The Grid Member DNS object can be used to configure DNS properties for a Grid member, including enabling or disabling DNS services and other DNS service related parameters. Grid service configurations are inherited by all members.
References to member:dns are object references. The name part of a Member DNS object reference has the following components:
- Name of Member DNS
Example: member:dns/ZG5zLm5ldHdvcmtfdmlldyQxMTk:Infoblox
The object does not support the following operations:
The object cannot be managed on Cloud Platform members.
These fields are actual members of the object; thus, they can be requested by using _return_fields, if the fields are readable.
The basic version of the object contains the field(s): host_name, ipv4addr, ipv6addr.
Add custom IP, MAC and DNS View name ENDS0 options to outgoing recursive queries.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
add_client_ip_mac_options is associated with the field use_add_client_ip_mac_options (see use flag).
The list of additional IP addresses on which DNS is enabled for a Grid member. Only one of “additional_ip_list” or “additional_ip_list_struct” should be set when modifying the object.
Type
String array.
Create
The default value is empty.
Search
The field is not available for search.
The list of additional IP addresses and IP Space Discriminator short names on which DNS is enabled for a Grid member. Only one of “additional_ip_list” or “additional_ip_list_struct” should be set when modifying the object.
Type
A/An Member DNS additional IP structure struct array.
Create
The default value is:
empty
Search
The field is not available for search.
Determines whether the GSS-TSIG zone updates is enabled for the Grid member.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
allow_gss_tsig_zone_updates is associated with the field use_update_setting (see use flag).
Determines if queries from specified IPv4 or IPv6 addresses and networks are enabled or not. The appliance can also use Transaction Signature (TSIG) keys to authenticate the queries. This setting overrides the Grid query settings.
Type
One of the following: Address ac struct, TSIG ac struct array.
Create
The default value is:
empty
Search
The field is not available for search.
Notes
allow_query is associated with the field use_allow_query (see use flag).
Determines if the responses to recursive queries is enabled or not. This setting overrides Grid recursive query settings.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
allow_recursive_query is associated with the field use_recursive_query_setting (see use flag).
Allows or rejects zone transfers from specified IPv4 or IPv6 addresses and networks or allows transfers from hosts authenticated by Transaction signature (TSIG) key. This setting overrides the Grid zone transfer settings.
Type
One of the following: Address ac struct, TSIG ac struct array.
Create
The default value is:
empty
Search
The field is not available for search.
Notes
allow_transfer is associated with the field use_allow_transfer (see use flag).
Allows or rejects dynamic updates from specified IPv4 or IPv6 addresses, networks or from host authenticated by TSIG key. This setting overrides Grid update settings.
Type
One of the following: Address ac struct, TSIG ac struct array.
Create
The default value is:
empty
Search
The field is not available for search.
Notes
allow_update is associated with the field use_update_setting (see use flag).
The flag that indicates whether the anonymization of captured DNS responses is enabled or disabled.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Enable DNS recursive query forwarding to Active Trust Cloud.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Mitigation settings for DNS attacks.
Type
A/An DNS Attack Mitigation object struct.
Create
The default value is:
{ 'detect_chr': { 'enable': True,
'high': 80,
'interval_max': 100000,
'interval_min': 1000,
'interval_time': 10,
'low': 70},
'detect_chr_grace': 75,
'detect_nxdomain_responses': { 'enable': True,
'high': 80,
'interval_max': 100000,
'interval_min': 1000,
'interval_time': 10,
'low': 70},
'detect_udp_drop': { 'enable': True,
'high': 30,
'interval_min': 1000,
'interval_time': 10,
'low': 20},
'interval': 10,
'mitigate_nxdomain_lru': False}
Search
The field is not available for search.
Notes
attack_mitigation is associated with the field use_attack_mitigation (see use flag).
The auto blackhole settings.
Type
A/An DNS Auto Blackhole settings struct.
Create
The default value is:
{ 'enable_fetches_per_server': False,
'enable_fetches_per_zone': False,
'enable_holddown': False,
'fetches_per_server': 500,
'fetches_per_zone': 200,
'fps_freq': 200,
'holddown': 60,
'holddown_threshold': 5,
'holddown_timeout': 1000}
Search
The field is not available for search.
Notes
auto_blackhole is associated with the field use_auto_blackhole (see use flag).
Determines if the auto-generation of A and PTR records for the LAN2 IP address is enabled or not, if DNS service is enabled on LAN2.
Type
Bool.
Create
The default value is True.
Search
The field is not available for search.
Determines if auto-generation of AAAA and IPv6 PTR records for LAN2 IPv6 address is enabled or not.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Determines if a Grid member to automatically sort DNS views is enabled or not. The order of the DNS views determines the order in which the appliance checks the match lists.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
The BIND check names policy, which indicates the action the appliance takes when it encounters host names that do not comply with the Strict Hostname Checking policy. This method applies only if the host name restriction policy is set to ‘Strict Hostname Checking’.
Type
String.
Create
The default value is WARN.
Search
The field is not available for search.
The value of the hostname directive for BIND.
Type
String.
Create
The default value is NONE.
Search
The field is not available for search.
Notes
bind_hostname_directive is associated with the field use_bind_hostname_directive (see use flag).
The value of the user-defined hostname directive for BIND. To enable user-defined hostname directive, you must set the bind_hostname_directive to “USER_DEFINED”.
Type
String.
Create
The default value is empty.
Search
The field is not available for search.
The list of IPv4 or IPv6 addresses and networks from which DNS queries are blocked. This setting overrides the Grid blackhole_list.
Type
One of the following: Address ac struct, TSIG ac struct array.
Create
The default value is:
empty
Search
The field is not available for search.
Notes
blackhole_list is associated with the field use_blacklist (see use flag).
The action to perform when a domain name matches the pattern defined in a rule that is specified by the blacklist_ruleset method.
Type
String.
Create
The default value is REDIRECT.
Search
The field is not available for search.
Notes
blacklist_action is associated with the field use_blacklist (see use flag).
