Avi DnsPolicy Object API

CLI ``` - configure dnspolicy - show dnspolicy ```
More information: https://avinetworks.com/contact-us
Contact Info: support@avinetworks.com
Version: 20.1.9
BasePath:/api
All rights reserved
http://apache.org/licenses/LICENSE-2.0.html

Access

  1. HTTP Basic Authentication

Methods

[ Jump to Models ]

Table of Contents

  1. get /dnspolicy
  2. post /dnspolicy
  3. delete /dnspolicy/{uuid}
  4. get /dnspolicy/{uuid}
  5. patch /dnspolicy/{uuid}
  6. put /dnspolicy/{uuid}
Up
get /dnspolicy
(dnspolicyGet)

Consumes

This API call consumes the following media types via the Content-Type request header:

Query parameters

name (optional)
Query Parameter — object name
refers_to (optional)
Query Parameter — Filter to request all objects that refers to another Avi resource. Its syntax is refers_to=<obj_type>:<obj_uuid>. Eg. get all virtual services referring to pool p1 will be refers_to=pool:pool_p1_uuid
referred_by (optional)
Query Parameter — Filter to request all objects that are referred by another Avi resource. Its syntax is referred_by=<obj_type>:<obj_uuid>. Eg. get all pools referred_by virtual service vs1 - referred_by=virtualservice:vs_vs1_uuid
fields (optional)
Query Parameter — List of fields to be returned for the resource. Some fields like name, URL, uuid etc. are always returned.
include_name (optional)
Query Parameter — All the Avi REST reference URIs have a name suffix as URI#name. It is useful to get the referenced resource name without performing get on that object.
skip_default (optional)
Query Parameter — Default values are not set.
join_subresources (optional)
Query Parameter — It automatically returns additional dependent resources like runtime. Eg. join_subresources=runtime.

Return type

DnsPolicyApiResponse

Example data

Content-Type: application/json
{
  "next" : "aeiou",
  "count" : 123,
  "results" : [ {
    "tenant_ref" : "aeiou",
    "name" : "aeiou",
    "description" : "aeiou",
    "rule" : [ {
      "log" : true,
      "enable" : true,
      "match" : {
        "protocol" : {
          "match_criteria" : "aeiou",
          "protocol" : "aeiou"
        },
        "geo_location" : {
          "match_criteria" : "aeiou",
          "geolocation_tag" : "aeiou",
          "geolocation_name" : "aeiou",
          "use_edns_client_subnet_ip" : true
        },
        "query_name" : {
          "match_criteria" : "aeiou",
          "string_group_refs" : [ "aeiou" ],
          "query_domain_names" : [ "aeiou" ]
        },
        "client_ip" : {
          "group_refs" : [ "aeiou" ],
          "match_criteria" : "aeiou",
          "prefixes" : [ {
            "ip_addr" : "",
            "mask" : 123
          } ],
          "ranges" : [ {
            "end" : "",
            "begin" : ""
          } ],
          "addrs" : [ "" ]
        },
        "client_ip_address" : {
          "use_edns_client_subnet_ip" : true,
          "client_ip" : ""
        },
        "query_type" : {
          "match_criteria" : "aeiou",
          "query_type" : [ "aeiou" ]
        }
      },
      "name" : "aeiou",
      "action" : {
        "allow" : {
          "allow" : true,
          "reset_conn" : true
        },
        "pool_switching" : {
          "pool_ref" : "aeiou",
          "pool_group_ref" : "aeiou"
        },
        "dns_rate_limiter" : {
          "rate_limiter_object" : {
            "period" : 123,
            "count" : 123,
            "name" : "aeiou",
            "burst_sz" : 123
          },
          "action" : ""
        },
        "gslb_site_selection" : {
          "site_name" : "aeiou",
          "fallback_site_names" : [ "aeiou" ],
          "is_site_preferred" : true
        },
        "response" : {
          "authoritative" : true,
          "rcode" : "aeiou",
          "resource_record_sets" : [ {
            "section" : "aeiou",
            "resource_record_set" : {
              "nses" : [ {
                "ip6_address" : "",
                "ip_address" : "",
                "nsname" : "aeiou"
              } ],
              "fqdn" : "aeiou",
              "ip_addresses" : [ {
                "ip_address" : ""
              } ],
              "ip6_addresses" : [ {
                "ip6_address" : {
                  "addr" : "aeiou",
                  "type" : "aeiou"
                }
              } ],
              "cname" : {
                "cname" : "aeiou"
              },
              "type" : "aeiou",
              "ttl" : 123
            }
          } ],
          "truncation" : true
        },
        "dns_rate_limit" : {
          "period" : 123,
          "count" : 123,
          "action" : {
            "type" : "aeiou"
          },
          "burst_size" : 123,
          "fine_grain" : true
        }
      },
      "index" : 123
    } ],
    "markers" : [ {
      "values" : [ "aeiou" ],
      "key" : "aeiou"
    } ],
    "created_by" : "aeiou",
    "uuid" : "aeiou",
    "url" : "aeiou",
    "_last_modified" : "aeiou",
    "labels" : [ {
      "value" : "aeiou",
      "key" : "aeiou"
    } ]
  } ]
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK DnsPolicyApiResponse

