Editing a Service Binding (SVCB) record - BlueCat Integrity - 26.1.0

Address Manager Administration Guide
ft:locale
en-US
Product name
BlueCat Integrity
Version
26.1.0

How to edit an existing SVCB record previously created in Address Manager.

To edit a SVCB record:

  1. Select the DNS tab in the sidebar, then select Views.
  2. Navigate to the level (DNS zone or DNS sub-zone) that contains the SVCB record you want to edit.
  3. Select the Resource records tab.
  4. Select the row containing the SVCB record in the Resource records table, then select Edit in the expanded details section.
  5. Under General, you can edit the following parameters:
    • Name—select one of the following options:
      • Same as zone—to use the zone name for the name of the SVCB record, select this option.
      • Specify name—to enter a name for the SVCB record. SVCB records encode the service name in the domain name using the Attrleaf naming pattern (RFC 8552 and RFC 8553) and support optionally prepending a label for a non-standard port. For example: _4422._ssh.example.net. (ssh service on port 4422).
    • Priority—enter a value to indicate the priority of the record relative to others. Select the Enable alias mode checkbox to set a value of zero, indicating AliasMode. Set a non-zero value to indicate ServiceMode.
      Note: For ServiceMode only: Configuring multiple HTTPS records with the same domain name and priority will trigger a simple load-distribution scheme inside the client. Using different values in the priority field will create a fallback configuration for the service that favours lower values first.
    • Host—enter the domain name of either the target (AliasMode) or alternative endpoint (ServiceMode).
      Note: The value entered in the Host field must be an existing host record or external host record.
    • Override TTL—to change the time-to-live value for the record, select this checkbox and enter a value in the TTL field that is displayed. Select a unit of time from the drop-down menu.

    The following service parameters are displayed for ServiceMode and describe the alternative endpoint provided in the Host value. These parameters are optional and only used for ServiceMode.

    • (For ServiceMode only) Default ALPN identifier—select this checkbox to include the default ALPN identifier. If you do not select this checkbox, it indicates that no default ALPN protocol version should be used if the client cannot connect using the protocols listed in the ALPN identifiers field. If you do not select this checkbox, specifying the ALPN identifiers is mandatory.
    • (For ServiceMode only) ALPN identifiers—a comma-separated list containing the application protocol and associated suite of protocols supported by the endpoint. Order determines importance with first listed taking priority. For more information on the alpn protocol ID format, refer to TLS Application-Layer Protocol Negotiation (ALPN) Protocol IDs . For example: h3,h3-29,h2
    • (For ServiceMode only) IPv4 address hints—A comma-separated list of IPv4 addresses that the client can use to reach the service if no records are cached. If the client already has the info in its cache, the cache will be used before the hint. For example: 192.0.2.80,198.51.100.0
    • (For ServiceMode only) IPv6 address hints—a comma-separated list of IPv6 addresses that the client can use to reach the service if no records are cached. If the client already has the info in its cache, the cache will be used before the hint. For example: 2001:db8::1000:fe90,2001:db8::2000:85e5
    • (For ServiceMode only) Mandatory keys—a comma-separated list of service parameter keys that are mandatory for the client. For example: ipv4hint,port
    • (For ServiceMode only) Encrypted client hello—reserved for use with the experimental TLS Encrypted Client Hello, a base64 encoded ECH config list which includes the public key of the service endpoint. For example: ZXhhbXBsZSBiYXNlNjQgc3RyaW5n
    • (For ServiceMode only) Port—the TCP or UDP port that should be used to reach the alternative endpoint. For example: 9443
    • (For ServiceMode only) Private use valueskey65280 - key65534, reserved for private use. For example: key65333=ex1
      Note: key65535 is Reserved ("Invalid key").
  6. Under Additional info, enter notes describing the resource record in the Comment field, if required.
  7. In the Change control section, add comments if required.
  8. Select Save.