Use the dns statement to identify the location of a name server
to be managed by ADNR. This statement has a dns_id keyword that contains
the IP address of a name server and optionally a port. You can code
multiple dns statements.
Rule: In general, for data integrity
reasons, multiple dns statements should not refer to the same name
server. However, if you are configuring ADNR to work with a split
DNS configuration, this is acceptable. For more information, see
Split DNS (views).
The dns statement also contains one or more zone keywords that
identify a zone in the name server to be updated. The domain suffix
specified on the domain_suffix parameter must represent a zone previously
configured in the name server that is being updated. For more information,
see Initial zone configuration.
The zone keyword contains three optional parameters, update_key,
transfer_key, and ttl.
- The update_key parameter and the transfer_key parameter enable
the use of digital signatures on requests sent from ADNR to the name
server. The digital signatures provide a way for the name server to
authenticate ADNR as a client that is authorized to update the name
server and to receive zone transfer information. These digital signatures
are called transaction signatures (TSIG). Use of TSIGs requires coordination
between ADNR configuration and name server configuration. For more
information about TSIG security, see Authorizing dynamic updates and Authorizing zone transfers.
- The ttl parameter determines how long resolvers and non-authoritative
name servers keep ADNR-managed resource records cached. For more information,
see Near real-time availability information of sysplex resources.