401

log in failed

Up
post /dnspolicy
(dnspolicyPost)

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body (required)
Body Parameter — DnsPolicy object creation

Return type

DnsPolicy

Example data

Content-Type: application/json
{
  "tenant_ref" : "aeiou",
  "name" : "aeiou",
  "description" : "aeiou",
  "rule" : [ {
    "log" : true,
    "enable" : true,
    "match" : {
      "protocol" : {
        "match_criteria" : "aeiou",
        "protocol" : "aeiou"
      },
      "geo_location" : {
        "match_criteria" : "aeiou",
        "geolocation_tag" : "aeiou",
        "geolocation_name" : "aeiou",
        "use_edns_client_subnet_ip" : true
      },
      "query_name" : {
        "match_criteria" : "aeiou",
        "string_group_refs" : [ "aeiou" ],
        "query_domain_names" : [ "aeiou" ]
      },
      "client_ip" : {
        "group_refs" : [ "aeiou" ],
        "match_criteria" : "aeiou",
        "prefixes" : [ {
          "ip_addr" : "",
          "mask" : 123
        } ],
        "ranges" : [ {
          "end" : "",
          "begin" : ""
        } ],
        "addrs" : [ "" ]
      },
      "client_ip_address" : {
        "use_edns_client_subnet_ip" : true,
        "client_ip" : ""
      },
      "query_type" : {
        "match_criteria" : "aeiou",
        "query_type" : [ "aeiou" ]
      }
    },
    "name" : "aeiou",
    "action" : {
      "allow" : {
        "allow" : true,
        "reset_conn" : true
      },
      "pool_switching" : {
        "pool_ref" : "aeiou",
        "pool_group_ref" : "aeiou"
      },
      "dns_rate_limiter" : {
        "rate_limiter_object" : {
          "period" : 123,
          "count" : 123,
          "name" : "aeiou",
          "burst_sz" : 123
        },
        "action" : ""
      },
      "gslb_site_selection" : {
        "site_name" : "aeiou",
        "fallback_site_names" : [ "aeiou" ],
        "is_site_preferred" : true
      },
      "response" : {
        "authoritative" : true,
        "rcode" : "aeiou",
        "resource_record_sets" : [ {
          "section" : "aeiou",
          "resource_record_set" : {
            "nses" : [ {
              "ip6_address" : "",
              "ip_address" : "",
              "nsname" : "aeiou"
            } ],
            "fqdn" : "aeiou",
            "ip_addresses" : [ {
              "ip_address" : ""
            } ],
            "ip6_addresses" : [ {
              "ip6_address" : {
                "addr" : "aeiou",
                "type" : "aeiou"
              }
            } ],
            "cname" : {
              "cname" : "aeiou"
            },
            "type" : "aeiou",
            "ttl" : 123
          }
        } ],
        "truncation" : true
      },
      "dns_rate_limit" : {
        "period" : 123,
        "count" : 123,
        "action" : {
          "type" : "aeiou"
        },
        "burst_size" : 123,
        "fine_grain" : true
      }
    },
    "index" : 123
  } ],
  "markers" : [ {
    "values" : [ "aeiou" ],
    "key" : "aeiou"
  } ],
  "created_by" : "aeiou",
  "uuid" : "aeiou",
  "url" : "aeiou",
  "_last_modified" : "aeiou",
  "labels" : [ {
    "value" : "aeiou",
    "key" : "aeiou"
  } ]
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK DnsPolicy

401

log in failed

Up
delete /dnspolicy/{uuid}
(dnspolicyUuidDelete)

Path parameters

uuid (required)
Path Parameter — UUID of the object to fetch

Consumes

This API call consumes the following media types via the Content-Type request header:

Query parameters

name (optional)
Query Parameter — object name

Return type

String

Example data

Content-Type: application/json
"aeiou"