Determines if blacklist redirection queries are logged or not.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
blacklist_log_query is associated with the field use_blacklist (see use flag).
The IP addresses the appliance includes in the response it sends in place of a blacklisted IP address.
Type
String array.
Create
The default value is empty.
Search
The field is not available for search.
Notes
blacklist_redirect_addresses is associated with the field use_blacklist (see use flag).
The TTL value of the synthetic DNS responses that result from blacklist redirection.
Type
Unsigned integer.
Create
The default value is 60.
Search
The field is not available for search.
Notes
blacklist_redirect_ttl is associated with the field use_blacklist (see use flag).
The DNS Ruleset object names assigned at the Grid level for blacklist redirection.
Type
String array.
Create
The default value is empty.
Search
The field is not available for search.
Notes
blacklist_rulesets is associated with the field use_blacklist (see use flag).
The flag that indicates whether the capture of DNS queries for all domains is enabled or disabled.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
capture_dns_queries_on_all_domains is associated with the field use_capture_dns_queries_on_all_domains (see use flag).
Determines whether the application of BIND check-names for zone transfers and DDNS updates are enabled.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Copy custom IP, MAC and DNS View name ENDS0 options from incoming to outgoing recursive queries.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
copy_client_ip_mac_options is associated with the field use_copy_client_ip_mac_options (see use flag).
Copies the allowed IPs from the zone transfer list into the also-notify statement in the named.conf file.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
copy_xfer_to_notify is associated with the field use_copy_xfer_to_notify (see use flag).
The list of custom root name servers. You can either select and use Internet root name servers or specify custom root name servers by providing a host name and IP address to which the Infoblox appliance can send queries.
Type
A/An External Server struct array.
Create
The default value is:
empty
Search
The field is not available for search.
Notes
custom_root_name_servers is associated with the field use_root_name_server (see use flag).
The EDNS0 support for queries that require recursive resolution on Grid members.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
disable_edns is associated with the field use_disable_edns (see use flag).
The list of DNS64 synthesis groups associated with this member.
Type
String array.
Create
The default value is empty.
Search
The field is not available for search.
Notes
dns64_groups is associated with the field use_dns64 (see use flag).
The DNS cache acceleration status.
Type
String.
Search
The field is not available for search.
Notes
The dns_cache_acceleration_status cannot be updated.
dns_cache_acceleration_status cannot be written.
The minimum TTL value, in seconds, that a DNS record must have in order for it to be cached by the DNS Cache Acceleration service.
An integer from 1 to 65000 that represents the TTL in seconds.
Type
Unsigned integer.
Create
The default value is 1.
Search
The field is not available for search.
Notes
dns_cache_acceleration_ttl is associated with the field use_dns_cache_acceleration_ttl (see use flag).
The flag that indicates whether the anycast failure (BFD session down) is enabled on member failure or not.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
dns_health_check_anycast_control is associated with the field use_dns_health_check (see use flag).
The list of domain names for the DNS health check.
Type
String array.
Create
The default value is empty.
Search
The field is not available for search.
Notes
dns_health_check_domain_list is associated with the field use_dns_health_check (see use flag).
The time interval (in seconds) for DNS health check.
Type
Unsigned integer.
Create
The default value is 30.
Search
The field is not available for search.
Notes
dns_health_check_interval is associated with the field use_dns_health_check (see use flag).
The flag that indicates whether the recursive DNS health check is enabled or not.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
dns_health_check_recursion_flag is associated with the field use_dns_health_check (see use flag).
The number of DNS health check retries.
Type
Unsigned integer.
Create
The default value is 3.
Search
The field is not available for search.
Notes
dns_health_check_retries is associated with the field use_dns_health_check (see use flag).
The DNS health check timeout interval (in seconds).
Type
Unsigned integer.
Create
The default value is 3.
Search
The field is not available for search.
Notes
dns_health_check_timeout is associated with the field use_dns_health_check (see use flag).
Determines which IP address is used as the source for DDNS notify and transfer operations.
Type
String.
Create
The default value is VIP.
Search
The field is not available for search.
The source address used if dns_notify_transfer_source type is “IP”.
Type
String.
Create
The default value is empty.
Search
The field is not available for search.
Enables DNS over TLS service.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
The time limit (in minutes) for the DNS query capture file.
Type
Unsigned integer.
Create
The default value is 10.
Search
The field is not available for search.
The source address used if dns_query_source_interface type is “IP”.
Type
String.
Create
The default value is empty.
Search
The field is not available for search.
Determines which IP address is used as the source for DDNS query operations.
Type
String.
Create
The default value is VIP.
Search
The field is not available for search.
Array of notify/query source settings for views.
Type
A/An Notify and query source settings struct array.
Create
The default value is:
empty
Search
The field is not available for search.
Determines if the blacklist rules for DNSSEC-enabled clients are enabled or not.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Determines if the DNS64 groups for DNSSEC-enabled clients are enabled or not.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Determines if the DNS security extension is enabled or not.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
dnssec_enabled is associated with the field use_dnssec (see use flag).
Determines when the DNS member accepts expired signatures.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
dnssec_expired_signatures_enabled is associated with the field use_dnssec (see use flag).
A list of zones for which the server does not perform DNSSEC validation.
Type
String array.
Create
The default value is empty.
Search
The field is not available for search.
Determines if the NXDOMAIN rules for DNSSEC-enabled clients are enabled or not.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Determines if the RPZ policies for DNSSEC-enabled clients are enabled or not.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
The list of trusted keys for the DNSSEC feature.
Type
A/An DNSSEC Trusted Key struct array.
Create
The default value is:
empty
Search
The field is not available for search.
Notes
dnssec_trusted_keys is associated with the field use_dnssec (see use flag).
Determines if the DNS security validation is enabled or not.
Type
Bool.
Create
The default value is True.
Search
The field is not available for search.
Notes
dnssec_validation_enabled is associated with the field use_dnssec (see use flag).
The DNSTAP settings.
Type
A/An DNSTAP Setting struct.
Create
The default value is:
{ 'dnstap_receiver_port': 6000}
Search
The field is not available for search.
Notes
dnstap_setting is associated with the field use_dnstap_setting (see use flag).
DNS over HTTPS sessions duration.
Type
Unsigned integer.
Create
The default value is 10.
Search
The field is not available for search.
Enables DNS over HTTPS service.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
The list of domains for DNS query capture.
Type
String array.
Create
The default value is empty.
Search
The field is not available for search.
Setting to control specific behavior for DTC DNS responses for incoming lbdn matched queries.
Type
String.
Create
The default value is DNS_RESPONSE_IF_NO_DTC.
Search
The field is not available for search.
Notes
dtc_dns_queries_specific_behavior is associated with the field use_dtc_dns_queries_specific_behavior (see use flag).
Determines whether to prefer the client address from the edns-client-subnet option for DTC or not.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
dtc_edns_prefer_client_subnet is associated with the field use_dtc_edns_prefer_client_subnet (see use flag).
The health check source type.
Type
String.
Create
The default value is VIP.
Search
The field is not available for search.
The source address used if dtc_health_source type is “IP”.
Type
String.
Create
The default value is empty.
Search
The field is not available for search.
Advertises the EDNS0 buffer size to the upstream server. The value should be between 512 and 4096 bytes. The recommended value is between 512 and 1220 bytes.
Type
Unsigned integer.
Create
The default value is 1220.
Search
The field is not available for search.
Notes
edns_udp_size is associated with the field use_edns_udp_size (see use flag).
Determines if the blocking of DNS queries is enabled or not. This setting overrides the Grid enable_blackhole settings.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
enable_blackhole is associated with the field use_blackhole (see use flag).
Determines if a blacklist is enabled or not on the Grid member.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
enable_blacklist is associated with the field use_blacklist (see use flag).
The flag that indicates whether the capture of DNS queries is enabled or disabled.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
enable_capture_dns_queries is associated with the field use_enable_capture_dns (see use flag).
The flag that indicates whether the capture of DNS responses is enabled or disabled.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
enable_capture_dns_responses is associated with the field use_enable_capture_dns (see use flag).
Determines if the DNS service of a member is enabled or not.
Type
Bool.
Create
The default value is True.
Search
The field is not available for search.
Determines if the DNS64 support is enabled or not for this member.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
enable_dns64 is associated with the field use_dns64 (see use flag).
Determines if the DNS Cache Acceleration service is enabled or not for a member.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
The flag that indicates whether the DNS health check is enabled or not.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
enable_dns_health_check is associated with the field use_dns_health_check (see use flag).
Determines whether the query messages need to be forwarded to DNSTAP or not.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
enable_dnstap_queries is associated with the field use_dnstap_setting (see use flag).
Determines whether the response messages need to be forwarded to DNSTAP or not.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
enable_dnstap_responses is associated with the field use_dnstap_setting (see use flag).
The flag that indicates whether excluding domain names from captured DNS queries and responses is enabled or disabled.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
enable_excluded_domain_names is associated with the field use_enable_excluded_domain_names (see use flag).
Determines if the fixed RRset order FQDN is enabled or not.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
enable_fixed_rrset_order_fqdns is associated with the field use_fixed_rrset_order_fqdns (see use flag).
Determines whether Fault Tolerant Caching (FTC) is enabled.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
enable_ftc is associated with the field use_ftc (see use flag).
Determines whether the appliance is enabled to receive GSS-TSIG authenticated updates from DHCP clients.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
enable_gss_tsig is associated with the field use_enable_gss_tsig (see use flag).
Determines if the notify source port for a member is enabled or not.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
enable_notify_source_port is associated with the field use_source_ports (see use flag).
Determines if the DNS query rewrite is enabled or not for this member.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
enable_query_rewrite is associated with the field use_enable_query_rewrite (see use flag).
Determines if the query source port for a memer is enabled or not.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
enable_query_source_port is associated with the field use_source_ports (see use flag).
The list of domains that are excluded from DNS query and response capture.
Type
String array.
Create
The default value is empty.
Search
The field is not available for search.
Extensible attributes associated with the object.
For valid values for extensible attributes, see the following information.
Type
Extensible attributes.
This field allows +/- to be specified as part of the field name when updating the object, see the following information.
Create
The default value is empty.
Search
For how to search extensible attributes, see the following information.
The DNS capture file transfer settings. Include the specified parameter to set the attribute value. Omit the parameter to retrieve the attribute value.
Type
A/An File Transfer Setting struct.
Create
The default value is:
{ 'type': 'FTP'}
Search
The field is not available for search.
The type of AAAA filtering for this member DNS object.
Type
String.
Create
The default value is NO.
Search
The field is not available for search.
Notes
filter_aaaa is associated with the field use_filter_aaaa (see use flag).
The list of IPv4 addresses and networks from which queries are received. AAAA filtering is applied to these addresses.
Type
A/An Address ac struct array.
Create
The default value is:
empty
Search
The field is not available for search.
Notes
filter_aaaa_list is associated with the field use_filter_aaaa (see use flag).
The fixed RRset order FQDN. If this field does not contain an empty value, the appliance will automatically set the enable_fixed_rrset_order_fqdns field to ‘true’, unless the same request sets the enable field to ‘false’.
Type
A/An Fixed RRset order FQDN struct array.
Create
The default value is:
empty
Search
The field is not available for search.
Notes
fixed_rrset_order_fqdns is associated with the field use_fixed_rrset_order_fqdns (see use flag).
Permits this member to send queries to forwarders only. When the value is “true”, the member sends queries to forwarders only, and not to other internal or Internet root servers.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
forward_only is associated with the field use_forwarders (see use flag).
Allows secondary servers to forward updates to the DNS server. This setting overrides grid update settings.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
forward_updates is associated with the field use_forward_updates (see use flag).
The forwarders for the member. A forwarder is essentially a name server to which other name servers first send all of their off-site queries. The forwarder builds up a cache of information, avoiding the need for the other name servers to send queries off-site. This setting overrides the Grid level setting.
Type
String array.
Create
The default value is empty.
Search
The field is not available for search.
Notes
forwarders is associated with the field use_forwarders (see use flag).
The timeout interval (in seconds) after which the expired Fault Tolerant Caching (FTC)record is stale and no longer valid.
Type
Unsigned integer.
Create
The default value is 86400.
Search
The field is not available for search.
Notes
ftc_expired_record_timeout is associated with the field use_ftc (see use flag).
The TTL value (in seconds) of the expired Fault Tolerant Caching (FTC) record in DNS responses.
Type
Unsigned integer.
Create
The default value is 5.
Search
The field is not available for search.
Notes
ftc_expired_record_ttl is associated with the field use_ftc (see use flag).
The list of glue record addresses.
Type
A/An ‘Member DNS glue record address struct array.
Create
The default value is undefined.
Search
The field is not available for search.
The list of GSS-TSIG keys for a member DNS object.
Type
A/An kerberoskey object array.
This field supports nested return fields as described here.
Create
The default value is empty.
Search
The field is not available for search.
Notes
gss_tsig_keys is associated with the field use_gss_tsig_keys (see use flag).
The host name of the Grid member.
Type
String.
Search
The field is available for search via
Notes
The host_name is part of the base object.
The host_name cannot be updated.
host_name cannot be written.
The IPv4 Address of the Grid member.
Type
String.
Search
The field is available for search via
Notes
The ipv4addr is part of the base object.
The ipv4addr cannot be updated.
ipv4addr cannot be written.
The list of IPv6 glue record addresses.
Type
A/An ‘Member DNS glue record address struct array.
Create
The default value is undefined.
Search
The field is not available for search.
The IPv6 Address of the Grid member.
Type
String.
Search
The field is available for search via
Notes
The ipv6addr is part of the base object.
The ipv6addr cannot be updated.
ipv6addr cannot be written.
The flag that indicates whether member DNS supports Unbound as the recursive resolver or not.
Type
Bool.
Search
The field is not available for search.
Notes
The is_unbound_capable cannot be updated.
is_unbound_capable cannot be written.
The logging categories for this DNS member.
Type
A/An Grid logging setting information struct.
Create
The default value is:
{ 'log_client': True,
'log_config': True,
'log_database': True,
'log_dnssec': True,
'log_dtc_gslb': False,
'log_dtc_health': False,
'log_general': True,
'log_lame_servers': True,
'log_network': True,
'log_notify': True,
'log_queries': False,
'log_query_rewrite': False,
'log_rate_limit': True,
'log_resolver': True,
'log_responses': False,
'log_rpz': False,
'log_security': True,
'log_update': True,
'log_update_security': True,
'log_xfer_in': True,
'log_xfer_out': True}
Search
The field is not available for search.
Notes
logging_categories is associated with the field use_logging_categories (see use flag).
The maximum time (in seconds) for which the server will cache positive answers.
Type
Unsigned integer.
Create
The default value is 604800.
Search
The field is not available for search.
Notes
max_cache_ttl is associated with the field use_max_cache_ttl (see use flag).
The maximum time in seconds a DNS response can be stored in the hardware acceleration cache.
Valid values are unsigned integer between 60 and 86400, inclusive.
Type
Unsigned integer.
Create
The default value is 86400.
Search
The field is not available for search.
Notes
max_cached_lifetime is associated with the field use_max_cached_lifetime (see use flag).
The maximum time (in seconds) for which the server will cache negative (NXDOMAIN) responses.
The maximum allowed value is 604800.
Type
Unsigned integer.
Create
The default value is 10800.
Search
The field is not available for search.
Notes
max_ncache_ttl is associated with the field use_max_ncache_ttl (see use flag).
The value is used by authoritative DNS servers to never send DNS responses larger than the configured value. The value should be between 512 and 4096 bytes. The recommended value is between 512 and 1220 bytes.
Type
Unsigned integer.
Create
The default value is 1220.
Search
The field is not available for search.
Notes
max_udp_size is associated with the field use_max_udp_size (see use flag).
Enables the ability to return a minimal amount of data in response to a query. This capability speeds up the DNS services provided by the appliance.
Type
Bool.
Create
The default value is True.
Search
The field is not available for search.
Specifies the number of seconds of delay the notify messages are sent to secondaries.
Type
Unsigned integer.
Create
The default value is 5.
Search
The field is not available for search.
Notes
notify_delay is associated with the field use_notify_delay (see use flag).
The source port for notify messages. When requesting zone transfers from the primary server, some secondary DNS servers use the source port number (the primary server used to send the notify message) as the destination port number in the zone transfer request. This setting overrides Grid static source port settings.
Valid values are between 1 and 63999. The default is selected by BIND.
Type
Unsigned integer.
Create
The default value is empty.
Search
The field is not available for search.
Notes
notify_source_port is associated with the field use_source_ports (see use flag).
Determines if NXDOMAIN redirection queries are logged or not.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
nxdomain_log_query is associated with the field use_nxdomain_redirect (see use flag).
Enables NXDOMAIN redirection.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
nxdomain_redirect is associated with the field use_nxdomain_redirect (see use flag).
The IPv4 NXDOMAIN redirection addresses.
Type
String array.
Create
The default value is empty.
Search
The field is not available for search.
Notes
nxdomain_redirect_addresses is associated with the field use_nxdomain_redirect (see use flag).
The IPv6 NXDOMAIN redirection addresses.
Type
String array.
Create
The default value is empty.
Search
The field is not available for search.
Notes
nxdomain_redirect_addresses_v6 is associated with the field use_nxdomain_redirect (see use flag).
The TTL value of synthetic DNS responses that result from NXDOMAIN redirection.
Type
Unsigned integer.
Create
The default value is 60.
Search
The field is not available for search.
Notes
nxdomain_redirect_ttl is associated with the field use_nxdomain_redirect (see use flag).
The names of the Ruleset objects assigned at the Grid level for NXDOMAIN redirection.
Type
String array.
Create
The default value is empty.
Search
The field is not available for search.
Notes
nxdomain_rulesets is associated with the field use_nxdomain_redirect (see use flag).
The source port for queries. Specifying a source port number for recursive queries ensures that a firewall will allow the response.
Valid values are between 1 and 63999. The default is selected by BIND.
Type
Unsigned integer.
Create
The default value is empty.
Search
The field is not available for search.
Notes
query_source_port is associated with the field use_source_ports (see use flag).
The record name restriction policy.
Type
String.
Create
The default value is empty.
Search
The field is not available for search.
Notes
record_name_policy is associated with the field use_record_name_policy (see use flag).
A limit on the number of concurrent recursive clients.
Type
Unsigned integer.
Create
The default value is 1000.
Search
The field is not available for search.
Notes
recursive_client_limit is associated with the field use_recursive_client_limit (see use flag).
The list of IPv4 or IPv6 addresses, networks or hosts authenticated by Transaction signature (TSIG) key from which recursive queries are allowed or denied.
Type
A/An Address ac struct array.
Create
The default value is:
empty
Search
The field is not available for search.
Notes
recursive_query_list is associated with the field use_recursive_query_setting (see use flag).
The recursive resolver for member DNS.
Type
String.
Create
The default value is BIND.
Search
The field is not available for search.
The recursive query timeout for the member. The value must be 0 or between 10 and 30.
Type
Unsigned integer.
Create
The default value is 0.
Search
The field is not available for search.
Notes
resolver_query_timeout is associated with the field use_resolver_query_timeout (see use flag).
The response rate limiting settings for the member.
Type
A/An DNS Response Rate Limiting struct.
Create
The default value is:
{ 'enable_rrl': False,
'log_only': False,
'responses_per_second': 100,
'slip': 2,
'window': 15}
Search
The field is not available for search.
Notes
response_rate_limiting is associated with the field use_response_rate_limiting (see use flag).
Determines the type of root name servers.
Type
String.
Create
The default value is INTERNET.
Search
The field is not available for search.
Notes
root_name_server_type is associated with the field use_root_name_server (see use flag).
Enables NSDNAME and NSIP resource records from RPZ feeds at member level.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
rpz_disable_nsdname_nsip is associated with the field use_rpz_disable_nsdname_nsip (see use flag).
Enables the appliance to ignore RPZ-IP triggers with prefix lengths less than the specified minimum prefix length.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
rpz_drop_ip_rule_enabled is associated with the field use_rpz_drop_ip_rule (see use flag).
The minimum prefix length for IPv4 RPZ-IP triggers. The appliance ignores RPZ-IP triggers with prefix lengths less than the specified minimum IPv4 prefix length.
Type
Unsigned integer.
Create
The default value is 29.
Search
The field is not available for search.
Notes
rpz_drop_ip_rule_min_prefix_length_ipv4 is associated with the field use_rpz_drop_ip_rule (see use flag).
The minimum prefix length for IPv6 RPZ-IP triggers. The appliance ignores RPZ-IP triggers with prefix lengths less than the specified minimum IPv6 prefix length.
Type
Unsigned integer.
Create
The default value is 112.
Search
The field is not available for search.
Notes
rpz_drop_ip_rule_min_prefix_length_ipv6 is associated with the field use_rpz_drop_ip_rule (see use flag).
The flag that indicates whether recursive RPZ lookups are enabled.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
rpz_qname_wait_recurse is associated with the field use_rpz_qname_wait_recurse (see use flag).
The number of maximum concurrent SOA queries per second for the member.
Type
Unsigned integer.
Create
The default value is 20.
Search
The field is not available for search.
Notes
serial_query_rate is associated with the field use_serial_query_rate (see use flag).
The value of the server-id directive for BIND and Unbound DNS.
Type
String.
Create
The default value is NONE.
Search
The field is not available for search.
Notes
server_id_directive is associated with the field use_server_id_directive (see use flag).
The value of the user-defined hostname directive for BIND and UNBOUND DNS. To enable user-defined hostname directive, you must set the bind_hostname_directive to “USER_DEFINED”.
Type
String.
Create
The default value is empty.
Search
The field is not available for search.
Determines if RPZ rules are applied to queries originated from this member and received by other Grid members.
Type
Bool.
Create
The default value is True.
Search
The field is not available for search.
A sort list determines the order of addresses in responses made to DNS queries. This setting overrides Grid sort list settings.
Type
A/An DNS Sortlist struct array.
Create
The default value is:
empty
Search
The field is not available for search.
Notes
sortlist is associated with the field use_sortlist (see use flag).
The flag that indicates whether the storage of query capture reports on the appliance is enabled or disabled.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
The syslog facility. This is the location on the syslog server to which you want to sort the DNS logging messages. This setting overrides the Grid logging facility settings.
Type
String.
Create
The default value is DAEMON.
Search
The field is not available for search.
Notes
syslog_facility is associated with the field use_syslog_facility (see use flag).
TCP Idle timeout for DNS over TLS connections.
Type
Unsigned integer.
Create
The default value is 1000.
Search
The field is not available for search.
DNS over TLS sessions duration.
Type
Unsigned integer.
Create
The default value is 60.
Search
The field is not available for search.
Excludes specified DNS servers during zone transfers.
Type
String array.
Create
The default value is empty.
Search
The field is not available for search.
Notes
transfer_excluded_servers is associated with the field use_zone_transfer_format (see use flag).
The BIND format for a zone transfer. This provides tracking capabilities for single or multiple transfers and their associated servers.
Type
String.
Create
The default value is MANY_ANSWERS.
Search
The field is not available for search.
Notes
transfer_format is associated with the field use_zone_transfer_format (see use flag).
The number of maximum concurrent transfers for the member.
Type
Unsigned integer.
Create
The default value is 10.
Search
The field is not available for search.
Notes
transfers_in is associated with the field use_transfers_in (see use flag).
The number of maximum outbound concurrent zone transfers for the member.
Type
Unsigned integer.
Create
The default value is 10.
Search
The field is not available for search.
Notes
transfers_out is associated with the field use_transfers_out (see use flag).
The number of maximum concurrent transfers per member for the member.
Type
Unsigned integer.
Create
The default value is 2.
Search
The field is not available for search.
Notes
transfers_per_ns is associated with the field use_transfers_per_ns (see use flag).
Logging level for the Unbound recursive resolver.
Type
String.
Create
The default value is OPERATIONS.
Search
The field is not available for search.
Use flag for: add_client_ip_mac_options
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: allow_query
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: allow_transfer
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: attack_mitigation
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: auto_blackhole
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: bind_hostname_directive
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: enable_blackhole
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: blackhole_list , blacklist_action, blacklist_log_query, blacklist_redirect_addresses, blacklist_redirect_ttl, blacklist_rulesets, enable_blacklist
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: capture_dns_queries_on_all_domains
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: copy_client_ip_mac_options
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: copy_xfer_to_notify
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: disable_edns
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: enable_dns64 , dns64_groups
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: dns_cache_acceleration_ttl
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: dns_health_check_domain_list , dns_health_check_recursion_flag, dns_health_check_anycast_control, enable_dns_health_check, dns_health_check_interval, dns_health_check_timeout, dns_health_check_retries
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: dnssec_enabled , dnssec_expired_signatures_enabled, dnssec_validation_enabled, dnssec_trusted_keys
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: enable_dnstap_queries , enable_dnstap_responses, dnstap_setting
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: dtc_dns_queries_specific_behavior
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: dtc_edns_prefer_client_subnet
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: edns_udp_size
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: enable_capture_dns_queries , enable_capture_dns_responses
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: enable_excluded_domain_names
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: enable_gss_tsig
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: enable_query_rewrite
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: filter_aaaa , filter_aaaa_list
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: fixed_rrset_order_fqdns , enable_fixed_rrset_order_fqdns
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: forward_updates
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: forwarders , forward_only
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: enable_ftc , ftc_expired_record_ttl, ftc_expired_record_timeout
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: gss_tsig_keys
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Determines if the DNS service on the IPv6 LAN2 port is enabled or not.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Determines if the DNS service on the LAN2 port is enabled or not.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Determines if the DNS service on the IPv6 LAN port is enabled or not.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Determines the status of the use of DNS services on the IPv4 LAN1 port.
Type
Bool.
Create
The default value is True.
Search
The field is not available for search.
Use flag for: logging_categories
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: max_cache_ttl
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: max_cached_lifetime
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: max_ncache_ttl
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: max_udp_size
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Determines if the DNS services on the IPv6 MGMT port is enabled or not.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Determines if the DNS services on the MGMT port is enabled or not.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: notify_delay
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: nxdomain_redirect , nxdomain_redirect_addresses, nxdomain_redirect_addresses_v6, nxdomain_redirect_ttl, nxdomain_log_query, nxdomain_rulesets
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: record_name_policy
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: recursive_client_limit
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: allow_recursive_query , recursive_query_list
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: resolver_query_timeout
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: response_rate_limiting
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: root_name_server_type , custom_root_name_servers, use_root_server_for_all_views
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Determines if root name servers should be applied to all views or only to Default view.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
use_root_server_for_all_views is associated with the field use_root_name_server (see use flag).
Use flag for: rpz_disable_nsdname_nsip
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: rpz_drop_ip_rule_enabled , rpz_drop_ip_rule_min_prefix_length_ipv4, rpz_drop_ip_rule_min_prefix_length_ipv6
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: rpz_qname_wait_recurse
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: serial_query_rate
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: server_id_directive
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: sortlist
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: enable_notify_source_port , notify_source_port, enable_query_source_port, query_source_port
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: syslog_facility
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: transfers_in
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: transfers_out
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: transfers_per_ns
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Use flag for: allow_update , allow_gss_tsig_zone_updates
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
This function is used to clear DNS cache. It clears the entire cache or removes one specified domain from the named cache.
This function does not support multiple object matches when called as part of an atomic insertion operation.
Input fields
clear_full_tree ( Bool. ) Determines whether the function clears the given domain as well as all the names under it. The default value is “False”.
domain ( String. ) The domain name to be cleared from the DNS cache. If no domain name is specified, then the entire cache is cleared. The default value is “None”.
view ( String. ) The DNS view on which the operation is performed.
Output fields
None
| Field | Type | Req | R/O | Base | Search |
|---|---|---|---|---|---|
| add_client_ip_mac_options | Bool | N | N | N | N/A |
| additional_ip_list | [String] | N | N | N | N/A |
| additional_ip_list_struct | [struct] | N | N | N | N/A |
| allow_gss_tsig_zone_updates | Bool | N | N | N | N/A |
| allow_query | [struct] | N | N | N | N/A |
| allow_recursive_query | Bool | N | N | N | N/A |
| allow_transfer | [struct] | N | N | N | N/A |
| allow_update | [struct] | N | N | N | N/A |
| anonymize_response_logging | Bool | N | N | N | N/A |
| atc_fwd_enable | Bool | N | N | N | N/A |
| attack_mitigation | struct | N | N | N | N/A |
| auto_blackhole | struct | N | N | N | N/A |
| auto_create_a_and_ptr_for_lan2 | Bool | N | N | N | N/A |
| auto_create_aaaa_and_ipv6ptr_for_lan2 | Bool | N | N | N | N/A |
| auto_sort_views | Bool | N | N | N | N/A |
| bind_check_names_policy | String | N | N | N | N/A |
| bind_hostname_directive | String | N | N | N | N/A |
| bind_hostname_directive_fqdn | String | N | N | N | N/A |
| blackhole_list | [struct] | N | N | N | N/A |
| blacklist_action | String | N | N | N | N/A |
| blacklist_log_query | Bool | N | N | N | N/A |
| blacklist_redirect_addresses | [String] | N | N | N | N/A |
| blacklist_redirect_ttl | Unsigned int | N | N | N | N/A |
| blacklist_rulesets | [String] | N | N | N | N/A |
| capture_dns_queries_on_all_domains | Bool | N | N | N | N/A |
| check_names_for_ddns_and_zone_transfer | Bool | N | N | N | N/A |
| copy_client_ip_mac_options | Bool | N | N | N | N/A |
| copy_xfer_to_notify | Bool | N | N | N | N/A |
| custom_root_name_servers | [struct] | N | N | N | N/A |
| disable_edns | Bool | N | N | N | N/A |
| dns64_groups | [String] | N | N | N | N/A |
| dns_cache_acceleration_status | String | N | Y | N | N/A |
| dns_cache_acceleration_ttl | Unsigned int | N | N | N | N/A |
| dns_health_check_anycast_control | Bool | N | N | N | N/A |
| dns_health_check_domain_list | [String] | N | N | N | N/A |
| dns_health_check_interval | Unsigned int | N | N | N | N/A |
| dns_health_check_recursion_flag | Bool | N | N | N | N/A |
| dns_health_check_retries | Unsigned int | N | N | N | N/A |
| dns_health_check_timeout | Unsigned int | N | N | N | N/A |
| dns_notify_transfer_source | String | N | N | N | N/A |
| dns_notify_transfer_source_address | String | N | N | N | N/A |
| dns_over_tls_service | Bool | N | N | N | N/A |
| dns_query_capture_file_time_limit | Unsigned int | N | N | N | N/A |
| dns_query_source_address | String | N | N | N | N/A |
| dns_query_source_interface | String | N | N | N | N/A |
| dns_view_address_settings | [struct] | N | N | N | N/A |
| dnssec_blacklist_enabled | Bool | N | N | N | N/A |
| dnssec_dns64_enabled | Bool | N | N | N | N/A |
| dnssec_enabled | Bool | N | N | N | N/A |
| dnssec_expired_signatures_enabled | Bool | N | N | N | N/A |
| dnssec_negative_trust_anchors | [String] | N | N | N | N/A |
| dnssec_nxdomain_enabled | Bool | N | N | N | N/A |
| dnssec_rpz_enabled | Bool | N | N | N | N/A |
| dnssec_trusted_keys | [struct] | N | N | N | N/A |
| dnssec_validation_enabled | Bool | N | N | N | N/A |
| dnstap_setting | struct | N | N | N | N/A |
| doh_https_session_duration | Unsigned int | N | N | N | N/A |
| doh_service | Bool | N | N | N | N/A |
| domains_to_capture_dns_queries | [String] | N | N | N | N/A |
| dtc_dns_queries_specific_behavior | String | N | N | N | N/A |
| dtc_edns_prefer_client_subnet | Bool | N | N | N | N/A |
| dtc_health_source | String | N | N | N | N/A |
| dtc_health_source_address | String | N | N | N | N/A |
| edns_udp_size | Unsigned int | N | N | N | N/A |
| enable_blackhole | Bool | N | N | N | N/A |
| enable_blacklist | Bool | N | N | N | N/A |
| enable_capture_dns_queries | Bool | N | N | N | N/A |
| enable_capture_dns_responses | Bool | N | N | N | N/A |
| enable_dns | Bool | N | N | N | N/A |
| enable_dns64 | Bool | N | N | N | N/A |
| enable_dns_cache_acceleration | Bool | N | N | N | N/A |
| enable_dns_health_check | Bool | N | N | N | N/A |
| enable_dnstap_queries | Bool | N | N | N | N/A |
| enable_dnstap_responses | Bool | N | N | N | N/A |
| enable_excluded_domain_names | Bool | N | N | N | N/A |
| enable_fixed_rrset_order_fqdns | Bool | N | N | N | N/A |
| enable_ftc | Bool | N | N | N | N/A |
| enable_gss_tsig | Bool | N | N | N | N/A |
| enable_notify_source_port | Bool | N | N | N | N/A |
| enable_query_rewrite | Bool | N | N | N | N/A |
| enable_query_source_port | Bool | N | N | N | N/A |
| excluded_domain_names | [String] | N | N | N | N/A |
| extattrs | Extattr | N | N | N | ext |
| file_transfer_setting | struct | N | N | N | N/A |
| filter_aaaa | String | N | N | N | N/A |
| filter_aaaa_list | [struct] | N | N | N | N/A |
| fixed_rrset_order_fqdns | [struct] | N | N | N | N/A |
| forward_only | Bool | N | N | N | N/A |
| forward_updates | Bool | N | N | N | N/A |
| forwarders | [String] | N | N | N | N/A |
| ftc_expired_record_timeout | Unsigned int | N | N | N | N/A |
