Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[EDU-6110] AI documentation update - 2025-01-24 - edge dns #1464

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[EDU-6110] AI documentation update - 2025-01-24 - edge dns #1464

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 24 additions & 8 deletions src/content/docs/en/pages/main-menu/reference/secure/edge-dns/edge-dns.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ title: Edge DNS
description: >-
Host domains, DNS zones, and records with Azion routing solutions and Edge
DNS.
meta_tags: 'Edge DNS, DNS, routring'
meta_tags: 'Edge DNS, DNS, routing'
namespace: documentation_products_intelligent_dns
permalink: /documentation/products/secure/edge-dns/
---
Expand Down Expand Up @@ -142,7 +142,7 @@ The accepted value's format varies according to the chosen record type.
| NS | It must be in FQDN format or be an IP address.<br /><br />Maximum of 10 records (one per line).<br /><br />An NS can't be configured by the main domain of the zone (naked domain).<br /><br />It must point to the servers that have authority over that record. | `ns1.aziondns.net`<br /><br /> `ns2.aziondns.net` |
| PTR | Reverse zones lined to IPv6 addresses follow other rules. | After creating a reverse zone, you must create a type PTR record associated with it.<br /><br /> `www.exemplo.com` |
| SRV | The zone name must have the following format: `_service._protocol.name`. Example: `_ldap._tcp.azionsrv"`.<br /><br />The response values must be in the format `[priority] [weight] [port] [target]`.<br /><br />Maximum of 10 records (one per line).<br /><br />It must point to the host name that has an A or AAAA record.<br /><br />**Note**: Edge DNS won't validate this automatically. | `0 60 5060 bigbox.example.com` |
| TXT | Limited to 1000 characters.<br /><br />Text that is separated by ENTER is considered as different responses by Edge DNS | This domain name is reserved for use in documentation.<br /><br /> `"printer=lpr5"`<br /><br /> `"favorite drink=orange juice"` |
| TXT | Limited to 1000 characters.<br /><br />Text that is separated by ENTER is considered as different responses by Edge DNS | This domain name is reserved for use in documentation.<br /><br /> "printer=lpr5"<br /><br /> "favorite drink=orange juice" |

You can set up a domain, such as `www.domain.com`, to be used as a naked domain, that is, only `domain.com`. There are two ways to configure this:

Expand Down Expand Up @@ -180,6 +180,27 @@ It isn't allowed to use wildcard characters in SRV type records because it requi

---

## Importing Wildcards

If you have already generated wildcard certificates and wish to use them with Azion services, follow these steps:

1. Navigate to the Azion console.
2. Go to the SSL Certificate section.
3. Click on 'Import Certificate' and upload your existing wildcard certificate.
4. Assign the certificate to the desired domain within Azion services.

[TECHWRITER TODO: INSERT INFORMATION ABOUT HOW TO IMPORT WILDCARD CERTIFICATES SPECIFIC TO AZION SERVICES]

---

## Limitations with Third-party DNS

When automating wildcard certificate creation with Let's Encrypt on Azion, it is important to note that Azion's DNS is required. Third-party DNS providers may not support the necessary DNS-01 challenge for certificate verification.

[TECHWRITER TODO: INSERT INFORMATION ABOUT DNS-01 CHALLENGE AND WHY AZION'S DNS IS REQUIRED]

---

## DNS provider configuration

In order for **Edge DNS** to become the authority over your zones, you must point it at your DNS registry. For example: `registro.br`, `GoDaddy`, `AWS`.
Expand All @@ -197,16 +218,11 @@ It's important to verify that all your records are properly registered and teste
The **Domain Name System Security Extensions (DNSSEC)** is a feature of the *Domain Name System (DNS)* that authenticates responses to domain name lookups. It doesn't provide privacy protections for those lookups but prevents attackers from manipulating or poisoning the responses to DNS requests.

<LinkButton link="/en/documentation/products/secure/edge-dns/dnssec-compatibility/" label="go to DNSSEC compatibility reference" severity="secondary" />


---

## Massive redirect for domain migration

**Massive Redirect** is Azion's serverless integration for processing many simultaneous redirects. It can be used where there is a need to change a significant number of addresses, for example, in domain migrations.

To configure massive redirection for domain migration, access the [Massive Redirect](/en/documentation/products/guides/massive-redirect-integration/) documentation.




To configure massive redirection for domain migration, access the [Massive Redirect](/en/documentation/products/guides/massive-redirect-integration/) documentation.