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

204

object deleted String

404

not found

Up
get /dnspolicy/{uuid}
(dnspolicyUuidGet)

Path parameters

uuid (required)
Path Parameter — UUID of the object to fetch

Consumes

This API call consumes the following media types via the Content-Type request header:

Query parameters

name (optional)
Query Parameter — object name
fields (optional)
Query Parameter — List of fields to be returned for the resource. Some fields like name, URL, uuid etc. are always returned.
include_name (optional)
Query Parameter — All the Avi REST reference URIs have a name suffix as URI#name. It is useful to get the referenced resource name without performing get on that object.
skip_default (optional)
Query Parameter — Default values are not set.
join_subresources (optional)
Query Parameter — It automatically returns additional dependent resources like runtime. Eg. join_subresources=runtime.

Return type

DnsPolicy

Example data

Content-Type: application/json
{
  "tenant_ref" : "aeiou",
  "name" : "aeiou",
  "description" : "aeiou",
  "rule" : [ {
    "log" : true,
    "enable" : true,
    "match" : {
      "protocol" : {
        "match_criteria" : "aeiou",
        "protocol" : "aeiou"
      },
      "geo_location" : {
        "match_criteria" : "aeiou",
        "geolocation_tag" : "aeiou",
        "geolocation_name" : "aeiou",
        "use_edns_client_subnet_ip" : true
      },
      "query_name" : {
        "match_criteria" : "aeiou",
        "string_group_refs" : [ "aeiou" ],
        "query_domain_names" : [ "aeiou" ]
      },
      "client_ip" : {
        "group_refs" : [ "aeiou" ],
        "match_criteria" : "aeiou",
        "prefixes" : [ {
          "ip_addr" : "",
          "mask" : 123
        } ],
        "ranges" : [ {
          "end" : "",
          "begin" : ""
        } ],
        "addrs" : [ "" ]
      },
      "client_ip_address" : {
        "use_edns_client_subnet_ip" : true,
        "client_ip" : ""
      },
      "query_type" : {
        "match_criteria" : "aeiou",
        "query_type" : [ "aeiou" ]
      }
    },
    "name" : "aeiou",
    "action" : {
      "allow" : {
        "allow" : true,
        "reset_conn" : true
      },
      "pool_switching" : {
        "pool_ref" : "aeiou",
        "pool_group_ref" : "aeiou"
      },
      "dns_rate_limiter" : {
        "rate_limiter_object" : {
          "period" : 123,
          "count" : 123,
          "name" : "aeiou",
          "burst_sz" : 123
        },
        "action" : ""
      },
      "gslb_site_selection" : {
        "site_name" : "aeiou",
        "fallback_site_names" : [ "aeiou" ],
        "is_site_preferred" : true
      },
      "response" : {
        "authoritative" : true,
        "rcode" : "aeiou",
        "resource_record_sets" : [ {
          "section" : "aeiou",
          "resource_record_set" : {
            "nses" : [ {
              "ip6_address" : "",
              "ip_address" : "",
              "nsname" : "aeiou"
            } ],
            "fqdn" : "aeiou",
            "ip_addresses" : [ {
              "ip_address" : ""
            } ],
            "ip6_addresses" : [ {
              "ip6_address" : {
                "addr" : "aeiou",
                "type" : "aeiou"
              }
            } ],
            "cname" : {
              "cname" : "aeiou"
            },
            "type" : "aeiou",
            "ttl" : 123
          }
        } ],
        "truncation" : true
      },
      "dns_rate_limit" : {
        "period" : 123,
        "count" : 123,
        "action" : {
          "type" : "aeiou"
        },
        "burst_size" : 123,
        "fine_grain" : true
      }
    },
    "index" : 123
  } ],
  "markers" : [ {
    "values" : [ "aeiou" ],
    "key" : "aeiou"
  } ],
  "created_by" : "aeiou",
  "uuid" : "aeiou",
  "url" : "aeiou",
  "_last_modified" : "aeiou",
  "labels" : [ {
    "value" : "aeiou",
    "key" : "aeiou"
  } ]
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK DnsPolicy

401

log in failed

Up
patch /dnspolicy/{uuid}
(dnspolicyUuidPatch)

Path parameters

uuid (required)
Path Parameter — UUID of the object to fetch

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body (required)
Body Parameter — DnsPolicy object creation

