Modifying GTM DNS response based on source IP - use translation field in virtual server definition
Hi,
I have the following setup :
GTM and LTM in internal DMZ. (private IP scheme)
GTM is configured with virtual servers defined as 1.1.1.100 (public IP) with translation field containing the actuel VS IP address on the LTM (10.10.10.100).
public access works fine since GTM replies with the public IP, and monitors the VS via the LTM.
However, when internal users access the site, I want them to access directly the private IP. Thus GTM should reply with the "translation field IP address" rather than the external IP address.
I tried Hamish Marson's script for that purpose (https://devcentral.f5.com/wiki/iRules.GTM-Translation.ashx), but Hamish's script uses datagroups to match the real and translated IP address.
I don't want to use this mechanism because it requires manual entry into the datagroup, which will only be possible using TMSH or irules Editor and I'd like to avoid using these tools to provision a new service.
So I tried developping my own script, based on Hamish, but I'm having a hard time getting to the virtual servers objects in order to match the IP in the DNS response to that of the virtual server.
I tried pools -list to access the pools, but it tells me that it's an undefined procedure (which probably means that the pools command is not usable in the context of a DNS Response event).
The DNS response contains the public IP and the name associated to the WIP, so I should be able to go through the following tree to gather this information : match name to Wide IP => lookup pools => lookup VS members of the pools => match IP to "IP address" field => return translation field in the same VS.
I know I could do it using a second WideIP for internal access, associated with different pools and different VS, but that means duplicating all entries which is a cumbersome provisioning process.
Does anybody have an idea how to access the VS definitions to get the information I need ?
Thanks !
Tom