Zones

 

This menu entry includes a list of existing DNS zones (if any) and a button Create new zone.

When you click Create new zone or you click on an existing DNS zone, you are presented with a new page.


Note: Many settings that are available here are too advanced to be covered in this manual - those settings do not include a description. If you do not know what a certain setting does, it is best to leave it at its default value. Please refer to DNS documentation (e.g. browse RFC - http://tools.ietf.org/rfc/) for more information and/or contact your network administrator.

Basic

  • Enable zone (use this option to enable or disable this DNS zone)
  • Domains (use this option to set the domains in the zone)
  • IP limit (use this option to define IP limit from which IP addresses can the DNS Zone be seen. You can specify allowed IP addresses in two ways, either list the IP addresses separated with commas or specify an allowed subnet, e.g. 192.168.0.1/255.255.255.0.)
  • Default TTL (Default Time to Live)

Click Save to save the changes made to this section.

Start of Authority (SOA)

  • TTL (Time to Live)
  • MName (primary NS) (Master Server Name)
  • RName (hostmaster) (Email Address for the responsible administrator )
  • Serial base (initial serial number)
  • Serial (incremental serial number that specifies the version )
  • Refresh (time interval when a slave must request the current master version )
  • Retry (time interval when a slave is supposed to perform a failed request again)
  • Expire (time interval after which a slave does not release further information if master is unreachable)
  • Minimum (time interval for how long information can be cached )

Click Save to save the changes made to this section.

Zone

Enter DNS records for this zone into the provided space and click Save.

Advanced

  • Enable automatic name servers, custom TTL (default: 86400) (use this option to enable automatic records for name servers, e.g.: "NS ns1, "NS ns2", "NS ns3"...)
  • Direct mapping of ids (use this option to enable direct mapping of ids, e.g. servers 0,5,7 -> "NS ns0","NS ns5", "NS ns7")
  • Enable load balancing support, custom TTL (default: 30) (use this option to enable or disable load balancing support for this zone)
  • Primary zone for load balancing (use this option to set this zone as the primary zone for load balancing)
  • Domain root record with load balancing service (for example if you have "example.com" and you don't have this setting enabled, "example.com" will not return anything, users will have to define "www.example.com" in order to access ICP. If the setting is enabled "example.com" will have the same response as "www.example.com". If you change the value from www to isllight then "example.com" will have the same response as "isllight.example.com".)
  • Use wildcard records for services (if you enable this option, ISL Conference Proxy services will use wildcard records for services. E.g. ISL Light will use isllight-*.example.com)
  • Use domain root record for services (single public address) (if you enable this option ISL Conference Proxy will use domain root record for services. E.g. all services will use "example.com")
  • Keep backward compatible load balancer wildcard records (use this option to enable support for previously defined connection addresses to ISL Clients)
  • Enable backward compatible load balancing support for ISL Light 3.0.4 and older (check this option if you need load balancing support for older versions of ISL Light)
  • Enable GRID server names, custom TTL (default: 86400) (use this option to enable or disable GRID server names)
  • Primary zone for GRID server names (use this option to set this zone as the primary zone for GRID server names)
  • Enable client DNS debugging records (whatismydns) (use this option to add whatismydns and ^whatismydns-[^.-]+$ that resolve to client's DNS resolver IP using A/AAAA records. This setting was marked with "[insecure, disable as soon as possible]" to discourage enabling the setting for longer periods of time where ICP DNS returns client provided data in response.)
  • Enable managed SSL certificate (use this option to include domains from this zone into default list of domain names, that will be included (as Subject Alternative Names) in certificates created by SSL Module)
  • Enable client DNS debugging records (whatismydns) [insecure, disable as soon as possible] (This setting is mainly used for debugging purposes and having it enabled for longer periods is discouraged. When enabled, whatismyip and whatismyip-*are added to the zone which return client's IP address as seen by load balancer. myip and EDNS Client Subnet is supported. To test if current internet connection DNS server supports EDNS Client Subnet, run:
    • "ping whatismyip.icp.example.com", or:
    • "nslookup whatismyip.icp.example.com"

Click Save to save the changes made to this section.

Zone status

This section shows the zone status. It is empty when creating a new zone.

If you want to delete the zone, check the checkbox next to the Delete zone button, then click the Delete zone button.

Show deleted

Clicking on the "Show deleted" option will show the deleted DNS Server zones which have not yet been permanently removed. Such DNS Server zones were marked for deletion, for all intents and purposes they are treated as deleted, however there is a grace period during which they can be restored. Select the DNS Server zones you wish to restore and click the "Undelete selected" button to undelete them.

Setting "Keep deleted data available for undelete" controls the length of the grace period and is located under the Deleted data settings section.

Tags: isl conference proxy, settings, configuration, dns server

Was this article helpful?