Query parameters

name (optional)
Query Parameter — object name

Return type

DnsPolicy

Example data

Content-Type: application/json
{
  "tenant_ref" : "aeiou",
  "name" : "aeiou",
  "description" : "aeiou",
  "rule" : [ {
    "log" : true,
    "enable" : true,
    "match" : {
      "protocol" : {
        "match_criteria" : "aeiou",
        "protocol" : "aeiou"
      },
      "geo_location" : {
        "match_criteria" : "aeiou",
        "geolocation_tag" : "aeiou",
        "geolocation_name" : "aeiou",
        "use_edns_client_subnet_ip" : true
      },
      "query_name" : {
        "match_criteria" : "aeiou",
        "string_group_refs" : [ "aeiou" ],
        "query_domain_names" : [ "aeiou" ]
      },
      "client_ip" : {
        "group_refs" : [ "aeiou" ],
        "match_criteria" : "aeiou",
        "prefixes" : [ {
          "ip_addr" : "",
          "mask" : 123
        } ],
        "ranges" : [ {
          "end" : "",
          "begin" : ""
        } ],
        "addrs" : [ "" ]
      },
      "client_ip_address" : {
        "use_edns_client_subnet_ip" : true,
        "client_ip" : ""
      },
      "query_type" : {
        "match_criteria" : "aeiou",
        "query_type" : [ "aeiou" ]
      }
    },
    "name" : "aeiou",
    "action" : {
      "allow" : {
        "allow" : true,
        "reset_conn" : true
      },
      "pool_switching" : {
        "pool_ref" : "aeiou",
        "pool_group_ref" : "aeiou"
      },
      "dns_rate_limiter" : {
        "rate_limiter_object" : {
          "period" : 123,
          "count" : 123,
          "name" : "aeiou",
          "burst_sz" : 123
        },
        "action" : ""
      },
      "gslb_site_selection" : {
        "site_name" : "aeiou",
        "fallback_site_names" : [ "aeiou" ],
        "is_site_preferred" : true
      },
      "response" : {
        "authoritative" : true,
        "rcode" : "aeiou",
        "resource_record_sets" : [ {
          "section" : "aeiou",
          "resource_record_set" : {
            "nses" : [ {
              "ip6_address" : "",
              "ip_address" : "",
              "nsname" : "aeiou"
            } ],
            "fqdn" : "aeiou",
            "ip_addresses" : [ {
              "ip_address" : ""
            } ],
            "ip6_addresses" : [ {
              "ip6_address" : {
                "addr" : "aeiou",
                "type" : "aeiou"
              }
            } ],
            "cname" : {
              "cname" : "aeiou"
            },
            "type" : "aeiou",
            "ttl" : 123
          }
        } ],
        "truncation" : true
      },
      "dns_rate_limit" : {
        "period" : 123,
        "count" : 123,
        "action" : {
          "type" : "aeiou"
        },
        "burst_size" : 123,
        "fine_grain" : true
      }
    },
    "index" : 123
  } ],
  "markers" : [ {
    "values" : [ "aeiou" ],
    "key" : "aeiou"
  } ],
  "created_by" : "aeiou",
  "uuid" : "aeiou",
  "url" : "aeiou",
  "_last_modified" : "aeiou",
  "labels" : [ {
    "value" : "aeiou",
    "key" : "aeiou"
  } ]
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK DnsPolicy

401

log in failed

Up
put /dnspolicy/{uuid}
(dnspolicyUuidPut)

Path parameters

uuid (required)
Path Parameter — UUID of the object to fetch

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body (required)
Body Parameter — DnsPolicy object creation

