Provide custom resolution based on Source and URL

Nimbostratus

Oct 03, 2019

Hi James,

Thanks for your answer, this is on a BIG-IP DNS, so by URL i mean wide IP, there's no LTM functionality on this appliance.

The GTM has multiple listeners that cater to different user bases, this iRule will be sitting on one of those listeners to provide this specific functionality.

The filter portion

when DNS_REQUEST {
if {[class match [IP::client_addr] equals IP_Data_Group] and [class match [DNS::Question] contain URL_Data_Group }

works ok, If i put a log after it i get appropriate log messages, however i have tried various connotations to manipulate the dns response including

DNS::answer insert "pool RPX_pool"
}
{ 
    DNS::return

and

DNS::answer insert "[DNS::question name]. 111 [DNS::question class] [DNS::question type] 192.168.1.10"
    DNS::answer insert "[DNS::question name]. 111 [DNS::question class] [DNS::question type] 192.168.1.11"
 
    DNS::return
}

However neither of these solutions seem to send a response to the client as an NSLookup on the client returns no IP address under the answer

Cheers

Forum Discussion

Provide custom resolution based on Source and URL

Recent Discussions

What is the meaning is 52% block in WAF

Rundeck ansible F5 errors

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Related Content

F5 APM as Service Provider (SP) and Microsoft AzureAD as Identity Provider (IDP)

F5 GTM resolution issue

DNS over HTTPS Resolution

F5 Distributed Cloud - Customer Edge Site - Deployment & Routing Options

Enable SAML Service Provider on F5 Distributed Cloud Application