Configuring DNS Hosts
The CipherTrust Manager allows the Admin users to specify local DNS host entries, which eliminates the need to remember the IP addresses. While specifying a hostname, its IP address is required so that CipherTrust Manager can connect directly to that address whenever its hostname is specified for any outbound connection such as SMTP and Syslog Server.
Multiple hostnames can be assigned to an IP address. To do so, you need to create multiple records.
Example
ksctl dnshosts create --name 'example.com' --ip '172.168.59.22'
ksctl dnshosts create --name 'example1.com' --ip '172.168.59.22'
In the above example, IP 172.168.59.22
is assigned to multiple hostnames.
Similarly, multiple IP addresses can be assigned to a hostname.
Example
ksctl dnshosts update --id 'example.com' --ips '172.168.59.22' --ips '172.168.12.22' --type 'host-record'
In the above example, multiple IPs are assigned to the example.com
hostname.
The DNS hostnames are unique in the system.
Note
Currently, local DNS-Host entries are not resolved while configuring SNMP and NTP servers.
The following operations can be performed:
Create/get/update/delete DNS record
List all DNS records
Creating DNS records
To create a DNS record, you need to define the following parameters:
name
- Hostname of the domain.ip
- Host IP. This field is deprecated. Therefore, it is recommended to useips
.ips
- Host IPs. You can provide single or multiple IPs if required.type
- Type of the DNS host record. Possible values are:address
(default) - supports domain redirection. For example, if a DNS entry for the domain "example.com" exists with an IP address, the subdomain "abc.example.com" will also be redirected to the same IP as defined for the "example.com".
For entries with multiple IPs, round-robin is not supported. For example, if a DNS record is created with multiple IPs, only a specific IP will be returned every time during the domain name resolution process.host-record
- supports round-robin over multiple IPs, but doesn't support domain redirection. Therefore, the resolution only takes place when there's an exact match for the specified hostname.
If you don't provide
type
explicitly, the default value (address
) is used.
Example 1
Syntax
Request
Response
In the above example, the default type
that is address
is returned in the response.
Example 2 (type
set to address
)
Request
Response
Example 3 (type
set to host-record
)
Request
Response
Getting details of DNS records
To get details of a DNS record, run:
Request
Response
Updating DNS records
To update a DNS record, run:
Request
Response
Getting list of DNS records
To get a list of all DNS records, run:
Request
Response
Deleting DNS records
To delete a DNS record, run:
Request
There will be no response if DNS record is deleted successfully.