Query parameters

name (optional)
Query Parameter — object name

Return type

DnsPolicy

Example data

Content-Type: application/json
{
  "tenant_ref" : "aeiou",
  "name" : "aeiou",
  "description" : "aeiou",
  "rule" : [ {
    "log" : true,
    "enable" : true,
    "match" : {
      "protocol" : {
        "match_criteria" : "aeiou",
        "protocol" : "aeiou"
      },
      "geo_location" : {
        "match_criteria" : "aeiou",
        "geolocation_tag" : "aeiou",
        "geolocation_name" : "aeiou",
        "use_edns_client_subnet_ip" : true
      },
      "query_name" : {
        "match_criteria" : "aeiou",
        "string_group_refs" : [ "aeiou" ],
        "query_domain_names" : [ "aeiou" ]
      },
      "client_ip" : {
        "group_refs" : [ "aeiou" ],
        "match_criteria" : "aeiou",
        "prefixes" : [ {
          "ip_addr" : "",
          "mask" : 123
        } ],
        "ranges" : [ {
          "end" : "",
          "begin" : ""
        } ],
        "addrs" : [ "" ]
      },
      "client_ip_address" : {
        "use_edns_client_subnet_ip" : true,
        "client_ip" : ""
      },
      "query_type" : {
        "match_criteria" : "aeiou",
        "query_type" : [ "aeiou" ]
      }
    },
    "name" : "aeiou",
    "action" : {
      "allow" : {
        "allow" : true,
        "reset_conn" : true
      },
      "pool_switching" : {
        "pool_ref" : "aeiou",
        "pool_group_ref" : "aeiou"
      },
      "dns_rate_limiter" : {
        "rate_limiter_object" : {
          "period" : 123,
          "count" : 123,
          "name" : "aeiou",
          "burst_sz" : 123
        },
        "action" : ""
      },
      "gslb_site_selection" : {
        "site_name" : "aeiou",
        "fallback_site_names" : [ "aeiou" ],
        "is_site_preferred" : true
      },
      "response" : {
        "authoritative" : true,
        "rcode" : "aeiou",
        "resource_record_sets" : [ {
          "section" : "aeiou",
          "resource_record_set" : {
            "nses" : [ {
              "ip6_address" : "",
              "ip_address" : "",
              "nsname" : "aeiou"
            } ],
            "fqdn" : "aeiou",
            "ip_addresses" : [ {
              "ip_address" : ""
            } ],
            "ip6_addresses" : [ {
              "ip6_address" : {
                "addr" : "aeiou",
                "type" : "aeiou"
              }
            } ],
            "cname" : {
              "cname" : "aeiou"
            },
            "type" : "aeiou",
            "ttl" : 123
          }
        } ],
        "truncation" : true
      },
      "dns_rate_limit" : {
        "period" : 123,
        "count" : 123,
        "action" : {
          "type" : "aeiou"
        },
        "burst_size" : 123,
        "fine_grain" : true
      }
    },
    "index" : 123
  } ],
  "markers" : [ {
    "values" : [ "aeiou" ],
    "key" : "aeiou"
  } ],
  "created_by" : "aeiou",
  "uuid" : "aeiou",
  "url" : "aeiou",
  "_last_modified" : "aeiou",
  "labels" : [ {
    "value" : "aeiou",
    "key" : "aeiou"
  } ]
}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK DnsPolicy

401

log in failed

Up

Models

[ Jump to Methods ]

Table of Contents

  1. DnsAAAARdata
  2. DnsARdata
  3. DnsClientIpMatch
  4. DnsCnameRdata
  5. DnsGeoLocationMatch
  6. DnsNsRdata
  7. DnsPolicy
  8. DnsPolicyApiResponse
  9. DnsQueryNameMatch
  10. DnsQueryTypeMatch
  11. DnsRateLimiter
  12. DnsRateProfile
  13. DnsRrSet
  14. DnsRule
  15. DnsRuleAction
  16. DnsRuleActionAllowDrop
  17. DnsRuleActionGslbSiteSelection
  18. DnsRuleActionPoolSwitching
  19. DnsRuleActionResponse
  20. DnsRuleDnsRrSet
  21. DnsRuleMatchTarget
  22. DnsRuleRLAction
  23. DnsTransportProtocolMatch
  24. IpAddr
  25. IpAddrMatch
  26. IpAddrPrefix
  27. IpAddrRange
  28. KeyValue
  29. RateLimiter
  30. RoleFilterMatchLabel

DnsAAAARdata Up

ip6_address
IpAddr IPv6 address for FQDN. Field introduced in 18.1.1.

DnsARdata Up

ip_address
IpAddr IP address for FQDN.

DnsClientIpMatch Up

client_ip
IpAddrMatch IP addresses to match against client IP. Field introduced in 17.1.6,17.2.2.
use_edns_client_subnet_ip (optional)
Boolean Use the IP address from the EDNS client subnet option, if available, as the source IP address of the client. It should be noted that the edns subnet IP may not be a /32 IP address. Field introduced in 17.1.6,17.2.2.

DnsCnameRdata Up

cname
String Canonical name.

DnsGeoLocationMatch Up

geolocation_name (optional)
String Geographical location of the client IP to be used in the match. This location is of the format Country/State/City e.g. US/CA/Santa Clara. Field introduced in 17.1.5.
geolocation_tag (optional)
String Geolocation tag for the client IP. This could be any string value for the client IP, e.g. client IPs from US East Coast geolocation would be tagged as 'East Coast'. Field introduced in 17.1.5.
match_criteria
String Criterion to use for matching the client IP's geographical location. Enum options - IS_IN, IS_NOT_IN. Field introduced in 17.1.5.
use_edns_client_subnet_ip (optional)
Boolean Use the IP address from the EDNS client subnet option, if available, to derive geo location of the DNS query. Field introduced in 17.1.5.

DnsNsRdata Up

ip6_address (optional)
IpAddr IPv6 address for Name Server. Field introduced in 18.1.1.
ip_address (optional)
IpAddr IP address for Name Server. Field introduced in 17.1.1.
nsname
String Name Server name. Field introduced in 17.1.1.

DnsPolicy Up

_last_modified (optional)
String UNIX time since epoch in microseconds. Units(MICROSECONDS).
created_by (optional)
String Creator name. Field introduced in 17.1.1.
description (optional)
String Field introduced in 17.1.1.
labels (optional)
array[KeyValue] Key value pairs for granular object access control. Also allows for classification and tagging of similar objects. Field deprecated in 20.1.5. Field introduced in 20.1.2. Maximum of 4 items allowed.
markers (optional)
array[RoleFilterMatchLabel] List of labels to be used for granular RBAC. Field introduced in 20.1.5. Allowed in Basic edition, Essentials edition, Enterprise edition.
name
String Name of the DNS Policy. Field introduced in 17.1.1.
rule (optional)
array[DnsRule] DNS rules. Field introduced in 17.1.1.
tenant_ref (optional)
String It is a reference to an object of type Tenant. Field introduced in 17.1.1.
url (optional)
String url
uuid (optional)
String UUID of the DNS Policy. Field introduced in 17.1.1.

DnsPolicyApiResponse Up

count
Integer format: int32
results
next (optional)

DnsQueryNameMatch Up

match_criteria
String Criterion to use for string matching the DNS query domain name in the question section. Enum options - BEGINS_WITH, DOES_NOT_BEGIN_WITH, CONTAINS, DOES_NOT_CONTAIN, ENDS_WITH, DOES_NOT_END_WITH, EQUALS, DOES_NOT_EQUAL, REGEX_MATCH, REGEX_DOES_NOT_MATCH. Field introduced in 17.1.1. Allowed in Basic(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Essentials(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Enterprise edition.
query_domain_names (optional)
array[String] Domain name to match against that specified in the question section of the DNS query. Field introduced in 17.1.1.
string_group_refs (optional)
array[String] UUID of the string group(s) for matching against DNS query domain name in the question section. It is a reference to an object of type StringGroup. Field introduced in 17.1.1.

DnsQueryTypeMatch Up

match_criteria
String Criterion to use for matching the DNS query typein the question section. Enum options - IS_IN, IS_NOT_IN. Field introduced in 17.1.1.
query_type (optional)
array[String] DNS query types in the request query . Enum options - DNS_RECORD_OTHER, DNS_RECORD_A, DNS_RECORD_NS, DNS_RECORD_CNAME, DNS_RECORD_SOA, DNS_RECORD_PTR, DNS_RECORD_HINFO, DNS_RECORD_MX, DNS_RECORD_TXT, DNS_RECORD_RP, DNS_RECORD_DNSKEY, DNS_RECORD_AAAA, DNS_RECORD_SRV, DNS_RECORD_OPT, DNS_RECORD_RRSIG, DNS_RECORD_AXFR, DNS_RECORD_ANY. Field introduced in 17.1.1.

DnsRateLimiter Up

action
DnsRuleRLAction Action to perform upon rate limiting. Field introduced in 20.1.1.
rate_limiter_object
RateLimiter Rate limiting object. Field introduced in 20.1.1.

DnsRateProfile Up

action
DnsRuleRLAction Action to perform upon rate limiting. Field deprecated in 20.1.1. Field introduced in 18.2.5.
burst_size (optional)
Integer Maximum number of connections or requests or packets to be rate limited instantaneously. Field deprecated in 20.1.1. Field introduced in 18.2.5. format: int32
count (optional)
Integer Maximum number of connections or requests or packets per second. It is deprecated because of adoption of new shared rate limiter protobuf. Allowed values are 1-4294967295. Special values are 0- 'unlimited'. Field deprecated in 20.1.1. Field introduced in 18.2.5. format: int32
fine_grain (optional)
Boolean Enable fine granularity. Field deprecated in 20.1.1. Field introduced in 18.2.5.
period (optional)
Integer Time value in seconds to enforce rate count. Allowed values are 1-300. Field deprecated in 20.1.1. Field introduced in 18.2.5. Unit is SEC. format: int32

DnsRrSet Up

cname (optional)
DnsCnameRdata Canonical name in CNAME record. Field introduced in 17.2.12, 18.1.2.
fqdn
String Fully Qualified Domain Name. Field introduced in 17.2.12, 18.1.2.
ip6_addresses (optional)
array[DnsAAAARdata] IPv6 address in AAAA record. Field introduced in 18.1.2.
ip_addresses (optional)
array[DnsARdata] IP address in A record. Field introduced in 17.2.12, 18.1.2.
nses (optional)
array[DnsNsRdata] Name Server information in NS record. Field introduced in 17.2.12, 18.1.2.
ttl
Integer Time To Live for this DNS record. Allowed values are 0-2147483647. Field introduced in 17.2.12, 18.1.2. format: int32
type
String DNS record type. Enum options - DNS_RECORD_OTHER, DNS_RECORD_A, DNS_RECORD_NS, DNS_RECORD_CNAME, DNS_RECORD_SOA, DNS_RECORD_PTR, DNS_RECORD_HINFO, DNS_RECORD_MX, DNS_RECORD_TXT, DNS_RECORD_RP, DNS_RECORD_DNSKEY, DNS_RECORD_AAAA, DNS_RECORD_SRV, DNS_RECORD_OPT, DNS_RECORD_RRSIG, DNS_RECORD_AXFR, DNS_RECORD_ANY. Field introduced in 17.2.12, 18.1.2.

DnsRule Up

action (optional)
DnsRuleAction Action to be performed upon successful matching. Field introduced in 17.1.1.
enable (optional)
Boolean Enable or disable the rule. Field introduced in 17.1.1.
index
Integer Index of the rule. Field introduced in 17.1.1. format: int32
log (optional)
Boolean Log DNS query upon rule match. Field introduced in 17.1.1.
match (optional)
DnsRuleMatchTarget Add match criteria to the rule. Field introduced in 17.1.1.
name
String Name of the rule. Field introduced in 17.1.1.

DnsRuleAction Up

allow (optional)
DnsRuleActionAllowDrop Allow or drop the DNS query. Field introduced in 17.1.1.
dns_rate_limit (optional)
DnsRateProfile Rate limits the DNS requests. Field deprecated in 20.1.1. Field introduced in 18.2.5.
dns_rate_limiter (optional)
DnsRateLimiter Rate limits the DNS requests. Field introduced in 20.1.1.
gslb_site_selection (optional)
DnsRuleActionGslbSiteSelection Select a specific GSLB site for the DNS query. This action should be used only when GSLB services have been configured for the DNS virtual service. Field introduced in 17.1.5.
pool_switching (optional)
DnsRuleActionPoolSwitching Select a pool or pool group for the passthrough DNS query which cannot be served locally but could be served by upstream servers. Field introduced in 18.1.3, 17.2.12.
response (optional)
DnsRuleActionResponse Generate a response for the DNS query. Field introduced in 17.1.1.

DnsRuleActionAllowDrop Up

allow (optional)
Boolean Allow the DNS query. Field introduced in 17.1.1.
reset_conn (optional)
Boolean Reset the TCP connection of the DNS query, if allow is set to false to drop the query. Field introduced in 17.1.1.

DnsRuleActionGslbSiteSelection Up

fallback_site_names (optional)
array[String] GSLB fallback sites to use in case the desired site is down. Field introduced in 17.2.5. Maximum of 64 items allowed.
is_site_preferred (optional)
Boolean When set to true, GSLB site is a preferred site. This setting comes into play when the site is down, as well as no configured fallback site is available (all fallback sites are also down), then any one available site is selected based on the default algorithm for GSLB pool member selection. Field introduced in 17.2.5.
site_name
String GSLB site name. Field introduced in 17.1.5.

DnsRuleActionPoolSwitching Up

pool_group_ref (optional)
String Reference of the pool group to serve the passthrough DNS query which cannot be served locally. It is a reference to an object of type PoolGroup. Field introduced in 18.1.3, 17.2.12.
pool_ref (optional)
String Reference of the pool to serve the passthrough DNS query which cannot be served locally. It is a reference to an object of type Pool. Field introduced in 18.1.3, 17.2.12.

