Versions Compared

Old Version 1

changes.mady.by.user Chris Smith

Saved on

compared with

New Version Current

changes.mady.by.user The Force

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space DOC and version HG-8.3.0

Working with DNS Servers

DNSv3 combines server management, group organization, and zone management under the DNS tab. 

...

DNS Server List Interface

1)

The following items are available on the interface of the DNS Server List:

  • Add Server Button: Opens a dialog for creating a DNS server.

...

  • Server List: 

      ...

        • Server Name: Name of the DNS server. Click to open server details. 

      ...

        • Server Backend: The DNS Service backend type for the server. 

      ...

        • Server Type: Whether the server is a master or slave type.

      ...

        • Server Status: Display of server error and connection status messages.

      ...

        • Actions: The actions that may be performed on each server:

          Image Removed

          ...

              • Delete: Deletes the server from ProVision.

          ...

              • Push: Pushes all zones associated with the selected server. 

          ...

              • Perms: Opens a shortcut to edit permissions for the selected server (Admin only). 

          Working with DNS Servers

          Add a Server

          To create a new server, start from the DNS Tab, select the DNS Servers sub menu. Then, click the "Add Server" button next to "DNS Server List".

          ...

          In the "Common Settings" section of Server Settings, enter the new server's Display Name (the name that will appear on the ProVision interface), the FQDN / IP, server type, service type, and desired parent Resource (may be left at the default Top Level Resource). 

          Available fields include:

          • Display Name: Name you want the server to display.
          • FQDN or IP: The FQDN or ip address of the DNS server.
          • DNS Port: Specify a DNS Port.
          • Server Type: Specify if the server is a master or slave.  Different configuration files are created master vs. slave on the Bind, PowerDNS/Bind, and Secure64 platforms.
          • Export Zones: Enable / Disable Zone export
          • DNS Service: Select the DNS service type (ISC Bind, Secure64, KnotDNS, etc).
          • Parent Resource: Select the resource to be the "parent" of the server - typically TLR (Top Level Resource), but may be a lower level resource such as a Customer or Location. The parent resource selection is the basis of access permissions for the server.
          • Enable Records Check: Enable / Disable zone record checks.
          • Enable TSIG Key for transfers: Enable / Disable TSIG Keys. If enabled, the provided key will be added to the ACL config for the server(s). 


          2) Set Server Specific Settings

          ...

          For SSH Public Key Authentication, DNSSEC, and Dynamic Option updates, click on the ON / OFF toggle to select "ON" or "OFF" for each as needed. 

          Available fields include:

          • SHH Public Key Authentication: If applicable, toggle "On" or "Off"
          • Username: Login/username for the target DNS server.  The specified account needs to be valid, and have write permission to the remote directory and execute permission for any pre/post commands.
          • Password: Password for the target account.  All passwords are stored encrypted in the database.
          • Port: Port to contact the target server on.  This is port used for SSH on Bind and Secure64 server types.
          • Remote Directory: The target directory to transfer zone files to on the DNS system.
          • Named Conf Path: The path to other zones on the Bind systems.
          • Pre Command: Any valid system command on the target DNS system.  This command will be run before any files are transferred.
          • Post Command: Any valid system command on the target DNS system.  This command will be run after any files are transferred.  For example, on a Bind system you would need to run "rndc reload" to reload the zones.
          • Enable DNSSEC: If available for the server type, toggle to "On" or "Off". See Configuring DNSSEC for additional information.
          • Enable Dynamic Updates: Toggle to "On" or "Off", if the server allows dynamic updates. Records will then be pushed to zone files using REST API dynamically whenever any modifications are made, i.e. record creation/deletion.
          • Catalog Zone Settings: Opt to enable / disable catalog zones for the server. 

          Some DNS Server types use subscription services or outside accounts, in which case you may instead be prompted to provide account credentials, API keys, API secret, or other vendor-specific fields to connect to the service.

          ...

          There are two ways that zones may be connected to a DNS server:1)

          1. Directly connected, by attaching the

          ...

          1. zone to a server from the View Zone page

          ...

          ...

          1. Connected by a Group that has been set as the default DNS Group for the server, selected under "DNS Group Settings"

          ...

          Both are able to be viewed on the DNS Server Settings page. 

          To view either, open the Server Settings page for the server by clicking on the server name in the DNS Servers list.   Edit an existing server by clicking once on the server name in the DNS Servers list.

          ...

          The "Server Settings" page will open, where you may enter edits

          Zones Directly Connected to the Server

          ...

          ...