The dnsfly API enables ISPs and technology administrators to securely control their domain name space and offer DNS-as-a-service. It can be integrated with customer portals and applications to provide domain management functionality.
The following diagram illustrates the differences between nsupdate utility which can perform some basic record update tasks and dnsfly API:
The dnsfly API is agnostic to programming languages and the implementation is similar to the Representational State Transfer (REST) interface. You can interact with the API in a number of ways including using curl commands, PERL/LWP, Python, PHP or Java.
The API commands uses the POST or GET method. The clients needs to directly connect to the management network Interface and port on your dnsfly appliance. The default port number for the management Interface is 3333.
This API call returns a list of zones that a user has access to:
<dnsflyAPI> <ErrorCode> </ErrorCode> <ErrorDesc>No Error</ErrorDesc> <DomainList>check.local mydomain.com </DomainList> </dnsflyAPI>
This API call is used for adding one or more records. On successful completion of the call the following XML is returned:
<dnsflyAPI> <ErrorCode></ErrorCode> <ErrorDesc>No Error</ErrorDesc> </dnsflyAPI>
This API call can be used for deleting records from a zone.
This call needs to be performed after the addition or deletion of records. The name server will reload the zone data. The output of this command is slightly different and provides a TaskID. This can be referenced to see if the task has been successfully completed or not:
<dnsflyAPI> <ErrorCode></ErrorCode> <ErrorDesc>No Error</ErrorDesc> <TaskID>1344974883.202895</TaskID> </dnsflyAPI>
This API call can be used for converting a normal DNS zone to a DNSSEC signed zone. The API call will automatically generate the KSK and ZSK , sign and reload the signed zone.
<ErrorDesc>No Error</ErrorDesc> <TaskID>1344974883.202895</TaskID> </dnsflyAPI>
This API call is used for re-signing a DNSSEC zone after an update to its records.
This API call converts a DNSSEC signed zone back to a normal DNS zone.
This API call can be used for verifying that the tasks you have submitted are successfully completed.
<dnsflyAPI> <ErrorCode></ErrorCode> <ErrorDesc>No Error</ErrorDesc> <TaskID>1344981289.616878</TaskID> <TaskName>Reload Zone Data</TaskName> <TaskStatus>Successful</TaskStatus> <OriginAddr>192.168.17.205</OriginAddr> <UserName>vinod</UserName> </dnsflyAPI>
This is the user name for dnsfly
This is the password for the dnsfly user
This is the name of the zone for dnsfly
This variable defines the type of records you are adding or deleting. Please refer to the table below for the supported record types and the record format that needs to be followed.
This variable should contain the actual list of records. You can add or remove multiple records at the same time. The record separator is a “?” character and each field in the record is separated by “|” character.