkey path : Enter the dnssec-dsfromkey path that will be used for DNS. Required in all cases.
Additional Entropy
If delays occur due to lack of available entropy on servers, see the following article on how to set up additional entropy using haveged here:
DNS Dynamic Update Settings
The following options are available for Dynamic Updates:
- Dynamic Update Timeout: Timeout for DDNS (the default is 5 seconds).
- Increase SOA Zone Serial on update: Toggle to "On" if you wish the zone serial to be increased automatically.
- Force TCP Update: If enabled all DDNS requests will be over TCP.
- Dynamic Update via nsupdate: Toggle to "On" if you wish to use Dynamic Updates via nsupdate, instead of ProVision's internal implementation.
- Enable DDNS Queue on failure: Toggle to "On" if you wish to enable the automatic creation of a queue record on DDNS error.
- Clear DDNS Failure Queue: Clears the current failure queue.
DNS Backup Settings
- Records Limit : The limit for the number of records a zone may have for a zone to process a backup. If the records count exceed this number, zone backups will be omitted at zone push.
DNS Import Settings
- Keep Import File: Saves DNS zone import files to the zone's "Zone Backups and Attached Files" area, for later download. Optional.
Push Settings
- Continue Push on Error: If enabled, if there is an error on push with a subset of the servers, ProVision will continue to push the remaining non-erroring servers.
- Enable DNS Push Lock: If enabled, on push ProVision will check whether there is an ongoing push. An error will be thrown unless Enable DNS Push Queue is also selected.
- Enable DNS Push Queue: If enabled, on push ProVision won't throw an error, but will instead add the push to a queue. The "DNS Queue Push" task must be created in the scheduler tab to run at the desired interval for the queue to be executed.
- Enable Lock on Dynamic Updates:If enabled on DDNS operation, ProVision will lock the servers for a regular push.
- Maximum Timeout for Pre/Post Command: Enter the number of seconds for maximum timeout.
- Clear Server Locks: Clears the lock state of the servers. You can use this action in case of failure, and a server is stuck in a locked state.
- Clear Push Queue: Clears the current push queue.
DNS Cache Settings
- Enable DNS Cache for Modules and Group: If enabled, on push ProVision will cache the Servers and Views in advance. Improves push performance, if you do not have many servers directly attached to the zones.
- Enable DNS Cache for Zones per Group: If enabled, on push ProVision will cache the Zones Views Linkage. Improves push performance, if you have many zones.
DNS Server Statistics
- If enabled, it will gather information about zone pushes for each server managed by ProVision.
Catalog Zone Settings
- The default value for the Masters List Metadata on creating a new zone record.
ENUM Settings
Additional Details
For details on working with DNS, see the following areas: