Avi DnsPolicy Object API
CLI ``` - configure dnspolicy - show dnspolicy ```
Contact Info: support@avinetworks.com
Version: 20.1.9
BasePath:/api
All rights reserved
http://apache.org/licenses/LICENSE-2.0.html
Access
- HTTP Basic Authentication
[ Jump to Models ]
Table of Contents
get /dnspolicypost /dnspolicydelete /dnspolicy/{uuid}get /dnspolicy/{uuid}patch /dnspolicy/{uuid}put /dnspolicy/{uuid}
(dnspolicyGet)
Consumes
This API call consumes the following media types via the
Content-Type request header:
Query parameters
name (optional)
Query Parameter — object name
refers_to (optional)
Query Parameter — Filter to request all objects that refers to another Avi resource. Its syntax is refers_to=<obj_type>:<obj_uuid>. Eg. get all virtual services referring to pool p1 will be refers_to=pool:pool_p1_uuid
referred_by (optional)
Query Parameter — Filter to request all objects that are referred by another Avi resource. Its syntax is referred_by=<obj_type>:<obj_uuid>. Eg. get all pools referred_by virtual service vs1 - referred_by=virtualservice:vs_vs1_uuid
fields (optional)
Query Parameter — List of fields to be returned for the resource. Some fields like name, URL, uuid etc. are always returned.
include_name (optional)
Query Parameter — All the Avi REST reference URIs have a name suffix as URI#name. It is useful to get the referenced resource name without performing get on that object.
skip_default (optional)
Query Parameter — Default values are not set.
join_subresources (optional)
Query Parameter — It automatically returns additional dependent resources like runtime. Eg. join_subresources=runtime.
Return type
Example data
Content-Type: application/json
{
"next" : "aeiou",
"count" : 123,
"results" : [ {
"tenant_ref" : "aeiou",
"name" : "aeiou",
"description" : "aeiou",
"rule" : [ {
"log" : true,
"enable" : true,
"match" : {
"protocol" : {
"match_criteria" : "aeiou",
"protocol" : "aeiou"
},
"geo_location" : {
"match_criteria" : "aeiou",
"geolocation_tag" : "aeiou",
"geolocation_name" : "aeiou",
"use_edns_client_subnet_ip" : true
},
"query_name" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"query_domain_names" : [ "aeiou" ]
},
"client_ip" : {
"group_refs" : [ "aeiou" ],
"match_criteria" : "aeiou",
"prefixes" : [ {
"ip_addr" : "",
"mask" : 123
} ],
"ranges" : [ {
"end" : "",
"begin" : ""
} ],
"addrs" : [ "" ]
},
"client_ip_address" : {
"use_edns_client_subnet_ip" : true,
"client_ip" : ""
},
"query_type" : {
"match_criteria" : "aeiou",
"query_type" : [ "aeiou" ]
}
},
"name" : "aeiou",
"action" : {
"allow" : {
"allow" : true,
"reset_conn" : true
},
"pool_switching" : {
"pool_ref" : "aeiou",
"pool_group_ref" : "aeiou"
},
"dns_rate_limiter" : {
"rate_limiter_object" : {
"period" : 123,
"count" : 123,
"name" : "aeiou",
"burst_sz" : 123
},
"action" : ""
},
"gslb_site_selection" : {
"site_name" : "aeiou",
"fallback_site_names" : [ "aeiou" ],
"is_site_preferred" : true
},
"response" : {
"authoritative" : true,
"rcode" : "aeiou",
"resource_record_sets" : [ {
"section" : "aeiou",
"resource_record_set" : {
"nses" : [ {
"ip6_address" : "",
"ip_address" : "",
"nsname" : "aeiou"
} ],
"fqdn" : "aeiou",
"ip_addresses" : [ {
"ip_address" : ""
} ],
"ip6_addresses" : [ {
"ip6_address" : {
"addr" : "aeiou",
"type" : "aeiou"
}
} ],
"cname" : {
"cname" : "aeiou"
},
"type" : "aeiou",
"ttl" : 123
}
} ],
"truncation" : true
},
"dns_rate_limit" : {
"period" : 123,
"count" : 123,
"action" : {
"type" : "aeiou"
},
"burst_size" : 123,
"fine_grain" : true
}
},
"index" : 123
} ],
"markers" : [ {
"values" : [ "aeiou" ],
"key" : "aeiou"
} ],
"created_by" : "aeiou",
"uuid" : "aeiou",
"url" : "aeiou",
"_last_modified" : "aeiou",
"labels" : [ {
"value" : "aeiou",
"key" : "aeiou"
} ]
} ]
}
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
200
OK
DnsPolicyApiResponse
401
log in failed
(dnspolicyPost)
Consumes
This API call consumes the following media types via the
Content-Type request header:
Request body
body (required)
Body Parameter — DnsPolicy object creation
Return type
Example data
Content-Type: application/json
{
"tenant_ref" : "aeiou",
"name" : "aeiou",
"description" : "aeiou",
"rule" : [ {
"log" : true,
"enable" : true,
"match" : {
"protocol" : {
"match_criteria" : "aeiou",
"protocol" : "aeiou"
},
"geo_location" : {
"match_criteria" : "aeiou",
"geolocation_tag" : "aeiou",
"geolocation_name" : "aeiou",
"use_edns_client_subnet_ip" : true
},
"query_name" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"query_domain_names" : [ "aeiou" ]
},
"client_ip" : {
"group_refs" : [ "aeiou" ],
"match_criteria" : "aeiou",
"prefixes" : [ {
"ip_addr" : "",
"mask" : 123
} ],
"ranges" : [ {
"end" : "",
"begin" : ""
} ],
"addrs" : [ "" ]
},
"client_ip_address" : {
"use_edns_client_subnet_ip" : true,
"client_ip" : ""
},
"query_type" : {
"match_criteria" : "aeiou",
"query_type" : [ "aeiou" ]
}
},
"name" : "aeiou",
"action" : {
"allow" : {
"allow" : true,
"reset_conn" : true
},
"pool_switching" : {
"pool_ref" : "aeiou",
"pool_group_ref" : "aeiou"
},
"dns_rate_limiter" : {
"rate_limiter_object" : {
"period" : 123,
"count" : 123,
"name" : "aeiou",
"burst_sz" : 123
},
"action" : ""
},
"gslb_site_selection" : {
"site_name" : "aeiou",
"fallback_site_names" : [ "aeiou" ],
"is_site_preferred" : true
},
"response" : {
"authoritative" : true,
"rcode" : "aeiou",
"resource_record_sets" : [ {
"section" : "aeiou",
"resource_record_set" : {
"nses" : [ {
"ip6_address" : "",
"ip_address" : "",
"nsname" : "aeiou"
} ],
"fqdn" : "aeiou",
"ip_addresses" : [ {
"ip_address" : ""
} ],
"ip6_addresses" : [ {
"ip6_address" : {
"addr" : "aeiou",
"type" : "aeiou"
}
} ],
"cname" : {
"cname" : "aeiou"
},
"type" : "aeiou",
"ttl" : 123
}
} ],
"truncation" : true
},
"dns_rate_limit" : {
"period" : 123,
"count" : 123,
"action" : {
"type" : "aeiou"
},
"burst_size" : 123,
"fine_grain" : true
}
},
"index" : 123
} ],
"markers" : [ {
"values" : [ "aeiou" ],
"key" : "aeiou"
} ],
"created_by" : "aeiou",
"uuid" : "aeiou",
"url" : "aeiou",
"_last_modified" : "aeiou",
"labels" : [ {
"value" : "aeiou",
"key" : "aeiou"
} ]
}
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
200
OK
DnsPolicy
401
log in failed
Up
delete /dnspolicy/{uuid}
(dnspolicyUuidDelete)
Path parameters
uuid (required)
Path Parameter — UUID of the object to fetch
Consumes
This API call consumes the following media types via the
Content-Type request header:
Query parameters
name (optional)
Query Parameter — object name
Return type
String
Example data
Content-Type: application/json
"aeiou"
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
204
object deleted
String
404
not found
(dnspolicyUuidGet)
Path parameters
uuid (required)
Path Parameter — UUID of the object to fetch
Consumes
This API call consumes the following media types via the
Content-Type request header:
Query parameters
name (optional)
Query Parameter — object name
fields (optional)
Query Parameter — List of fields to be returned for the resource. Some fields like name, URL, uuid etc. are always returned.
include_name (optional)
Query Parameter — All the Avi REST reference URIs have a name suffix as URI#name. It is useful to get the referenced resource name without performing get on that object.
skip_default (optional)
Query Parameter — Default values are not set.
join_subresources (optional)
Query Parameter — It automatically returns additional dependent resources like runtime. Eg. join_subresources=runtime.
Return type
Example data
Content-Type: application/json
{
"tenant_ref" : "aeiou",
"name" : "aeiou",
"description" : "aeiou",
"rule" : [ {
"log" : true,
"enable" : true,
"match" : {
"protocol" : {
"match_criteria" : "aeiou",
"protocol" : "aeiou"
},
"geo_location" : {
"match_criteria" : "aeiou",
"geolocation_tag" : "aeiou",
"geolocation_name" : "aeiou",
"use_edns_client_subnet_ip" : true
},
"query_name" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"query_domain_names" : [ "aeiou" ]
},
"client_ip" : {
"group_refs" : [ "aeiou" ],
"match_criteria" : "aeiou",
"prefixes" : [ {
"ip_addr" : "",
"mask" : 123
} ],
"ranges" : [ {
"end" : "",
"begin" : ""
} ],
"addrs" : [ "" ]
},
"client_ip_address" : {
"use_edns_client_subnet_ip" : true,
"client_ip" : ""
},
"query_type" : {
"match_criteria" : "aeiou",
"query_type" : [ "aeiou" ]
}
},
"name" : "aeiou",
"action" : {
"allow" : {
"allow" : true,
"reset_conn" : true
},
"pool_switching" : {
"pool_ref" : "aeiou",
"pool_group_ref" : "aeiou"
},
"dns_rate_limiter" : {
"rate_limiter_object" : {
"period" : 123,
"count" : 123,
"name" : "aeiou",
"burst_sz" : 123
},
"action" : ""
},
"gslb_site_selection" : {
"site_name" : "aeiou",
"fallback_site_names" : [ "aeiou" ],
"is_site_preferred" : true
},
"response" : {
"authoritative" : true,
"rcode" : "aeiou",
"resource_record_sets" : [ {
"section" : "aeiou",
"resource_record_set" : {
"nses" : [ {
"ip6_address" : "",
"ip_address" : "",
"nsname" : "aeiou"
} ],
"fqdn" : "aeiou",
"ip_addresses" : [ {
"ip_address" : ""
} ],
"ip6_addresses" : [ {
"ip6_address" : {
"addr" : "aeiou",
"type" : "aeiou"
}
} ],
"cname" : {
"cname" : "aeiou"
},
"type" : "aeiou",
"ttl" : 123
}
} ],
"truncation" : true
},
"dns_rate_limit" : {
"period" : 123,
"count" : 123,
"action" : {
"type" : "aeiou"
},
"burst_size" : 123,
"fine_grain" : true
}
},
"index" : 123
} ],
"markers" : [ {
"values" : [ "aeiou" ],
"key" : "aeiou"
} ],
"created_by" : "aeiou",
"uuid" : "aeiou",
"url" : "aeiou",
"_last_modified" : "aeiou",
"labels" : [ {
"value" : "aeiou",
"key" : "aeiou"
} ]
}
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
200
OK
DnsPolicy
401
log in failed
Up
patch /dnspolicy/{uuid}
(dnspolicyUuidPatch)
Path parameters
uuid (required)
Path Parameter — UUID of the object to fetch
Consumes
This API call consumes the following media types via the
Content-Type request header:
Request body
body (required)
Body Parameter — DnsPolicy object creation
Query parameters
name (optional)
Query Parameter — object name
Return type
Example data
Content-Type: application/json
{
"tenant_ref" : "aeiou",
"name" : "aeiou",
"description" : "aeiou",
"rule" : [ {
"log" : true,
"enable" : true,
"match" : {
"protocol" : {
"match_criteria" : "aeiou",
"protocol" : "aeiou"
},
"geo_location" : {
"match_criteria" : "aeiou",
"geolocation_tag" : "aeiou",
"geolocation_name" : "aeiou",
"use_edns_client_subnet_ip" : true
},
"query_name" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"query_domain_names" : [ "aeiou" ]
},
"client_ip" : {
"group_refs" : [ "aeiou" ],
"match_criteria" : "aeiou",
"prefixes" : [ {
"ip_addr" : "",
"mask" : 123
} ],
"ranges" : [ {
"end" : "",
"begin" : ""
} ],
"addrs" : [ "" ]
},
"client_ip_address" : {
"use_edns_client_subnet_ip" : true,
"client_ip" : ""
},
"query_type" : {
"match_criteria" : "aeiou",
"query_type" : [ "aeiou" ]
}
},
"name" : "aeiou",
"action" : {
"allow" : {
"allow" : true,
"reset_conn" : true
},
"pool_switching" : {
"pool_ref" : "aeiou",
"pool_group_ref" : "aeiou"
},
"dns_rate_limiter" : {
"rate_limiter_object" : {
"period" : 123,
"count" : 123,
"name" : "aeiou",
"burst_sz" : 123
},
"action" : ""
},
"gslb_site_selection" : {
"site_name" : "aeiou",
"fallback_site_names" : [ "aeiou" ],
"is_site_preferred" : true
},
"response" : {
"authoritative" : true,
"rcode" : "aeiou",
"resource_record_sets" : [ {
"section" : "aeiou",
"resource_record_set" : {
"nses" : [ {
"ip6_address" : "",
"ip_address" : "",
"nsname" : "aeiou"
} ],
"fqdn" : "aeiou",
"ip_addresses" : [ {
"ip_address" : ""
} ],
"ip6_addresses" : [ {
"ip6_address" : {
"addr" : "aeiou",
"type" : "aeiou"
}
} ],
"cname" : {
"cname" : "aeiou"
},
"type" : "aeiou",
"ttl" : 123
}
} ],
"truncation" : true
},
"dns_rate_limit" : {
"period" : 123,
"count" : 123,
"action" : {
"type" : "aeiou"
},
"burst_size" : 123,
"fine_grain" : true
}
},
"index" : 123
} ],
"markers" : [ {
"values" : [ "aeiou" ],
"key" : "aeiou"
} ],
"created_by" : "aeiou",
"uuid" : "aeiou",
"url" : "aeiou",
"_last_modified" : "aeiou",
"labels" : [ {
"value" : "aeiou",
"key" : "aeiou"
} ]
}
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
200
OK
DnsPolicy
401
log in failed
(dnspolicyUuidPut)
Path parameters
uuid (required)
Path Parameter — UUID of the object to fetch
Consumes
This API call consumes the following media types via the
Content-Type request header:
Request body
body (required)
Body Parameter — DnsPolicy object creation
Query parameters
name (optional)
Query Parameter — object name
Return type
Example data
Content-Type: application/json
{
"tenant_ref" : "aeiou",
"name" : "aeiou",
"description" : "aeiou",
"rule" : [ {
"log" : true,
"enable" : true,
"match" : {
"protocol" : {
"match_criteria" : "aeiou",
"protocol" : "aeiou"
},
"geo_location" : {
"match_criteria" : "aeiou",
"geolocation_tag" : "aeiou",
"geolocation_name" : "aeiou",
"use_edns_client_subnet_ip" : true
},
"query_name" : {
"match_criteria" : "aeiou",
"string_group_refs" : [ "aeiou" ],
"query_domain_names" : [ "aeiou" ]
},
"client_ip" : {
"group_refs" : [ "aeiou" ],
"match_criteria" : "aeiou",
