DNS Irule

Depends when you want the iRule to be triggered. A GTM listener is a LTM virtual server. You can also create iRules in the LTM part and in the GTM part.

If you want to process the iRule for every DNS request, create in the LTM and assign to the GTM listener. If you want it for a wide IP for example, create in the GTM and assign to the wide IP.

my goal is to intercept every DNS query and check the IP. So I would want to attach the irule to the DNS LISTENER.

would the irule above in the original post acocmplish the task for me of checking the client ip against a data group and if the dns name equals forward to the GTM POOL?

Yes, the logic looks ok, but you have to test. However, change the "switch" for an "if", unless you will test multiple FQDNs.

thank you for your help

it is working however I notice that lookups that are contained in my irule take longer to process than ones that are not altered in my script, why would processing the irule slow it down or is this normal?

when DNS_REQUEST { if ([IP::addr [IP::remote_addr] equals 10.10.10.0/24]) { set ttl 1800 set A "[DNS::question name]. [DNS::question class] [DNS::question type]" if { [string tolower [DNS::question name]] equals "host.domain.com" } { DNS::answer insert "$A 20.20.20.20" DNS::return } } }

Try to comment each block of the iRule, and check which one is causing the delay, or if any at all. This iRule is small, so very little to improve in efficiency. However, do not set variable A, and reference it directly in the insert line. Why the ttl variable, as you are not using it?