irule to redirect DNS traffic

Question

We are trying to create an iRule to catch any wayward DNS traffic.  We created a default VS for all port 53 traffic, but now we need a specific iRule so that we can forward these DNS request to the NameServer that isn't on the same network. 
&nbsp;  
&nbsp; For the life of me I can't seem to find something on here that will do that.  I'm looking for something like: 
&nbsp;  
&nbsp; when CLIENT_ACCEPTED { 
&nbsp;   if { [IP::addr [IP::client_addr] equals "0.0.0.0/0"] 
&nbsp; } { 
&nbsp; node "192.168.1.1" 
&nbsp; } 
&nbsp; } 
&nbsp;  
&nbsp; Any help would be greatly appreciated.

the_bhattman · Answer

If it's on a seperate network you might need to apply SNAT Automap into your irule 
  
 I.E.

when CLIENT_ACCEPTED { 
    if { [IP::addr[IP::client_addr] eq "0.0.0.0/0"] } { 
       snat automap 
       node 192.168.1.1 
       } 
 }

I hope this helps 
  
 CB

hooleylist · Answer

Another option would be to enable SNAT automap on the VIP and create a pool with 192.168.1.1 in it and remove the iRule. 
&nbsp;  
&nbsp; Aaron

l4l7_53191 · Answer

You may also consider a service specific 0.0.0.0:53 VIP with this iRule applied to it. That way you'll be able to treat this traffic uniquely from a profile/protocol/iRule perspective. 
&nbsp;  
&nbsp; -Matt

Forum Discussion

irule to redirect DNS traffic

3 Replies

Recent Discussions

vulnerabilities-CVE-2020-16150 & CVE-2013-0169

google autenticator broken barcode

Error while running ansible

ASM instance creation

[ASM] - what is "Browser Challange file" ?

Related Content

irule uri traffic redirection failing

Traffic Policy vs iRule Pool Redirect

iRule to log traffic details

iRule redirection

URL redirection irule