"prefixes" : [ {
"ip_addr" : "",
"mask" : 123
} ],
"ranges" : [ {
"end" : "",
"begin" : ""
} ],
"addrs" : [ "" ]
},
"client_ip_address" : {
"use_edns_client_subnet_ip" : true,
"client_ip" : ""
},
"query_type" : {
"match_criteria" : "aeiou",
"query_type" : [ "aeiou" ]
}
},
"name" : "aeiou",
"action" : {
"allow" : {
"allow" : true,
"reset_conn" : true
},
"pool_switching" : {
"pool_ref" : "aeiou",
"pool_group_ref" : "aeiou"
},
"dns_rate_limiter" : {
"rate_limiter_object" : {
"period" : 123,
"count" : 123,
"name" : "aeiou",
"burst_sz" : 123
},
"action" : ""
},
"gslb_site_selection" : {
"site_name" : "aeiou",
"fallback_site_names" : [ "aeiou" ],
"is_site_preferred" : true
},
"response" : {
"authoritative" : true,
"rcode" : "aeiou",
"resource_record_sets" : [ {
"section" : "aeiou",
"resource_record_set" : {
"nses" : [ {
"ip6_address" : "",
"ip_address" : "",
"nsname" : "aeiou"
} ],
"fqdn" : "aeiou",
"ip_addresses" : [ {
"ip_address" : ""
} ],
"ip6_addresses" : [ {
"ip6_address" : {
"addr" : "aeiou",
"type" : "aeiou"
}
} ],
"cname" : {
"cname" : "aeiou"
},
"type" : "aeiou",
"ttl" : 123
}
} ],
"truncation" : true
},
"dns_rate_limit" : {
"period" : 123,
"count" : 123,
"action" : {
"type" : "aeiou"
},
"burst_size" : 123,
"fine_grain" : true
}
},
"index" : 123
} ],
"markers" : [ {
"values" : [ "aeiou" ],
"key" : "aeiou"
} ],
"created_by" : "aeiou",
"uuid" : "aeiou",
"url" : "aeiou",
"_last_modified" : "aeiou",
"labels" : [ {
"value" : "aeiou",
"key" : "aeiou"
} ]
}
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the
Content-Type response header.
Responses
200
OK
DnsPolicy
401
log in failed
[ Jump to Methods ]
Table of Contents
DnsAAAARdataDnsARdataDnsClientIpMatchDnsCnameRdataDnsGeoLocationMatchDnsNsRdataDnsPolicyDnsPolicyApiResponseDnsQueryNameMatchDnsQueryTypeMatchDnsRateLimiterDnsRateProfileDnsRrSetDnsRuleDnsRuleActionDnsRuleActionAllowDropDnsRuleActionGslbSiteSelectionDnsRuleActionPoolSwitchingDnsRuleActionResponseDnsRuleDnsRrSetDnsRuleMatchTargetDnsRuleRLActionDnsTransportProtocolMatchIpAddrIpAddrMatchIpAddrPrefixIpAddrRangeKeyValueRateLimiterRoleFilterMatchLabel
ip6_address
IpAddr IPv6 address for FQDN. Field introduced in 18.1.1.
client_ip
IpAddrMatch IP addresses to match against client IP. Field introduced in 17.1.6,17.2.2.
use_edns_client_subnet_ip (optional)
Boolean Use the IP address from the EDNS client subnet option, if available, as the source IP address of the client. It should be noted that the edns subnet IP may not be a /32 IP address. Field introduced in 17.1.6,17.2.2.
geolocation_name (optional)
String Geographical location of the client IP to be used in the match. This location is of the format Country/State/City e.g. US/CA/Santa Clara. Field introduced in 17.1.5.
geolocation_tag (optional)
String Geolocation tag for the client IP. This could be any string value for the client IP, e.g. client IPs from US East Coast geolocation would be tagged as 'East Coast'. Field introduced in 17.1.5.
match_criteria
String Criterion to use for matching the client IP's geographical location. Enum options - IS_IN, IS_NOT_IN. Field introduced in 17.1.5.
use_edns_client_subnet_ip (optional)
Boolean Use the IP address from the EDNS client subnet option, if available, to derive geo location of the DNS query. Field introduced in 17.1.5.
ip6_address (optional)
IpAddr IPv6 address for Name Server. Field introduced in 18.1.1.
ip_address (optional)
IpAddr IP address for Name Server. Field introduced in 17.1.1.
nsname
String Name Server name. Field introduced in 17.1.1.
_last_modified (optional)
String UNIX time since epoch in microseconds. Units(MICROSECONDS).
created_by (optional)
String Creator name. Field introduced in 17.1.1.
description (optional)
String Field introduced in 17.1.1.
labels (optional)
array[KeyValue] Key value pairs for granular object access control. Also allows for classification and tagging of similar objects. Field deprecated in 20.1.5. Field introduced in 20.1.2. Maximum of 4 items allowed.
markers (optional)
array[RoleFilterMatchLabel] List of labels to be used for granular RBAC. Field introduced in 20.1.5. Allowed in Basic edition, Essentials edition, Enterprise edition.
name
String Name of the DNS Policy. Field introduced in 17.1.1.
rule (optional)
tenant_ref (optional)
String It is a reference to an object of type Tenant. Field introduced in 17.1.1.
url (optional)
uuid (optional)
String UUID of the DNS Policy. Field introduced in 17.1.1.
count
results
next (optional)
match_criteria
String Criterion to use for string matching the DNS query domain name in the question section. Enum options - BEGINS_WITH, DOES_NOT_BEGIN_WITH, CONTAINS, DOES_NOT_CONTAIN, ENDS_WITH, DOES_NOT_END_WITH, EQUALS, DOES_NOT_EQUAL, REGEX_MATCH, REGEX_DOES_NOT_MATCH. Field introduced in 17.1.1. Allowed in Basic(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Essentials(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Enterprise edition.
query_domain_names (optional)
array[String] Domain name to match against that specified in the question section of the DNS query. Field introduced in 17.1.1.
string_group_refs (optional)
array[String] UUID of the string group(s) for matching against DNS query domain name in the question section. It is a reference to an object of type StringGroup. Field introduced in 17.1.1.
match_criteria
String Criterion to use for matching the DNS query typein the question section. Enum options - IS_IN, IS_NOT_IN. Field introduced in 17.1.1.
query_type (optional)
array[String] DNS query types in the request query . Enum options - DNS_RECORD_OTHER, DNS_RECORD_A, DNS_RECORD_NS, DNS_RECORD_CNAME, DNS_RECORD_SOA, DNS_RECORD_PTR, DNS_RECORD_HINFO, DNS_RECORD_MX, DNS_RECORD_TXT, DNS_RECORD_RP, DNS_RECORD_DNSKEY, DNS_RECORD_AAAA, DNS_RECORD_SRV, DNS_RECORD_OPT, DNS_RECORD_RRSIG, DNS_RECORD_AXFR, DNS_RECORD_ANY. Field introduced in 17.1.1.
action
DnsRuleRLAction Action to perform upon rate limiting. Field introduced in 20.1.1.
rate_limiter_object
RateLimiter Rate limiting object. Field introduced in 20.1.1.
action
DnsRuleRLAction Action to perform upon rate limiting. Field deprecated in 20.1.1. Field introduced in 18.2.5.
burst_size (optional)
Integer Maximum number of connections or requests or packets to be rate limited instantaneously. Field deprecated in 20.1.1. Field introduced in 18.2.5. format: int32
count (optional)
Integer Maximum number of connections or requests or packets per second. It is deprecated because of adoption of new shared rate limiter protobuf. Allowed values are 1-4294967295. Special values are 0- 'unlimited'. Field deprecated in 20.1.1. Field introduced in 18.2.5. format: int32
fine_grain (optional)
Boolean Enable fine granularity. Field deprecated in 20.1.1. Field introduced in 18.2.5.
period (optional)
Integer Time value in seconds to enforce rate count. Allowed values are 1-300. Field deprecated in 20.1.1. Field introduced in 18.2.5. Unit is SEC. format: int32
cname (optional)
DnsCnameRdata Canonical name in CNAME record. Field introduced in 17.2.12, 18.1.2.
fqdn
String Fully Qualified Domain Name. Field introduced in 17.2.12, 18.1.2.
ip6_addresses (optional)
ip_addresses (optional)
nses (optional)
array[DnsNsRdata] Name Server information in NS record. Field introduced in 17.2.12, 18.1.2.
ttl
Integer Time To Live for this DNS record. Allowed values are 0-2147483647. Field introduced in 17.2.12, 18.1.2. format: int32
type
String DNS record type. Enum options - DNS_RECORD_OTHER, DNS_RECORD_A, DNS_RECORD_NS, DNS_RECORD_CNAME, DNS_RECORD_SOA, DNS_RECORD_PTR, DNS_RECORD_HINFO, DNS_RECORD_MX, DNS_RECORD_TXT, DNS_RECORD_RP, DNS_RECORD_DNSKEY, DNS_RECORD_AAAA, DNS_RECORD_SRV, DNS_RECORD_OPT, DNS_RECORD_RRSIG, DNS_RECORD_AXFR, DNS_RECORD_ANY. Field introduced in 17.2.12, 18.1.2.
action (optional)
DnsRuleAction Action to be performed upon successful matching. Field introduced in 17.1.1.
enable (optional)
Boolean Enable or disable the rule. Field introduced in 17.1.1.
index
Integer Index of the rule. Field introduced in 17.1.1. format: int32
log (optional)
Boolean Log DNS query upon rule match. Field introduced in 17.1.1.
match (optional)
name
String Name of the rule. Field introduced in 17.1.1.
allow (optional)
dns_rate_limit (optional)
DnsRateProfile Rate limits the DNS requests. Field deprecated in 20.1.1. Field introduced in 18.2.5.
dns_rate_limiter (optional)
DnsRateLimiter Rate limits the DNS requests. Field introduced in 20.1.1.
gslb_site_selection (optional)
DnsRuleActionGslbSiteSelection Select a specific GSLB site for the DNS query. This action should be used only when GSLB services have been configured for the DNS virtual service. Field introduced in 17.1.5.
pool_switching (optional)
DnsRuleActionPoolSwitching Select a pool or pool group for the passthrough DNS query which cannot be served locally but could be served by upstream servers. Field introduced in 18.1.3, 17.2.12.
response (optional)
allow (optional)
Boolean Allow the DNS query. Field introduced in 17.1.1.
reset_conn (optional)
Boolean Reset the TCP connection of the DNS query, if allow is set to false to drop the query. Field introduced in 17.1.1.
fallback_site_names (optional)
array[String] GSLB fallback sites to use in case the desired site is down. Field introduced in 17.2.5. Maximum of 64 items allowed.
is_site_preferred (optional)
Boolean When set to true, GSLB site is a preferred site. This setting comes into play when the site is down, as well as no configured fallback site is available (all fallback sites are also down), then any one available site is selected based on the default algorithm for GSLB pool member selection. Field introduced in 17.2.5.
site_name
String GSLB site name. Field introduced in 17.1.5.
pool_group_ref (optional)
String Reference of the pool group to serve the passthrough DNS query which cannot be served locally. It is a reference to an object of type PoolGroup. Field introduced in 18.1.3, 17.2.12.
pool_ref (optional)
String Reference of the pool to serve the passthrough DNS query which cannot be served locally. It is a reference to an object of type Pool. Field introduced in 18.1.3, 17.2.12.
authoritative (optional)
Boolean DNS response is authoritative. Field introduced in 17.1.1.
rcode (optional)
String DNS response code. Enum options - DNS_RCODE_NOERROR, DNS_RCODE_FORMERR, DNS_RCODE_SERVFAIL, DNS_RCODE_NXDOMAIN, DNS_RCODE_NOTIMP, DNS_RCODE_REFUSED, DNS_RCODE_YXDOMAIN, DNS_RCODE_YXRRSET, DNS_RCODE_NXRRSET, DNS_RCODE_NOTAUTH, DNS_RCODE_NOTZONE. Field introduced in 17.1.1.
resource_record_sets (optional)
array[DnsRuleDnsRrSet] DNS resource record sets - (resource record set share the DNS domain name, type, and class). Field introduced in 17.2.12, 18.1.2.
truncation (optional)
Boolean DNS response is truncated. Field introduced in 17.1.1.
resource_record_set
DnsRrSet DNS resource record set - (records in the resource record set share the DNS domain name, type, and class). Field introduced in 17.2.12, 18.1.2.
section (optional)
String DNS message section for the resource record set. Enum options - DNS_MESSAGE_SECTION_QUESTION, DNS_MESSAGE_SECTION_ANSWER, DNS_MESSAGE_SECTION_AUTHORITY, DNS_MESSAGE_SECTION_ADDITIONAL. Field introduced in 17.2.12, 18.1.2.
client_ip (optional)
IpAddrMatch IP addresses to match against client IP. From 17.1.6 release onwards, IP addresses needs to be configured in the client_ip_address field of this message. Field deprecated in 17.1.6,17.2.2. Field introduced in 17.1.1.
client_ip_address (optional)
DnsClientIpMatch IP addresses to match against client IP or the EDNS client subnet IP. Field introduced in 17.1.6,17.2.2.
geo_location (optional)
DnsGeoLocationMatch Geographical location attribute to match against that of the client IP. Field introduced in 17.1.5.
protocol (optional)
query_name (optional)
DnsQueryNameMatch Domain names to match against query name. Field introduced in 17.1.1.
query_type (optional)
DnsQueryTypeMatch DNS query types to match against request query type. Field introduced in 17.1.1.
type (optional)
String Type of action to be enforced upon hitting the rate limit. Enum options - DNS_RL_ACTION_NONE, DNS_RL_ACTION_DROP_REQ. Field introduced in 18.2.5.
match_criteria
String Criterion to use for matching the DNS transport protocol. Enum options - IS_IN, IS_NOT_IN. Field introduced in 17.1.1.
protocol
String Protocol to match against transport protocol used by DNS query. Enum options - DNS_OVER_UDP, DNS_OVER_TCP. Field introduced in 17.1.1.
addr
type
String Enum options - V4, DNS, V6.
addrs (optional)
group_refs (optional)
array[String] UUID of IP address group(s). It is a reference to an object of type IpAddrGroup.
match_criteria
String Criterion to use for IP address matching the HTTP request. Enum options - IS_IN, IS_NOT_IN.
prefixes (optional)
ranges (optional)
ip_addr
IpAddr Placeholder for description of property ip_addr of obj type IpAddrPrefix field type str type object
mask
Integer Number of mask. format: int32
begin
IpAddr Starting IP address of the range.
end
IpAddr Ending IP address of the range.
burst_sz (optional)
Integer Maximum number of connections, requests or packets to be let through instantaneously. If this is less than count, it will have no effect. Allowed values are 0-1000000000. Field introduced in 18.2.9. format: int32
count
Integer Maximum number of connections, requests or packets permitted each period. Allowed values are 1-1000000000. Field introduced in 18.2.9. format: int32
name (optional)
String Identifier for Rate Limit. Constructed according to context. Field introduced in 18.2.9.
period
Integer Time value in seconds to enforce rate count. Allowed values are 1-1000000000. Field introduced in 18.2.9. Unit is SEC. format: int32
key
String Key for filter match. Field introduced in 20.1.3.
values (optional)
array[String] Values for filter match. Multiple values will be evaluated as OR. Example key = value1 OR key = value2. Behavior for match is key = * if this field is empty. Field introduced in 20.1.3.