DNS Administration
DNS Administration in DNSv3 is primarily handled under the DNS tab DNS Servers sub-tab, with DNS Administrative settings available under the Admin Settings page.
...
| Info | ||
|---|---|---|
| ||
Note: In DNSv3, zone name responses will enforce and return a trailing period (i.e., "example.com" will be converted and returned as "example.com."). |
DNSv3 is designed to reflect RFC 1035 standards for valid data formats and will return error messaging for data not meeting those formats.
...
- ISC BIND
- Secure 64 (Authority, x86 Authority, KNOT Authority, Cache, Signer)
- PowerDNS (BIND and MySQL)
- InfoBlox
- Knot DNS
- NSD
- NS ONE
- DynDNS (Beta)
- DNSMadeEasy
- Cloudflare
- AWS Route53 (Beta)
- IRONDNS
- 6connect AnyCast
- Dummy (a fake server entry used for servers outside of ProVision access, in order to manage master / slave configurations)
...
Global DNS Settings (Local Installation Only)
DNS Global Settings is accessible from the Admin Settings page by users with Admin level permissions.
DNSSEC Settings
If using DNSSEC, select whether to enabled DNSSEC local signing, or sign zones by dnssec-tools, then enter the following information:
Sign zones by ISC BIND Utilities: Select whether to use ISC BIND utilities to sign zones.
dnssec-dsfromkey path : Enter the dnssec-dsfromkey path that will be used for DNS. Required in all cases.
| Info | ||
|---|---|---|
| ||
If delays occur due to lack of available entropy on servers, see the following article on how to set up additional entropy using haveged here: |
DNS Dynamic Update Settings
Dynamic Update Timeout: Timeout for DDNS (the default is 5 seconds).
Increase SOA Zone Serial on update: Toggle to "On" if you wish the zone serial to be increased automatically.
Force TCP Update: If enabled all DDNS requests will be over TCP.
Dynamic Update via nsupdate: Toggle to "On" if you wish to use Dynamic Updates via nsupdate, instead of ProVision's internal implementation.
Enable DDNS Queue on failure: Toggle to "On" if you wish to enable the automatic creation of a queue record on DDNS error.
Clear DDNS Failure Queue: Clears the current failure queue.
DNS Backup Settings
Records Limit : The limit for the number of records a zone may have for a zone to process a backup. If the records count exceed this number, zone backups will be omitted at zone push.
DNS Import Settings
Keep Import File: Saves DNS zone import files to the zone's "Zone Backups and Attached Files" area, for later download. Optional.
Push Settings
Continue Push on Error: If enabled, if there is an error on push with a subset of the servers, ProVision will continue to push the remaining non-erroring servers.
Enable DNS Push Lock: If enabled, on push ProVision will check whether there is an ongoing push. An error will be thrown unless Enable DNS Push Queue is also selected.
Enable DNS Push Queue: If enabled, on push ProVision won't throw an error, but will instead add the push to a queue. The "DNS Queue Push" task must be created in the scheduler tab to run at the desired interval for the queue to be executed.
Enable Lock on Dynamic Updates:If enabled on DDNS operation, ProVision will lock the servers for a regular push.
Maximum Timeout for Pre/Post Command: Enter the number of seconds for maximum timeout.
Clear Server Locks: Clears the lock state of the servers. You can use this action in case of failure, and a server is stuck in a locked state.
Clear Push Queue: Clears the current push queue.
DNS Cache Settings
Enable DNS Cache for Modules and Group: If enabled, on push ProVision will cache the Servers and Views in advance. Improves push performance, if you do not have many servers directly attached to the zones.
Enable DNS Cache for Zones per Group: If enabled, on push ProVision will cache the Zones Views Linkage. Improves push performance, if you have many zones.
DNS Server Statistics
If enabled, it will gather information about zone pushes for each server managed by ProVision.
Catalog Zone Settings
The default value for the Masters List Metadata on creating a new zone record.
...
To see all options available under DNS Global Settings, see DNS Settings.
DNS Export Functions
Exporting Zones
The are three zone export methods available:
- Individual Zones:
...
DNS Export Functions
Exporting Zones
Individual Zones:
- DNS zones may be exported individually from the zone's View Zone page "Export Zone" button, by any user with appropriate zone permissions (see: Editing DNS Zones).
- Zones in a DNS Group:
...
- All zones under a DNS Group may be exported from the DNS Group "Export Zones" button, by any user with the appropriate group permissions (see: Working with DNS Groups).
- Zones directly connected to a server:
...
- Zones directly connected to a server may be exported by Admin users from the DNS Server Details page, under the section "Zones connected directly to the server".
...
- Expand the module by clicking the (>) arrow, and then click the "Export Zones" button.
...
Importing DNS Zones:
There are six DNS zone import options, available under the Data Import tab in the Admin section. For more information on importing DNS zones, see Importing your Data and Import DNS Zones.
- BIND Zone Upload / Import: Imports DNS zones using the named.conf configuration file tied to the zones you are uploading, a .zip or .tar file of the zones themselves, and an optional .csv file mapping zones to customers and DNS Servers. This is the simplest and most commonly used import method. Refer to Import DNS Zones for more information.
- PowerDNS Zone Import: This tool is available after configuring a PowerDNS server with a MySQL backend. The PowerDNS Import connects to the selected server and imports all zones.
- InfoBlox Zone Import: Imports DNS zones using a provided Host, Username, and Password. The InfoBlox import pulls all zones on the InfoBlox LOCAL grid and adds them to a designated Group. It is advised to create a DNS Group prior to the import with default parameters and NS records to be inherited by the imported records.
- NS ONE Zone Import: Imports DNS zones using a NS One API Key. It is advised to create a DNS Group prior to the import with default parameters and NS records to be inherited by the imported records.
- Dyn DNS Zone Import: Imports DNS zones using a Dyn DNS Customer Name, Username, and Password. It is advised to create a DNS Group prior to the import with default parameters and NS records to be inherited by the imported records.
- DNSMadeEasy Zone Import: Imports DNS zones using a DNSMadeEasy API Key and API Secret. It is advised to create a DNS Group prior to the import with default parameters and NS records to be inherited by the imported records.
- IPPlan Zone Import: Imports DNS zones using IPPlan MySQL database options. It is advised to create a DNS Group prior to the import with default parameters and NS records to be inherited by the imported records.
Additional DNS import options may be available on a per-zone or per-server level, accessed from the DNS Tab:
- DNS Zone Import: This tool is available on a zone's "View Zone" page, and allows the user to import additional zone/record information into an existing zone by uploading a zone file (.zone).
Expand From the View Zone page, a zone file (.zone) may be imported into a ProVision zone to populate record data. Click "Import Zone".
A Zone Import dialog box will open. Next to Zone File:, click "Choose File" and select your .zone file to import. Then, select an import policy to follow.
When done, Click "Import Zone".
Additional Information:
System Information for Local Installations
Important DNS locations for local installation reference:
- Zones are stored in the
...
- ProVision web root under /zones.
- DS keys are stored in the
...
- ProVision web root under /keys.
- Global DNS Settings may be set from the Admin Settings page.
Additional Sections:
For more information on DNS and configurations, see the following sections:
Children Display