Page History

DNS Administration 

Image RemovedImage Added

DNS Administration in DNSv3 is primarily handled under the DNS tab DNS Servers sub-tab, with DNS Administrative settings available under the Admin Settings page.

...

Additional DNS Admin tasks occur in other ProVision areas, and not all management tasks require Admin-level permissions - some only require appropriate resource permissions on the DNS Groups, Zones, and servers involved. See additional sections on this page for more detailed information:

...

DNSv3 incorporates DNS zones and Groups into the Resource System. Zones and Groups are Resources just like Customers, Servers, Routers, or Contacts (See Resource Concepts 1 and Resource Concepts for for a more detailed explanation of Resources in ProVision).

This allows for DNS zones and Group permissions to be managed similarly to other resources, where users with Resource permissions (Create / Read / Update / Delete) on the parent resource of the DNS Group can create groups and zones, manage those groups and zones, push (if a server is attached), and delete.

...

For more information on setting up permissions groups in ProVision, see Users & Permissions.

...

Edit the CRUD permissions for any ProVision user any user group by clicking the checkbox for the desired group and permission type.

...

In the DNS Tab, a "Resources Awaiting Approval" module will display near the top of DNS Groups, DNS Zone Lists, and DNS Servers pages, if a change has been submitted on that page that is pending approval. 

Image RemovedImage Added

Users who submitted a change for approval will see the details of their change request in this module.

...

• DNS Global Settings: Admin Settings page.
• Importing DNS Zones: the Data Import tab, see Import DNS Zones.
• Scheduling DNS Pushes: 
  • May be set up from the Scheduler or,
  • Set by server from the DNS Servers page, or 
  • Set by DNS Group from the  DNS Groups page, or
  • Set by individual zone from the View Zone page
• Managing DNS Servers: The DNS Servers page
• Approvals: The Approvals Tab.

Tasks such as working with zones, DNS Groups, adding ACLs, attaching servers to Groups, and manually pushing zones do not require ProVision Admin require Admin permissions. 

Instead, these tasks simply require that the user be included in a User Group that has appropriate permissions (either direct, or inherited) on the DNS zones, Groups, and servers involved.

...

• ISC BIND
• Secure 64 (Authority, x86 Authority, KNOT Authority, Cache, Signer)
• PowerDNS (BIND and MySQL)
• InfoBlox
• Knot DNS
• NSD
• NS ONE
• DynDNS (Beta)
• DNSMadeEasy
• Cloudflare
• AWS Route53 (Beta)
• IRONDNS
• 6connect AnyCast
• Dummy (a fake server entry used for servers outside of ProVision access, in order to manage master / slave configurations)

...

Manual pushes may be performed from the following locations in ProVision: 

• Single Zone: From the DNS Groups Zone list "Push" button.
• Single Zone: From the DNS View Zone page "Push Zone Now" button. 
• Group: From the DNS Groups Zone list "Push Group" button. 
• Server: From the DNS Servers list "Push" button. 
• Server: From the DNS Server Settings page "Push Zones" button.

...

Scheduled pushes may be performed from the following locations in ProVision:

• May be set up from the Scheduler for single zones, all zones in a Group, or all zones on a server.
• Set by server from the DNS Servers page, or 
• Set by DNS Group from the  DNS Groups page, or
• Set by individual zone from the View Zone page

...

DNS Global Settings is accessible from the Admin Settings page by users with Admin level permissions. 

DNSSEC Settings

...

Image RemovedImage Added

If using DNSSEC, select whether to enabled DNSSEC local signing, or sign zones by dnssec-tools, then enter the following information:

zonesigner path : Enter the zonesigner path that will be used for DNS.  Zonesigner is required if dnssec-keygen and dnssec-signzone are not set.

Sign zones by ISC BIND Utilities: Select Sign zones by ISC BIND Utilities: Select whether to use ISC BIND utilities to sign zones.

...

DNS Dynamic Update Settings

Image RemovedImage Added

Dynamic Update via nsupdateTimeout: Timeout for DDNS (the default is 5 seconds).

Increase SOA Zone Serial on update: Toggle to "On" if you wish the zone serial to be increased automatically.

Force TCP Update: If enabled all DDNS requests will be over TCP.

Dynamic Update via nsupdate: Toggle to "On" if you wish to use Dynamic to use Dynamic Updates via nsupdate, instead of ProVision's internal implementation.

...

Clear DDNS Failure Queue: Clears the current failure queue.

DNS Backup Settings

Image RemovedImage Added

Records Limit : The limit for the number of records a zone may have for a zone to process a backup. If the records count exceed this number, zone backups will be omitted at zone push.

DNS Import Settings

Image RemovedImage Added

Keep Import File: Saves DNS zone import files to the zone's "Zone Backups and Attached Files" area, for later download. Optional.

Push Settings

Image RemovedImage Added

Enable DNS Continue Push Lockon Error: If enabled, on push ProVision will check whether if there is an error on push with a subset of the servers, ProVision will continue to push the remaining non-erroring servers.

Enable DNS Push Lock: If enabled, on push ProVision will check whether there is an ongoing push. ongoing push. An error will be thrown unless Enable DNS Push Queue is also selected.

...

Enable Lock on Dynamic Updates:If enabled on DDNS operation, ProVision will lock the servers for a regular push.

Maximum Timeout for Pre/Post Command: Enter the number of seconds for maximum timeout.

Clear Server Locks: Clears the lock state of the servers. You can use this action in case of failure, and a server is stuck in a locked state.

Clear Push Queue: Clears the current push queue.

DNS Cache Settings

Image RemovedImage Added

Enable DNS Cache for Modules and Group: If enabled, on push ProVision will cache the Servers and Views in advance. Improves push performance, if you do not have many servers directly attached to the zones.

Enable DNS Cache for Zones per Group: If enabled,  on push ProVision will cache the Zones Views Linkage. Improves push performance, if you have many zones.

DNS Server Statistics

Image Removed

have many zones.

DNS Server Statistics

Image Added

Enable DNS Server statistics for snmp: If enabled, it will gather information about zone pushes for each server managed by ProVision.

Catalog Zone Settings

Image Added

Masters List: The default value for the Masters List Metadata on creating a new zone record.

Allow Query List:The default value for the Allow Query List Metadata on creating a new zone record.

Allow Transfer List: The default value for the Allow Transfer List Metadata on creating a new zone recordEnable DNS Server statistics for snmp: If enabled, it will gather information about zone pushes for each server managed by ProVision.

DNS Export Functions

Exporting Zones

...

Expand the module by clicking the (>) arrow, and then click the "Export Zones" button.

Importing DNS Zones:

ProVision offers six There are six DNS zone import options, available under the Data Import tab in the Admin section. For more information on importing DNS zones, see Importing your Data and Import DNS Zones. 

...

DNS Zone Import: This tool is available on a zone's "View Zone" page, and allows the user to import additional zone/record information into an existing ProVision zone by uploading a zone file (.zone). 

...

For more information on DNS and configurations, see the following sections: