DNS notify loadbalancing

Employee

Nov 09, 2010

2 things

1) when dealing with TCP, in client_accepted, you may collect data first...do what you need in client_data, then release the data...

your irule may look like this...

when CLIENT_ACCEPTED {

TCP::collect

}

when CLIENT_DATA {

do what you what here...

TCP::release

}

according to rfc 1035

4.2.2. TCP usage

Messages sent over TCP connections use server port 53 (decimal). The

message is prefixed with a two byte length field which gives the message

length, excluding the two byte length field. This length field allows

the low-level processing to assemble a complete message before beginning

to parse it.

so your binary scan command has to change to

binary scan [TCP::payload] SSS length id flags

combine both together it probably look like this... (not test)


when CLIENT_ACCEPTED {
        TCP::collect
}
when CLIENT_DATA {
        binary scan [TCP::payload] SSS length id flags   
        set opcode [expr ($flags >> 11) & 0xf]
         Send NOTIFYs (opcode 4) to the master SQL database node.
        if { $opcode == 4 } {
                log local0. "DEBUG: NOTIFY TCP, sending to MASTER"
                node  MASTER_SERVER_IP 53
        }
        else {
                log local0. "DEBUG TCP: NOT A NOTIFY"
        }
        TCP::release
}

Nat

Forum Discussion

DNS notify loadbalancing

Recent Discussions

F5 ASM logging profile to specify source IP

Portal Access to HTTPS resources slow

Cannot login to Avaya wanx using f5 apm network access

Hi All, We have viprion 4300 with 4450 blades with 6 blades all blades having same configuration

Can iRule be used to perform exception of IPI category based on Geolocation

Related Content

BIG-IP / Virtual Server for UDP & TCP DNS Loadbalancing / extracting client IPs

Using F5 Distributed Cloud DNS Load Balancer health checks and DNS observability

Logging of DNS Requests and Responses without a DNS license

Logging DNS Requests

ESRP Strategies: DNS Water Torture Attack