Technical References

Governs the expiration time of DNS queries; for example,
DNS query, zone transfer SOA query, IXFR request and notify
request). A query that is not answered within this time interval
expires.
Note: Cisco recommends that you make sure this value is
considerably larger than 'request-retry-time' to allow multiple
attempts to query multiple servers, using exponential backoff.
request-retry-time rangetime(1s-30s) default = 4s
Dictates the retry time interval (in secs) when querying a name
server. This time interval is used in general queries - in
response to DNS clients queries - (zone transfers) SOA queries,
IXFR requests and notify requests. Understand that this is a
minium retry time. The server applies an exponential backoff on
retries.
resolution-queue-max-size rangeint(10-50000) default = 5000
Specifies the maximum number of concurrent queries that the
DNS server can initiate to other name servers. When this
limit is reached, the DNS server begins dropping incoming
query requests that require external resolution.
restrict-cache-query-acl amelist
Specifies an access control list that restricts which
clients are allowed to query for cached non-authoritative
resource records. If unset, restrict-query-acl is used.
Optional.
restrict-query-acl amelist default = any
Provides a global access control list (ACL) used to limit device
queries that a DNS server must honor. You can restrict query
clients based on host IP address, network address, TSIG keys,
and access control lists. The default is to allow any client to
perform a query.
Zones inherit this ACL if they are missing their
restrict-query-acl. This ACL also serves as filtering queries for
non-authoritative zones.
restrict-recursion-acl amelist default = any
Defines the global Access Control List (ACL) used to restrict
recursive that the DNS server honors. This list can contain
host, network addresses, TSIG keys and global ACLs that
restrict recursive queries to a certain set of DNS clients.
Default is to allow any client to perform a query. For any client
not passing this ACL andrequesting a recursive query, the server
responds with a referal - as if originally requested with an
iterative query.
restrict-xfer-acl amelist default = none
Overrides the default access control list (designating who can
receive zone transfers).
round-robin bool default = enabled