bigip load balance caching DNS servers in ISP.
I made an irule which block DNS query packets which has pre-defined URL list.
(eg. bigip block DNS query which ask IP address of "www.naver.com")
but it didn't work.
please advice.
my irule is below.
=================
when CLIENT_DATA {
if { matchclass [UDP::payload] contains $::dnslist } {
log local0. "bad URL!"
drop
} else {
pool dns_pool
}
}
class dnslist {
"www.naver.com"
"www.yahoo.co.kr"
}
=========================
Nimbostratus
Running 9.4.6 - would something like this work now?
when DNS_REQUEST {
if { ([DNS::rrtype] eq "A") and (matchclass [DNS::rrname] eq $::dnsinternal)
pool internal_dns
} else {
pool ISP_dns
}
}
class dnsinternal {
"www.internal.com"
"internal.com"
"internal.net"
}
Nimbostratus
So, back to the drawing board. Any ideas gladly received.
Admin
https://devcentral.f5.com/Default.aspx?tabid=53&forumid=5&postid=6760&view=topic Click here
https://devcentral.f5.com/Default.aspx?tabid=53&forumid=5&postid=5557&view=topic Click here
