Try SpotterConfiguration for DNS parameter resource.
| "added in version" 2.0.0 of netscaler.adc"
Authors: Sumanth Lingappa (@sumanth-lingappa)
preview | supported by community
Install with ansible-galaxy collection install netscaler.adc:==2.5.1
collections:
- name: netscaler.adc
version: 2.5.1Configuration for DNS parameter resource.
nsip:
description:
- The ip address of the NetScaler ADC appliance where the nitro API calls will be
made.
- The port can be specified with the colon (:). E.g. 192.168.1.1:555.
required: true
type: str
state:
choices:
- present
- unset
default: present
description:
- The state of the resource being configured by the module on the NetScaler ADC node.
- When C(present), the resource will be added/updated configured according to the
module's parameters.
- When C(unset), the resource will be unset on the NetScaler ADC node.
type: str
dnssec:
choices:
- ENABLED
- DISABLED
description:
- 'Enable or disable the Domain Name System Security Extensions (DNSSEC) feature on
the appliance. Note: Even when the DNSSEC feature is enabled, forwarder configurations
(used by internal Citrix ADC features such as SSL VPN and Cache Redirection for
name resolution) do not support the DNSSEC OK (DO) bit in the EDNS0 OPT header.'
type: str
maxttl:
description:
- Maximum time to live (TTL) for all records cached in the DNS cache by DNS proxy,
end resolver, and forwarder configurations. If the TTL of a record that is to be
cached is higher than the value configured for maxTTL, the TTL of the record is
set to the value of maxTTL before caching. When you modify this setting, the new
value is applied only to those records that are cached after the modification. The
TTL values of existing records are not changed.
type: float
minttl:
description:
- Minimum permissible time to live (TTL) for all records cached in the DNS cache by
DNS proxy, end resolver, and forwarder configurations. If the TTL of a record that
is to be cached is lower than the value configured for minTTL, the TTL of the record
is set to the value of minTTL before caching. When you modify this setting, the
new value is applied only to those records that are cached after the modification.
The TTL values of existing records are not changed.
type: float
retries:
description:
- Maximum number of retry attempts when no response is received for a query sent to
a name server. Applies to end resolver and forwarder configurations.
type: float
api_path:
default: nitro/v1/config
description:
- Base NITRO API path.
- Define only in case of an ADM service proxy call
type: str
recursion:
choices:
- ENABLED
- DISABLED
description:
- Function as an end resolver and recursively resolve queries for domains that are
not hosted on the Citrix ADC. Also resolve queries recursively when the external
name servers configured on the appliance (for a forwarder configuration) are unavailable.
When external name servers are unavailable, the appliance queries a root server
and resolves the request recursively, as it does for an end resolver configuration.
type: str
nitro_pass:
description:
- The password with which to authenticate to the NetScaler ADC node.
required: false
type: str
nitro_user:
description:
- The username with which to authenticate to the NetScaler ADC node.
required: false
type: str
maxpipeline:
description:
- Maximum number of concurrent DNS requests to allow on a single client connection,
which is identified by the <clientip:port>-<vserver ip:port> tuple. A value of 0
(zero) applies no limit to the number of concurrent DNS requests allowed on a single
client connection.
type: float
save_config:
default: false
description:
- If C(true) the module will save the configuration on the NetScaler ADC node if it
makes any changes.
- The module will not save the configuration on the NetScaler ADC node if it made
no changes.
type: bool
cacherecords:
choices:
- 'YES'
- 'NO'
description:
- Cache resource records in the DNS cache. Applies to resource records obtained through
proxy configurations only. End resolver and forwarder configurations always cache
records in the DNS cache, and you cannot disable this behavior. When you disable
record caching, the appliance stops caching server responses. However, cached records
are not flushed. The appliance does not serve requests from the cache until record
caching is enabled again.
type: str
dns64timeout:
description:
- While doing DNS64 resolution, this parameter specifies the time to wait before sending
an A query if no response is received from backend DNS server for AAAA query.
type: float
maxcachesize:
description:
- Maximum memory, in megabytes, that can be used for dns caching per Packet Engine.
type: float
cachenoexpire:
choices:
- ENABLED
- DISABLED
description:
- If this flag is set to YES, the existing entries in cache do not age out. On reaching
the max limit the cache records are frozen
type: str
ecsmaxsubnets:
description:
- Maximum number of subnets that can be cached corresponding to a single domain. Subnet
caching will occur for responses with EDNS Client Subnet (ECS) option. Caching of
such responses can be disabled using DNS profile settings. A value of zero indicates
that the number of subnets cached is limited only by existing memory constraints.
The default value is zero.
type: float
cachehitbypass:
choices:
- ENABLED
- DISABLED
description:
- This parameter is applicable only in proxy mode and if this parameter is enabled we
will forward all the client requests to the backend DNS server and the response
served will be cached on Citrix ADC
type: str
maxnegcachettl:
description:
- Maximum time to live (TTL) for all negative records ( NXDONAIN and NODATA ) cached
in the DNS cache by DNS proxy, end resolver, and forwarder configurations. If the
TTL of a record that is to be cached is higher than the value configured for maxnegcacheTTL,
the TTL of the record is set to the value of maxnegcacheTTL before caching. When
you modify this setting, the new value is applied only to those records that are
cached after the modification. The TTL values of existing records are not changed.
type: float
nitro_protocol:
choices:
- http
- https
default: https
description:
- Which protocol to use when accessing the nitro API objects.
type: str
validate_certs:
default: true
description:
- If C(false), SSL certificates will not be validated. This should only be used on
personally controlled sites using self-signed certificates.
required: false
type: bool
dnsrootreferral:
choices:
- ENABLED
- DISABLED
description:
- Send a root referral if a client queries a domain name that is unrelated to the
domains configured/cached on the Citrix ADC. If the setting is disabled, the appliance
sends a blank response instead of a root referral. Applicable to domains for which
the appliance is authoritative. Disable the parameter when the appliance is under
attack from a client that is sending a flood of queries for unrelated domains.
type: str
resolutionorder:
choices:
- OnlyAQuery
- OnlyAAAAQuery
- AThenAAAAQuery
- AAAAThenAQuery
description:
- 'Type of DNS queries (A, AAAA, or both) to generate during the routine functioning
of certain Citrix ADC features, such as SSL VPN, cache redirection, and the integrated
cache. The queries are sent to the external name servers that are configured for
the forwarder function. If you specify both query types, you can also specify the
order. Available settings function as follows:'
- '* C(OnlyAQuery). Send queries for IPv4 address records (A records) only.'
- '* C(OnlyAAAAQuery). Send queries for IPv6 address records (AAAA records) instead
of queries for IPv4 address records (A records).'
- '* C(AThenAAAAQuery). Send a query for an A record, and then send a query for an
AAAA record if the query for the A record results in a NODATA response from the
name server.'
- '* C(AAAAThenAQuery). Send a query for an AAAA record, and then send a query for
an A record if the query for the AAAA record results in a NODATA response from the
name server.'
type: str
maxudppacketsize:
description:
- Maximum UDP packet size that can be handled by Citrix ADC. This is the value advertised
by Citrix ADC when responding as an authoritative server and it is also used when
Citrix ADC queries other name servers as a forwarder. When acting as a proxy, requests
from clients are limited by this parameter - if a request contains a size greater
than this value in the OPT record, it will be replaced.
type: float
nitro_auth_token:
description:
- The authentication token provided by a login operation.
type: str
version_added: 2.6.0
version_added_collection: netscaler.adc
cacheecszeroprefix:
choices:
- ENABLED
- DISABLED
description:
- Cache ECS responses with a Scope Prefix length of zero. Such a cached response will
be used for all queries with this domain name and any subnet. When disabled, ECS
responses with Scope Prefix length of zero will be cached, but not tied to any subnet.
This option has no effect if caching of ECS responses is disabled in the corresponding
DNS profile.
type: str
namelookuppriority:
choices:
- WINS
- DNS
description:
- Type of lookup (C(DNS) or C(WINS)) to attempt first. If the first-priority lookup
fails, the second-priority lookup is attempted. Used only by the SSL VPN feature.
type: str
maxnegativecachesize:
description:
- Maximum memory, in megabytes, that can be used for caching of negative DNS responses
per packet engine.
type: float
splitpktqueryprocessing:
choices:
- ALLOW
- DROP
description:
- Processing requests split across multiple packets
type: str
nxdomainratelimitthreshold:
description:
- Rate limit threshold for Non-Existant domain (NXDOMAIN) responses generated from
Citrix ADC. Once the threshold is breached , DNS queries leading to NXDOMAIN response
will be dropped. This threshold will not be applied for NXDOMAIN responses got from
the backend. The threshold will be applied per packet engine and per second.
type: float
changed:
description: Indicates if any change is made by the module
returned: always
sample: true
type: bool
diff:
description: Dictionary of before and after changes
returned: always
sample:
after:
key2: pqr
before:
key1: xyz
prepared: changes done
type: dict
diff_list:
description: List of differences between the actual configured object and the configuration
specified in the module
returned: when changed
sample:
- 'Attribute `key1` differs. Desired: (<class ''str''>) XYZ. Existing: (<class ''str''>)
PQR'
type: list
failed:
description: Indicates if the module failed or not
returned: always
sample: false
type: bool
loglines:
description: list of logged messages by the module
returned: always
sample:
- message 1
- message 2
type: list