DnsRuleActionResponse Up

authoritative (optional)
Boolean DNS response is authoritative. Field introduced in 17.1.1.
rcode (optional)
String DNS response code. Enum options - DNS_RCODE_NOERROR, DNS_RCODE_FORMERR, DNS_RCODE_SERVFAIL, DNS_RCODE_NXDOMAIN, DNS_RCODE_NOTIMP, DNS_RCODE_REFUSED, DNS_RCODE_YXDOMAIN, DNS_RCODE_YXRRSET, DNS_RCODE_NXRRSET, DNS_RCODE_NOTAUTH, DNS_RCODE_NOTZONE. Field introduced in 17.1.1.
resource_record_sets (optional)
array[DnsRuleDnsRrSet] DNS resource record sets - (resource record set share the DNS domain name, type, and class). Field introduced in 17.2.12, 18.1.2.
truncation (optional)
Boolean DNS response is truncated. Field introduced in 17.1.1.

DnsRuleDnsRrSet Up

resource_record_set
DnsRrSet DNS resource record set - (records in the resource record set share the DNS domain name, type, and class). Field introduced in 17.2.12, 18.1.2.
section (optional)
String DNS message section for the resource record set. Enum options - DNS_MESSAGE_SECTION_QUESTION, DNS_MESSAGE_SECTION_ANSWER, DNS_MESSAGE_SECTION_AUTHORITY, DNS_MESSAGE_SECTION_ADDITIONAL. Field introduced in 17.2.12, 18.1.2.

DnsRuleMatchTarget Up

client_ip (optional)
IpAddrMatch IP addresses to match against client IP. From 17.1.6 release onwards, IP addresses needs to be configured in the client_ip_address field of this message. Field deprecated in 17.1.6,17.2.2. Field introduced in 17.1.1.
client_ip_address (optional)
DnsClientIpMatch IP addresses to match against client IP or the EDNS client subnet IP. Field introduced in 17.1.6,17.2.2.
geo_location (optional)
DnsGeoLocationMatch Geographical location attribute to match against that of the client IP. Field introduced in 17.1.5.
protocol (optional)
DnsTransportProtocolMatch DNS transport protocol match. Field introduced in 17.1.1.
query_name (optional)
DnsQueryNameMatch Domain names to match against query name. Field introduced in 17.1.1.
query_type (optional)
DnsQueryTypeMatch DNS query types to match against request query type. Field introduced in 17.1.1.

DnsRuleRLAction Up

type (optional)
String Type of action to be enforced upon hitting the rate limit. Enum options - DNS_RL_ACTION_NONE, DNS_RL_ACTION_DROP_REQ. Field introduced in 18.2.5.

DnsTransportProtocolMatch Up

match_criteria
String Criterion to use for matching the DNS transport protocol. Enum options - IS_IN, IS_NOT_IN. Field introduced in 17.1.1.
protocol
String Protocol to match against transport protocol used by DNS query. Enum options - DNS_OVER_UDP, DNS_OVER_TCP. Field introduced in 17.1.1.

IpAddr Up

addr
String IP address.
type
String Enum options - V4, DNS, V6.

IpAddrMatch Up

addrs (optional)
array[IpAddr] IP address(es).
group_refs (optional)
array[String] UUID of IP address group(s). It is a reference to an object of type IpAddrGroup.
match_criteria
String Criterion to use for IP address matching the HTTP request. Enum options - IS_IN, IS_NOT_IN.
prefixes (optional)
array[IpAddrPrefix] IP address prefix(es).
ranges (optional)
array[IpAddrRange] IP address range(s).

IpAddrPrefix Up

ip_addr
IpAddr Placeholder for description of property ip_addr of obj type IpAddrPrefix field type str type object
mask
Integer Number of mask. format: int32

IpAddrRange Up

begin
IpAddr Starting IP address of the range.
end
IpAddr Ending IP address of the range.

KeyValue Up

key
String Key.
value (optional)
String Value.

RateLimiter Up

burst_sz (optional)
Integer Maximum number of connections, requests or packets to be let through instantaneously. If this is less than count, it will have no effect. Allowed values are 0-1000000000. Field introduced in 18.2.9. format: int32
count
Integer Maximum number of connections, requests or packets permitted each period. Allowed values are 1-1000000000. Field introduced in 18.2.9. format: int32
name (optional)
String Identifier for Rate Limit. Constructed according to context. Field introduced in 18.2.9.
period
Integer Time value in seconds to enforce rate count. Allowed values are 1-1000000000. Field introduced in 18.2.9. Unit is SEC. format: int32

RoleFilterMatchLabel Up

key
String Key for filter match. Field introduced in 20.1.3.
values (optional)
array[String] Values for filter match. Multiple values will be evaluated as OR. Example key = value1 OR key = value2. Behavior for match is key = * if this field is empty. Field introduced in 20.1.3.