Home > Configuration > Domain Name Service |
| Domain Name Service |
domain name service(dns) configuration. |
Configuration APIs |
Use this method to creates a AAAA address record for the specified domain name. You cannot modify a AAAA address record. |
Use this method to add a dns action. |
Use this method to add a dns64 action. |
Use this method to creates an IPv4 address record for the specified domain name. You cannot modify an address resource record. |
Use this method to creates a CAA record for the specified domain name. Each resource record is stored with a unique, internally generated record ID, which you can view and use to delete the record. You cannot modify a CAA resource record. |
Use this method to creates a canonical name (CNAME) record, or alias, for the specified domain name. |
Use this method to adds a DNS key to the zone that is specified in the key file. |
Use this method to creates a mail exchange (MX) record for the specified domain name. |
Use this method to adds a name server to the appliance. Following are the two types of name servers that can be added: * IP address-based name server - An external name server to contact for domain name resolution. If multiple IP address-based name servers are configured on the appliance, and the local parameter is not set on any of them, incoming DNS queries are load balanced across all the name servers, in round robin fashion. * Virtual server-based name server - A DNS virtual server configured in the Citrix ADC. If you want more fine-grained control on how external DNS name servers are load balanced (for example, you want a load balancing method other than round robin), you configure a DNS virtual server on the appliance, bind the external name servers as its services, and then specify the name of the virtual server in this method. |
Use this method to creates an NAPTR record. Each resource record is stored with a unique, internally generated record ID, which you can view and use to delete the record. |
Use this method to creates a name server record for the specified domain. |
Use this method to creates a DNS policy. |
Use this method to creates a DNS64 Policy. |
Use this method to add a dns policy label. |
Use this method to creates a DNS profile. These DNS profiles can be associated with DNS/DNS-TCP LB vservers ,ADNS/ADNS-TCP services , end resolvers and with DNS actions. DNS profiles dictate the caching and logging behavior for a DNS transaction. |
Use this method to creates a pointer (PTR) record for the specified reverse domain name. |
Use this method to creates a Start of Authority (SOA) record. Note: You can set the SOA parameters that are associated with zone transfers. However, the Citrix ADC currently does not support zone transfers. |
Use this method to creates a service (SRV) record for the service offered by the specified target host, in the specified domain. |
Use this method to specifies a suffix that can be used to complete domain names that are not fully qualified. For example, if you specify the example.com suffix, and the Citrix ADC is required to resolve the incomplete domain name "myhost," it attempts to resolve "myhost.example.com." |
Use this method to creates a text (TXT) record for the specified domain name. Each resource record is stored with a unique, internally generated record ID, which you can view and use to delete the record. You cannot modify a TXT resource record. |
Use this method to creates a DNS view. A DNS view is used in global server load balancing (GSLB) to return a predetermined IP address to a specific group of clients, which are identified by using a DNS policy. |
Use this method to creates a DNS zone on the Citrix ADC. Mandatory if you want to use the appliance to implement Domain Name Security Extensions (DNSSEC) for the zone. When you add a DNS resource record, if the domain name of the record belongs to the zone, the record is automatically added to the zone. |
Use this method to bind policy to dns global. |
Use this method to bind policy to dns policylabel. |
Use this method to creates a public-private key pair to use for signing a DNS zone. The keys are created in the /nsconfig/dns/ directory on the Citrix ADC. The private, pubic, and DS key files are created with names having the format |
Use this method to disables a name server. |
Use this method to enables a name server. |
Use this method to flushes all/selected ( via -type or -negRecType ) proxy records from the DNS cache on the Citrix ADC. |
Use this method to fLushes a specified ECS subnet or all cached ECS subnets from the DNS cache on the Citrix ADC. |
Use this method to get the AAAA (IPv6) address record for the specified host name. If a hostname is not specified, all configured AAAA records are shown. |
Use this method to get to display the action-related information. |
Use this method to get to display the action-related information. |
Use this method to get the IPv4 address record for the specified host name. If a hostname is not specified, all configured address records are shown. |
Use this method to get CAA records owned by the specified domain. If no domain name is specified, all configured CAA records are shown. |
Use this method to get the canonical name (CNAME) records configured for the specified alias. If no alias is specified, all configured CNAME records are displayed |
Use this method to get the DS (Delegation Signer) record for DNS key (content of |
Use this method to get the DNS policies bound to the specified global bind point. If a global bind point is not specified, the method displays the global bind points that have policies bound to them, and the number of policies bound to each of those bind points. |
Use this method to get the parameters of the specified DNS key. If no DNS key name is specified, all configured DNS keys are shown. Note: You cannot view the parameters of a public/private key file. You can view the parameters of a key after you have published it in a DNS zone by using either the add dns key method or the DNS > Zones > Sign/Unsign DNS Zone dialog box. |
Use this method to get the mail exchange (MX) records for the specified domain. If no domain name is specified, all configured mail exchange records are shown. |
Use this method to get the name servers configured on the Citrix ADC, along with their administrative states. |
Use this method to get NAPTR records owned by the specified domain. If no domain name is specified, all configured NAPTR records are shown. |
Use this method to get the cached negative records |
Use this method to get the NextSECure (NSEC) resource records created for the specified domain name. |
Use this method to get the name server records for the specified domain. If no domain name is specified, all configured name server records are shown. |
Use this method to get the global DNS parameters. |
Use this method to get the parameters of the specified DNS policy or, if no policy name is specified, all configured DNS policies. |
Use this method to get the parameters of the specified DNS64 policy or, if no policy name is specified, all configured DNS64 policies. |
Use this method to get policy label or policies bound to dns policylabel. |
Use this method to get the properties of the specified DNS profile. If profile name is not specified then all conifgured DNS profiles are displayed |
Use this method to get the pointer (PTR) record for the specified reverse domain name and domain name. |
Use this method to get the parameters of the specified Start of Authority (SOA) record. If no domain name is specified, all SOA records are displayed. |
Use this method to get the service (SRV) record configured for the specified target host and domain. If the domain name is not specified, all of the SRV records are shown. |
Use this method to get all the domains for which ECS records are cached for the given ECS subnet. It also displays the type of dns records cached for every domain associated with the subnet. If a subnet is not specified, all the configured ECS subnets on the Citrix ADC are shown. |
Use this method to get the specified DNS suffix or, if no DNS suffix is specified, all configured DNS suffixes. |
Use this method to get TXT records owned by the specified domain. If no domain name is specified, all configured TXT records are shown. |
Use this method to get the specified DNS view or, if no DNS view name is specified, all the DNS views configured on the Citrix ADC. |
Use this method to get the parameters of the specified DNS zone, along with information about the types of resource records available for each domain name in the zone. If no zone name is specified, just the parameters are shown, for all configured zones. |
Use this method to import the DNSSEC key. |
Use this method to rename a dns policy label. |
Use this method to removes an IPv6 address from a AAAA address record. The associated domain name must be specified. For EDNS Client Subnet (ECS) records, a subnet needs to be specified to remove an IPV6 address from a AAAA address record which is cached for that particular subnet. If no IPv6 address is specified, all AAAA records that belong to the specified domain name are removed. |
Use this method to removes a dns Action. |
Use this method to removes a dns64 Action. |
Use this method to removes an IPv4 address from an address record. The associated domain name must be specified. For EDNS Client Subnet (ECS) records, a subnet needs to be specified to remove an IPV4 address from an address record which is cached for that particular subnet. If no IPv4 address is specified, all records that belong to the specified domain name are removed. |
Use this method to removes the specified CAA record from the specified domain. For EDNS Client Subnet (ECS) records, a subnet needs to be specified to remove a CAA record which is cached for that particular subnet. |
Use this method to removes a canonical name (CNAME) record. For EDNS Client Subnet (ECS) records, a subnet needs to be specified to remove a CNAME record which is cached for that particular subnet |
Use this method to removes a DNS key. |
Use this method to removes the specified mail exchange (MX) record from the specified domain. For EDNS Client Subnet (ECS) records, a subnet needs to be specified to remove the specified mail exchange (MX) record which is cached for that particular subnet |
Use this method to removes a name server from the Citrix ADC. If the name server is an IP-address based external name server, the name server entry is removed. If the name server is a DNS virtual server on the appliance, the virtual server is not removed, but it is no longer used to resolve domain names. |
Use this method to removes the specified NAPTR record from the specified domain. For EDNS Client Subnet (ECS) records, a subnet needs to be specified to remove a NAPTR record which is cached for that particular subnet |
Use this method to removes the specified name server record from the specified domain. For EDNS Client Subnet (ECS) records, a subnet needs to be specified to remove the specified name server record from the specified domain which is cached for that particular subnet |
Use this method to removes a DNS policy. |
Use this method to removes a DNS64 Policy. |
Use this method to remove a dns policy label. |
Use this method to removes the specified DNS profile from the Citrix ADC |
Use this method to removes a pointer (PTR) record for the specified domain name and reverse domain name. For EDNS Client Subnet (ECS) records, a subnet needs to be specified to remove a PTR record for the specified domain name and reverse domain name which is cached for that particular subnet |
Use this method to removes the Start of Authority (SOA) record for the specified domain name. For EDNS Client Subnet (ECS) records, a subnet needs to be specified to remove the SOA record which is cached for that particular subnet |
Use this method to removes, from the specified domain, the SRV record created for the service provided by the specified target host. For EDNS Client Subnet (ECS) records, a subnet needsto be specified to remove the SRV record created for the service provided by the specified target host which is cached for that particular subnet |
Use this method to removes a DNS suffix. |
Use this method to removes the specified TXT record from the specified domain. For EDNS Client Subnet (ECS) records, a subnet needs to be specified to remove a TXT record which is cached for that particular subnet. |
Use this method to removes a DNS view. |
Use this method to removes a DNS zone from the Citrix ADC. |
Use this method to set name of the DNS profile to be associated with the transaction for which the action is chosen |
Use this method to set list of IP address to be returned in case of rewrite_response actiontype. They can be of IPV4 or IPV6 type. In case of set method We will remove all the IP address previously present in the action and will add new once given in set dns action method. |
Use this method to set the location list in priority order used for the given action. |
Use this method to set time to live, in seconds. |
Use this method to set the view name that must be used for the given action. |
Use this method to set the expression to select the criteria for eliminating the corresponding ipv6 addresses from the response. |
Use this method to set the expression to select the criteria for ipv4 addresses to be used for synthesis. Only if the mappedrule is evaluated to true the corresponding ipv4 address is used for synthesis using respective prefix, otherwise the A RR is discarded |
Use this method to set the dns64 prefix to be used if the after evaluating the rules |
Use this method to set flag to enable/disable key rollover automatically. Note: * Key name will be appended with _AR1 for successor key. For e.g. current key=k1, successor key=k1_AR1. * Key name can be truncated if current name length is more than 58 bytes to accomodate the suffix. |
Use this method to set time period for which to consider the key valid, after the key is used to sign a zone. |
Use this method to set time at which to generate notification of key expiration, specified as number of days, hours, or minutes before expiry. Must be less than the expiry period. The notification is an SNMP trap sent to an SNMP manager. To enable the appliance to send the trap, enable the DNSKEY-EXPIRY SNMP alarm. In case autorollover option is enabled, rollover for successor key will be intiated at this time. No notification trap will be sent. |
Use this method to set revoke the key. Note: This operation is non-reversible. |
Use this method to set method used for automatic rollover. * Key type: ZSK, Method: PrePublication or DoubleSignature. * Key type: KSK, Method: DoubleRRSet. |
Use this method to set time to Live (TTL), in seconds, for the DNSKEY resource record created in the zone. TTL is the time for which the record must be cached by the DNS proxies. If the TTL is not specified, either the DNS zone's minimum TTL or the default value of 3600 is used. |
Use this method to set priority number to assign to the mail exchange server. A domain name can have multiple mail servers, with a priority number assigned to each server. The lower the priority number, the higher the mail server's priority. When other mail servers have to deliver mail to the specified domain, they begin with the mail server with the lowest priority number, and use other configured mail servers, in priority order, as backups. |
Use this method to set time to Live (TTL), in seconds, for the record. TTL is the time for which the record must be cached by DNS proxies. The specified TTL is applied to all the resource records that are of the same record type and belong to the specified domain name. For example, if you add an address record, with a TTL of 36000, to the domain name example.com, the TTLs of all the address records of example.com are changed to 36000. If the TTL is not specified, the Citrix ADC uses either the DNS zone's minimum TTL or, if the SOA record is not available on the appliance, the default value of 3600. |
Use this method to set name of the DNS profile to be associated with the name server |
Use this method to set flag to enable/disable saving of rollover operations executed automatically to avoid config loss. Applicable only when autorollover option is enabled on a key. Note: when you enable this, full configuration will be saved |
Use this method to set cache ECS responses with a Scope Prefix length of zero. Such a cached response will be used for all queries with this domain name and any subnet. When disabled, ECS responses with Scope Prefix length of zero will be cached, but not tied to any subnet. This option has no effect if caching of ECS responses is disabled in the corresponding DNS profile. |
Use this method to set this parameter is applicable only in proxy mode and if this parameter is enabled we will forward all the client requests to the backend DNS server and the response served will be cached on Citrix ADC |
Use this method to set if this flag is set to YES, the existing entries in cache do not age out. On reaching the max limit the cache records are frozen |
Use this method to set cache resource records in the DNS cache. Applies to resource records obtained through proxy configurations only. End resolver and forwarder configurations always cache records in the DNS cache, and you cannot disable this behavior. When you disable record caching, the appliance stops caching server responses. However, cached records are not flushed. The appliance does not serve requests from the cache until record caching is enabled again. NOTE: This attribute is deprecated. This is deprecated attribute. This attribute is now part of DNS profiles. |
Use this method to set while doing DNS64 resolution, this parameter specifies the time to wait before sending an A query if no response is received from backend DNS server for AAAA query. |
Use this method to set send a root referral if a client queries a domain name that is unrelated to the domains configured/cached on the Citrix ADC. If the setting is disabled, the appliance sends a blank response instead of a root referral. Applicable to domains for which the appliance is authoritative. Disable the parameter when the appliance is under attack from a client that is sending a flood of queries for unrelated domains. |
Use this method to set enable or disable the Domain Name System Security Extensions (DNSSEC) feature on the appliance. Note: Even when the DNSSEC feature is enabled, forwarder configurations (used by internal Citrix ADC features such as SSL VPN and Cache Redirection for name resolution) do not support the DNSSEC OK (DO) bit in the EDNS0 OPT header. |
Use this method to set maximum number of subnets that can be cached corresponding to a single domain. Subnet caching will occur for responses with EDNS Client Subnet (ECS) option. Caching of such responses can be disabled using DNS profile settings. A value of zero indicates that the number of subnets cached is limited only by existing memory constraints. The default value is zero. |
Use this method to set maximum memory, in megabytes, that can be used for dns caching per Packet Engine. |
Use this method to set maximum memory, in megabytes, that can be used for caching of negative DNS responses per packet engine. |
Use this method to set maximum time to live (TTL) for all negative records ( NXDONAIN and NODATA ) cached in the DNS cache by DNS proxy, end resolver, and forwarder configurations. If the TTL of a record that is to be cached is higher than the value configured for maxnegcacheTTL, the TTL of the record is set to the value of maxnegcacheTTL before caching. When you modify this setting, the new value is applied only to those records that are cached after the modification. The TTL values of existing records are not changed. |
Use this method to set maximum number of concurrent DNS requests to allow on a single client connection, which is identified by the |
Use this method to set maximum time to live (TTL) for all records cached in the DNS cache by DNS proxy, end resolver, and forwarder configurations. If the TTL of a record that is to be cached is higher than the value configured for maxTTL, the TTL of the record is set to the value of maxTTL before caching. When you modify this setting, the new value is applied only to those records that are cached after the modification. The TTL values of existing records are not changed. |
Use this method to set maximum UDP packet size that can be handled by Citrix ADC. This is the value advertised by Citrix ADC when responding as an authoritative server and it is also used when Citrix ADC queries other name servers as a forwarder. When acting as a proxy, requests from clients are limited by this parameter - if a request contains a size greater than this value in the OPT record, it will be replaced. |
Use this method to set minimum permissible time to live (TTL) for all records cached in the DNS cache by DNS proxy, end resolver, and forwarder configurations. If the TTL of a record that is to be cached is lower than the value configured for minTTL, the TTL of the record is set to the value of minTTL before caching. When you modify this setting, the new value is applied only to those records that are cached after the modification. The TTL values of existing records are not changed. |
Use this method to set type of lookup (DNS or WINS) to attempt first. If the first-priority lookup fails, the second-priority lookup is attempted. Used only by the SSL VPN feature. |
Use this method to set rate limit threshold for Non-Existant domain (NXDOMAIN) responses generated from Citrix ADC. Once the threshold is breached , DNS queries leading to NXDOMAIN response will be dropped. This threshold will not be applied for NXDOMAIN responses got from the backend. The threshold will be applied per packet engine and per second. |
Use this method to set function as an end resolver and recursively resolve queries for domains that are not hosted on the Citrix ADC. Also resolve queries recursively when the external name servers configured on the appliance (for a forwarder configuration) are unavailable. When external name servers are unavailable, the appliance queries a root server and resolves the request recursively, as it does for an end resolver configuration. This parameter will be effective only for queries recieved on nameserver with local flag. To enable recursion for queries recieved through ADNS service , CS vserver and LB vserver it is recommended to use recursiveResolution parameter on DNS profile. |
Use this method to set type of DNS queries (A, AAAA, or both) to generate during the routine functioning of certain Citrix ADC features, such as SSL VPN, cache redirection, and the integrated cache. The queries are sent to the external name servers that are configured for the forwarder function. If you specify both query types, you can also specify the order. Available settings function as follows: * OnlyAQuery. Send queries for IPv4 address records (A records) only. * OnlyAAAAQuery. Send queries for IPv6 address records (AAAA records) instead of queries for IPv4 address records (A records). * AThenAAAAQuery. Send a query for an A record, and then send a query for an AAAA record if the query for the A record results in a NODATA response from the name server. * AAAAThenAQuery. Send a query for an AAAA record, and then send a query for an A record if the query for the AAAA record results in a NODATA response from the name server. |
Use this method to set maximum number of active concurrent DNS resolutions per Packet Engine |
Use this method to set maximum DNS-TCP connections opened for recursive resolution per Packet Engine |
Use this method to set maximum wait time in seconds for the response on DNS-TCP connection for recursive resolution per Packet Engine |
Use this method to set maximum number of retry attempts when no response is received for a query sent to a name server. Applies to end resolver and forwarder configurations. |
Use this method to set processing requests split across multiple packets |
Use this method to set flag to enable/disable DNS zones configuration transfer to remote GSLB site nodes |
Use this method to set name of the DNS action to perform when the rule evaluates to TRUE. The built in actions function as follows: * dns_default_act_Drop. Drop the DNS request. * dns_default_act_Cachebypass. Bypass the DNS cache and forward the request to the name server. You can create custom actions by using the add dns action method in the CLI or the DNS > Actions > Create DNS Action dialog box in the Citrix ADC configuration utility. |
Use this method to set by pass dns cache for this. NOTE: This attribute is deprecated. This is deprecated attribute. Please use -actionName |
Use this method to set the dns packet must be dropped. NOTE: This attribute is deprecated. This is deprecated attribute. Please use -actionName |
Use this method to set name of the messagelog action to use for requests that match this policy. |
Use this method to set the location used for the given policy. This is deprecated attribute. Please use -prefLocList NOTE: This attribute is deprecated. This is deprecated attribute. Please use -actionName |
Use this method to set the location list in priority order used for the given policy. NOTE: This attribute is deprecated. This is deprecated attribute. Please use -actionName |
Use this method to set expression against which DNS traffic is evaluated. Note: * On the method line interface, if the expression includes blank spaces, the entire expression must be enclosed in double quotation marks. * If the expression itself includes double quotation marks, you must escape the quotations by using the character. * Alternatively, you can use single quotation marks to enclose the rule, in which case you do not have to escape the double quotation marks. Example: CLIENT.UDP.DNS.DOMAIN.EQ("domainname") |
Use this method to set the view name that must be used for the given policy NOTE: This attribute is deprecated. This is deprecated attribute. Please use -actionName |
Use this method to set name of the DNS64 action to perform when the rule evaluates to TRUE. The built in actions function as follows: * A default dns64 action with prefix You can create custom actions by using the add dns action method in the CLI or the DNS64 > Actions > Create DNS64 Action dialog box in the Citrix ADC configuration utility. |
Use this method to set expression against which DNS traffic is evaluated. Note: * On the method line interface, if the expression includes blank spaces, the entire expression must be enclosed in double quotation marks. * If the expression itself includes double quotation marks, you must escape the quotations by using the character. * Alternatively, you can use single quotation marks to enclose the rule, in which case you do not have to escape the double quotation marks. Example: CLIENT.IP.SRC.IN_SUBENT(23.34.0.0/16) |
Use this method to set cache DNS responses with EDNS Client Subnet(ECS) option in the DNS cache. When disabled, the appliance stops caching responses with ECS option. This is relevant to proxy configuration. Enabling/disabling support of ECS option when Citrix ADC is authoritative for a GSLB domain is supported using a knob in GSLB vserver. In all other modes, ECS option is ignored. |
Use this method to set cache negative responses in the DNS cache. When disabled, the appliance stops caching negative responses except referral records. This applies to all configurations - proxy, end resolver, and forwarder. However, cached responses are not flushed. The appliance does not serve negative responses from the cache until this parameter is enabled again. |
Use this method to set cache resource records in the DNS cache. Applies to resource records obtained through proxy configurations only. End resolver and forwarder configurations always cache records in the DNS cache, and you cannot disable this behavior. When you disable record caching, the appliance stops caching server responses. However, cached records are not flushed. The appliance does not serve requests from the cache until record caching is enabled again. |
Use this method to set dNS answer section; if enabled, answer section in the response will be logged. |
Use this method to set dNS error logging; if enabled, whenever error is encountered in DNS module reason for the error will be logged. |
Use this method to set dNS extended logging; if enabled, authority and additional section in the response will be logged. |
Use this method to set dNS query logging; if enabled, DNS query information such as DNS query id, DNS query flags , DNS domain name and DNS query type will be logged |
Use this method to set drop the DNS requests containing multiple queries. When enabled, DNS requests containing multiple queries will be dropped. In case of proxy configuration by default the DNS request containing multiple queries is forwarded to the backend and in case of ADNS and Resolver configuration NOCODE error response will be sent to the client. |
Use this method to set insert ECS Option on DNS query |
Use this method to set the maximum ecs prefix length that will be cached |
Use this method to set the maximum ecs prefix length that will be cached for IPv6 subnets |
Use this method to set dNS recursive resolution; if enabled, will do recursive resolution for DNS query when the profile is associated with ADNS service, CS Vserver and DNS action |
Use this method to set replace ECS Option on DNS query |
Use this method to set email address of the contact to whom domain issues can be addressed. In the email address, replace the @ sign with a period (.). For example, enter domainadmin.example.com instead of domainadmin@example.com. |
Use this method to set time, in seconds, after which the zone data on a secondary name server can no longer be considered authoritative because all refresh and retry attempts made during the period have failed. After the expiry period, the secondary server stops serving the zone. Typically one week. Not used by the primary server. |
Use this method to set default time to live (TTL) for all records in the zone. Can be overridden for individual records. |
Use this method to set domain name of the name server that responds authoritatively for the domain. |
Use this method to set time, in seconds, for which a secondary server must wait between successive checks on the value of the serial number. |
Use this method to set time, in seconds, between retries if a secondary server's attempt to contact the primary server for a zone refresh fails. |
Use this method to set the secondary server uses this parameter to determine whether it requires a zone transfer from the primary server. |
Use this method to set time to Live (TTL), in seconds, for the record. TTL is the time for which the record must be cached by DNS proxies. The specified TTL is applied to all the resource records that are of the same record type and belong to the specified domain name. For example, if you add an address record, with a TTL of 36000, to the domain name example.com, the TTLs of all the address records of example.com are changed to 36000. If the TTL is not specified, the Citrix ADC uses either the DNS zone's minimum TTL or, if the SOA record is not available on the appliance, the default value of 3600. |
Use this method to set port on which the target host listens for client requests. |
Use this method to set integer specifying the priority of the target host. The lower the number, the higher the priority. If multiple target hosts have the same priority, selection is based on the Weight parameter. |
Use this method to set time to Live (TTL), in seconds, for the record. TTL is the time for which the record must be cached by DNS proxies. The specified TTL is applied to all the resource records that are of the same record type and belong to the specified domain name. For example, if you add an address record, with a TTL of 36000, to the domain name example.com, the TTLs of all the address records of example.com are changed to 36000. If the TTL is not specified, the Citrix ADC uses either the DNS zone's minimum TTL or, if the SOA record is not available on the appliance, the default value of 3600. |
Use this method to set weight for the target host. Aids host selection when two or more hosts have the same priority. A larger number indicates greater weight. |
Use this method to set deploy the zone in proxy mode. Enable in the following scenarios: * The load balanced DNS servers are authoritative for the zone and all resource records that are part of the zone. * The load balanced DNS servers are authoritative for the zone, but the Citrix ADC owns a subset of the resource records that belong to the zone (partial zone ownership configuration). Typically seen in global server load balancing (GSLB) configurations, in which the appliance responds authoritatively to queries for GSLB domain names but forwards queries for other domain names in the zone to the load balanced servers. In either scenario, do not create the zone's Start of Authority (SOA) and name server (NS) resource records on the appliance. Disable if the appliance is authoritative for the zone, but make sure that you have created the SOA and NS records on the appliance before you create the zone. |
Use this method to signs a DNS zone with a DNS key. Before you sign a zone, make sure that you've enabled DNSSEC by setting the global DNS parameter "Enable DNSSEC extension." |
Use this method to unbind policy from dns global. |
Use this method to unbind policy from dns policylabel. |
Use this method to unbind priority from dns policylabel. |
Remove dns action dnsprofile setting. |
Remove dns action ttl setting. |
Remove dns action64 excluderule setting. |
Remove dns action64 mappedrule setting. |
Remove dns action64 prefix setting. |
Remove dns key autorollover setting. |
Remove dns key expires setting. |
Remove dns key notificationperiod setting. |
Remove dns key rollovermethod setting. |
Remove dns key ttl setting. |
Remove dns key units setting. |
Remove dns key units setting. |
Remove dns mxRec ttl setting. |
Remove dns nameServer dnsprofile setting. |
Remove dns parameter autosavekeyops setting. |
Remove dns parameter cacheecszeroprefix setting. |
Remove dns parameter cachehitbypass setting. |
Remove dns parameter cachenoexpire setting. |
Remove dns parameter cacherecords setting. |
Remove dns parameter dns64timeout setting. |
Remove dns parameter dnsrootreferral setting. |
Remove dns parameter dnssec setting. |
Remove dns parameter ecsmaxsubnets setting. |
Remove dns parameter maxcachesize setting. |
Remove dns parameter maxnegativecachesize setting. |
Remove dns parameter maxnegcachettl setting. |
Remove dns parameter maxpipeline setting. |
Remove dns parameter maxttl setting. |
Remove dns parameter maxudppacketsize setting. |
Remove dns parameter minttl setting. |
Remove dns parameter namelookuppriority setting. |
Remove dns parameter nxdomainratelimitthreshold setting. |
Remove dns parameter recursion setting. |
Remove dns parameter resolutionorder setting. |
Remove dns parameter resolvermaxactiveresolutions setting. |
Remove dns parameter resolvermaxtcpconnections setting. |
Remove dns parameter resolvermaxtcptimeout setting. |
Remove dns parameter retries setting. |
Remove dns parameter splitpktqueryprocessing setting. |
Remove dns parameter zonetransfer setting. |
Remove dns policy logaction setting. |
Remove dns profile cacheecsresponses setting. |
Remove dns profile cachenegativeresponses setting. |
Remove dns profile cacherecords setting. |
Remove dns profile dnsanswerseclogging setting. |
Remove dns profile dnserrorlogging setting. |
Remove dns profile dnsextendedlogging setting. |
Remove dns profile dnsquerylogging setting. |
Remove dns profile dropmultiqueryrequest setting. |
Remove dns profile insertecs setting. |
Remove dns profile maxcacheableecsprefixlength setting. |
Remove dns profile maxcacheableecsprefixlength6 setting. |
Remove dns profile recursiveresolution setting. |
Remove dns profile replaceecs setting. |
Remove dns soaRec expire setting. |
Remove dns soaRec minimum setting. |
Remove dns soaRec refresh setting. |
Remove dns soaRec retry setting. |
Remove dns soaRec serial setting. |
Remove dns soaRec ttl setting. |
Remove dns srvRec ttl setting. |
Remove dns zone dnssecoffload setting. |
Remove dns zone nsec setting. |
Remove dns zone proxymode setting. |
Use this method to unsigns the specified DNS zone with the specified DNS key. |