Forum Discussion

Adrian_1807's avatar
Adrian_1807
Icon for Nimbostratus rankNimbostratus
Jan 13, 2010

Irule: how to resolve DNS queries

Hi,

 

 

I have some doubts in the creation of an irule in a LTM.

 

 

I have a HTTP petition incoming in a LTM. I have to extract the url of the header, for example www.google.com, resolve the url with an external DNS and once i have the resolution of the query(209.85.227.106), route the petition to nated to the final server.

 

 

Any idea how to convert the url into ip via irule?? is there any way to ask for a DNS resolution with irules????

 

 

Thank you very much in advance.

 

 

Best regards.
application delivery
dev
devops
iRules

7 Replies

Sort By
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Jan 13, 2010
    Hi Adrian,

     

     

    I did some basic testing of a basic (limited HTTP only) web proxy iRule. I wouldn't consider it fully functional, but you could use it as a start. It would probably be better to implement a true web proxy and have LTM load balance or route to that though.

     

     

    LTM like Web Proxy (Squid)

     

    http://devcentral.f5.com/Default.aspx?tabid=53&forumid=31&tpage=1&view=topic&postid=8551885545

     

     

    Aaron
  • Adrian_1807's avatar
    Adrian_1807
    Icon for Nimbostratus rankNimbostratus
    Jan 13, 2010
    Hi Aaron,

     

     

    Thank you very much for your sample, I will begin with that....

     

     

    I think you are right, it should be better with a true web proxy, but it is a customer requirement, so.....

     

     

    Than you!!!
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Jan 13, 2010
    Hi Adrian,

     

     

    If you end up improving the example, could you reply here with it or add it to the iRule Codeshare?

     

     

    Thanks,

     

    Aaron
  • Adrian_1807's avatar
    Adrian_1807
    Icon for Nimbostratus rankNimbostratus
    Jan 14, 2010
    Hi Aaron.

     

     

    Ok if i improve the irule i will provide it to you.

     

     

    Anyway, I will talk with our customer to see if it is really the best implementation. Perhaps this kind of complex irules affects the traffic and it is a better idea to use an external proxy.

     

     

    Thanks.
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Jan 15, 2010
    I wouldn't try to use that iRule as it is in a production environment as a replacement for a full web proxy. It was more of an exercise than a fully functional rule.

     

     

    Aaron
  • Adrian_1807's avatar
    Adrian_1807
    Icon for Nimbostratus rankNimbostratus
    Jan 20, 2010
    Ok, thank you very much.

     

     

    One more question. Do you think it is really a good idea to implement that proxy in a BIGIP LTM 3600??

     

     

    I mean, the final iRule should be quite complex, and perhaps it will end in a high usage of CPU and a bad performance of the LTM.

     

     

    Till now, all the iRules implemented are quite simple, and they do not affect very much the traffic, but this seems to be a complex one and I have no experience with these kind.

     

     

    I have to say that the solution is for a mobile internet provider, so the number of petitions should be quite high. Actually, the virtual where will apply the iRule has 10 K concurrent connections.

     

     

    Finally, one more thing. When loading a web page, there are a lot of objects downloaded with diferent GETs. I think each GET is a different petition and a new DNS resolution, do you know if it is ok??

     

     

    Thank you very much!!

     

  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Jan 20, 2010
    Hi Adrian,

     

     

    I think it would be a very bad idea to use that rule in a production environment. The iRule doesn't even start to implement all of the requirements from the HTTP 1.1 or 1.0 RFCs. It would be much more reliable and efficient to use a true web proxy or collection of proxies which LTM load balances compared with this rule.

     

     

    Aaron