-
-
-
-
dns-zone
-
-
-
-
-
-
-
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
dns-zone
The following operations can be performed on “dns-zone”:
unset | unsign | sign | show | rm | add | set |
unset dns zone
Use this command to remove dns zone settings.Refer to the set dns zone command for meanings of the arguments.
Synopsis
unset dns zone
unsign dns zone
Unsigns the specified DNS zone with the specified DNS key.
Synopsis
unsign dns zone
Arguments
zoneName Name of the zone.
keyName Name of the public-private DNS key pair with which to unsign the zone.
Example
unsign dns zone abc.com. -keyname abc.com.zsk abc.com.ksk
sign dns zone
Signs a DNS zone with a DNS key. Before you sign a zone, make sure that you’ve enabled DNSSEC by setting the global DNS parameter “Enable DNSSEC extension.”
Synopsis
sign dns zone
Arguments
zoneName Name of the zone.
keyName Name of the public/private DNS key pair with which to sign the zone. You can sign a zone with up to four keys.
Example
sign dns zone abc.com. -keyname abc.com.zsk abc.com.ksk
show dns zone
Displays the parameters of the specified DNS zone, along with information about the types of resource records available for each domain name in the zone. If no zone name is specified, just the parameters are shown, for all configured zones.
Synopsis
show dns zone [
Arguments
zoneName Name of the zone. Mutually exclusive with the type parameter.
type Type of zone to display. Mutually exclusive with the DNS Zone (zoneName) parameter. Available settings function as follows:
- ADNS - Display all the zones for which the Citrix ADC is authoritative.
- PROXY - Display all the zones for which the Citrix ADC is functioning as a proxy server.
- ALL - Display all the zones configured on the appliance.
Possible values: ALL, ADNS, PROXY
Output
proxyMode Deploy the zone in proxy mode. Enable in the following scenarios:
- The load balanced DNS servers are authoritative for the zone and all resource records that are part of the zone.
- The load balanced DNS servers are authoritative for the zone, but the Citrix ADC owns a subset of the resource records that belong to the zone (partial zone ownership configuration). Typically seen in global server load balancing (GSLB) configurations, in which the appliance responds authoritatively to queries for GSLB domain names but forwards queries for other domain names in the zone to the load balanced servers. In either scenario, do not create the zone’s Start of Authority (SOA) and name server (NS) resource records on the appliance. Disable if the appliance is authoritative for the zone, but make sure that you have created the SOA and NS records on the appliance before you create the zone.
flags Flags controlling display.
nsecBitarray Bit array representing the different record types configured for the domain name
domain Domain name that belongs to the given zone
nextRecs An array of record types associated with the nsec record.
stateflag flags controlling display
dnssecOffload Enable dnssec offload for this zone.
nsec Enable nsec generation for dnssec offload.
keyName Name of the public/private DNS key pair with which to sign the zone. You can sign a zone with up to four keys.
sigInceptionTime The time when sign was done with this key.
signed Integer which denote status of keys.
expires Time period for which to consider the key valid, after the key is used to sign a zone.
devno count
Example
show dns zone foo.bar
rm dns zone
Removes a DNS zone from the Citrix ADC.
Synopsis
rm dns zone
Arguments
zoneName Name of the zone to remove.
add dns zone
Creates a DNS zone on the Citrix ADC. Mandatory if you want to use the appliance to implement Domain Name Security Extensions (DNSSEC) for the zone. When you add a DNS resource record, if the domain name of the record belongs to the zone, the record is automatically added to the zone.
Synopsis
add dns zone
Arguments
zoneName Name of the zone to create.
proxyMode Deploy the zone in proxy mode. Enable in the following scenarios:
- The load balanced DNS servers are authoritative for the zone and all resource records that are part of the zone.
- The load balanced DNS servers are authoritative for the zone, but the Citrix ADC owns a subset of the resource records that belong to the zone (partial zone ownership configuration). Typically seen in global server load balancing (GSLB) configurations, in which the appliance responds authoritatively to queries for GSLB domain names but forwards queries for other domain names in the zone to the load balanced servers. In either scenario, do not create the zone’s Start of Authority (SOA) and name server (NS) resource records on the appliance. Disable if the appliance is authoritative for the zone, but make sure that you have created the SOA and NS records on the appliance before you create the zone.
Possible values: YES, NO Default value: YES
dnssecOffload Enable dnssec offload for this zone.
Possible values: ENABLED, DISABLED Default value: DISABLED
nsec Enable nsec generation for dnssec offload.
Possible values: ENABLED, DISABLED Default value: DISABLED
Example
add dns zone foo.bar -proxyMode NO -dnssec ENABLED
set dns zone
Modifies the parameters of the specified DNS zone.
Synopsis
set dns zone
Arguments
zoneName Name of the zone.
proxyMode Deploy the zone in proxy mode. Enable in the following scenarios:
- The load balanced DNS servers are authoritative for the zone and all resource records that are part of the zone.
- The load balanced DNS servers are authoritative for the zone, but the Citrix ADC owns a subset of the resource records that belong to the zone (partial zone ownership configuration). Typically seen in global server load balancing (GSLB) configurations, in which the appliance responds authoritatively to queries for GSLB domain names but forwards queries for other domain names in the zone to the load balanced servers. In either scenario, do not create the zone’s Start of Authority (SOA) and name server (NS) resource records on the appliance. Disable if the appliance is authoritative for the zone, but make sure that you have created the SOA and NS records on the appliance before you create the zone.
Possible values: YES, NO Default value: YES
dnssecOffload Enable dnssec offload for this zone.
Possible values: ENABLED, DISABLED Default value: DISABLED
nsec Enable nsec generation for dnssec offload.
Possible values: ENABLED, DISABLED Default value: DISABLED
Example
set dns zone foo.bar -proxyMode NO -dnssec ENABLED
Share
Share
This Preview product documentation is Citrix Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Citrix Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Citrix product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.