| ftc_expired_record_ttl | Unsigned int | N | N | N | N/A |
| glue_record_addresses | [struct] | N | N | N | N/A |
| gss_tsig_keys | [obj] | N | N | N | N/A |
| host_name | String | N | Y | Y | = ~ |
| ipv4addr | String | N | Y | Y | = ~ |
| ipv6_glue_record_addresses | [struct] | N | N | N | N/A |
| ipv6addr | String | N | Y | Y | = ~ |
| is_unbound_capable | Bool | N | Y | N | N/A |
| logging_categories | struct | N | N | N | N/A |
| max_cache_ttl | Unsigned int | N | N | N | N/A |
| max_cached_lifetime | Unsigned int | N | N | N | N/A |
| max_ncache_ttl | Unsigned int | N | N | N | N/A |
| max_udp_size | Unsigned int | N | N | N | N/A |
| minimal_resp | Bool | N | N | N | N/A |
| notify_delay | Unsigned int | N | N | N | N/A |
| notify_source_port | Unsigned int | N | N | N | N/A |
| nxdomain_log_query | Bool | N | N | N | N/A |
| nxdomain_redirect | Bool | N | N | N | N/A |
| nxdomain_redirect_addresses | [String] | N | N | N | N/A |
| nxdomain_redirect_addresses_v6 | [String] | N | N | N | N/A |
| nxdomain_redirect_ttl | Unsigned int | N | N | N | N/A |
| nxdomain_rulesets | [String] | N | N | N | N/A |
| query_source_port | Unsigned int | N | N | N | N/A |
| record_name_policy | String | N | N | N | N/A |
| recursive_client_limit | Unsigned int | N | N | N | N/A |
| recursive_query_list | [struct] | N | N | N | N/A |
| recursive_resolver | String | N | N | N | N/A |
| resolver_query_timeout | Unsigned int | N | N | N | N/A |
| response_rate_limiting | struct | N | N | N | N/A |
| root_name_server_type | String | N | N | N | N/A |
| rpz_disable_nsdname_nsip | Bool | N | N | N | N/A |
| rpz_drop_ip_rule_enabled | Bool | N | N | N | N/A |
| rpz_drop_ip_rule_min_prefix_length_ipv4 | Unsigned int | N | N | N | N/A |
| rpz_drop_ip_rule_min_prefix_length_ipv6 | Unsigned int | N | N | N | N/A |
| rpz_qname_wait_recurse | Bool | N | N | N | N/A |
| serial_query_rate | Unsigned int | N | N | N | N/A |
| server_id_directive | String | N | N | N | N/A |
| server_id_directive_string | String | N | N | N | N/A |
| skip_in_grid_rpz_queries | Bool | N | N | N | N/A |
| sortlist | [struct] | N | N | N | N/A |
| store_locally | Bool | N | N | N | N/A |
| syslog_facility | String | N | N | N | N/A |
| tcp_idle_timeout | Unsigned int | N | N | N | N/A |
| tls_session_duration | Unsigned int | N | N | N | N/A |
| transfer_excluded_servers | [String] | N | N | N | N/A |
| transfer_format | String | N | N | N | N/A |
| transfers_in | Unsigned int | N | N | N | N/A |
| transfers_out | Unsigned int | N | N | N | N/A |
| transfers_per_ns | Unsigned int | N | N | N | N/A |
| unbound_logging_level | String | N | N | N | N/A |
| use_add_client_ip_mac_options | Bool | N | N | N | N/A |
| use_allow_query | Bool | N | N | N | N/A |
| use_allow_transfer | Bool | N | N | N | N/A |
| use_attack_mitigation | Bool | N | N | N | N/A |
| use_auto_blackhole | Bool | N | N | N | N/A |
| use_bind_hostname_directive | Bool | N | N | N | N/A |
| use_blackhole | Bool | N | N | N | N/A |
| use_blacklist | Bool | N | N | N | N/A |
| use_capture_dns_queries_on_all_domains | Bool | N | N | N | N/A |
| use_copy_client_ip_mac_options | Bool | N | N | N | N/A |
| use_copy_xfer_to_notify | Bool | N | N | N | N/A |
| use_disable_edns | Bool | N | N | N | N/A |
| use_dns64 | Bool | N | N | N | N/A |
| use_dns_cache_acceleration_ttl | Bool | N | N | N | N/A |
| use_dns_health_check | Bool | N | N | N | N/A |
| use_dnssec | Bool | N | N | N | N/A |
| use_dnstap_setting | Bool | N | N | N | N/A |
| use_dtc_dns_queries_specific_behavior | Bool | N | N | N | N/A |
| use_dtc_edns_prefer_client_subnet | Bool | N | N | N | N/A |
| use_edns_udp_size | Bool | N | N | N | N/A |
| use_enable_capture_dns | Bool | N | N | N | N/A |
| use_enable_excluded_domain_names | Bool | N | N | N | N/A |
| use_enable_gss_tsig | Bool | N | N | N | N/A |
| use_enable_query_rewrite | Bool | N | N | N | N/A |
| use_filter_aaaa | Bool | N | N | N | N/A |
| use_fixed_rrset_order_fqdns | Bool | N | N | N | N/A |
| use_forward_updates | Bool | N | N | N | N/A |
| use_forwarders | Bool | N | N | N | N/A |
| use_ftc | Bool | N | N | N | N/A |
| use_gss_tsig_keys | Bool | N | N | N | N/A |
| use_lan2_ipv6_port | Bool | N | N | N | N/A |
| use_lan2_port | Bool | N | N | N | N/A |
| use_lan_ipv6_port | Bool | N | N | N | N/A |
| use_lan_port | Bool | N | N | N | N/A |
| use_logging_categories | Bool | N | N | N | N/A |
| use_max_cache_ttl | Bool | N | N | N | N/A |
| use_max_cached_lifetime | Bool | N | N | N | N/A |
| use_max_ncache_ttl | Bool | N | N | N | N/A |
| use_max_udp_size | Bool | N | N | N | N/A |
| use_mgmt_ipv6_port | Bool | N | N | N | N/A |
| use_mgmt_port | Bool | N | N | N | N/A |
| use_notify_delay | Bool | N | N | N | N/A |
| use_nxdomain_redirect | Bool | N | N | N | N/A |
| use_record_name_policy | Bool | N | N | N | N/A |
| use_recursive_client_limit | Bool | N | N | N | N/A |
| use_recursive_query_setting | Bool | N | N | N | N/A |
| use_resolver_query_timeout | Bool | N | N | N | N/A |
| use_response_rate_limiting | Bool | N | N | N | N/A |
| use_root_name_server | Bool | N | N | N | N/A |
| use_root_server_for_all_views | Bool | N | N | N | N/A |
| use_rpz_disable_nsdname_nsip | Bool | N | N | N | N/A |
| use_rpz_drop_ip_rule | Bool | N | N | N | N/A |
| use_rpz_qname_wait_recurse | Bool | N | N | N | N/A |
| use_serial_query_rate | Bool | N | N | N | N/A |
| use_server_id_directive | Bool | N | N | N | N/A |
| use_sortlist | Bool | N | N | N | N/A |
| use_source_ports | Bool | N | N | N | N/A |
| use_syslog_facility | Bool | N | N | N | N/A |
| use_transfers_in | Bool | N | N | N | N/A |
| use_transfers_out | Bool | N | N | N | N/A |
| use_transfers_per_ns | Bool | N | N | N | N/A |
| use_update_setting | Bool | N | N | N | N/A |
| use_zone_transfer_format | Bool | N | N | N | N/A |
| views | [String] | N | N | N | N/A |
member:dhcpproperties : Member DHCP properties object.
member:filedistribution : Grid member file distribution object.