F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

arya_wae_6493's avatar
arya_wae_6493
Icon for Nimbostratus rankNimbostratus
Aug 16, 2017
Solved

Configure RPZ to walled-garden query to forbidden domain

Hi all,

 

I've implement "transparent DNS cache" and RPZ to walled-garden if user query to forbidden domain (example pron domain). We use bind server as zone master (list of forbidden domain) and f5 as secondary zone.

 

The problem, if we want to walled-garden xxx.com and we need add that two domain at list of forbidden domain. is any solution so we only list one domain (example xxx.com) and DNS cache can walled-garden query to xxx.com and domain?

 

Kind Regards,

 

arya

 

application delivery
BIG-IP DNS
  • Yann_Desmarest_'s avatar
    Yann_Desmarest_
    Aug 17, 2017

    Hi,

     

    you can do it by using an irule on DNS events ro catch xxx.com and all subdomains

     

4 Replies

  • Yann_Desmarest_'s avatar
    Yann_Desmarest_
    Icon for Nacreous rankNacreous
    Aug 17, 2017

    Hi,

     

    you can do it by using an irule on DNS events ro catch xxx.com and all subdomains

     

    • arya_wae_6493's avatar
      arya_wae_6493
      Icon for Nimbostratus rankNimbostratus
      Aug 17, 2017

      Hi,

       

      Thanks for answering. But I do not want to use iRules, because it will break HW acceleration. So, any solution without iRules?

       

  • Yann_Desmarest's avatar
    Yann_Desmarest
    Icon for Cirrus rankCirrus
    Aug 17, 2017

    Hi,

     

    you can do it by using an irule on DNS events ro catch xxx.com and all subdomains

     

    • arya_wae_6493's avatar
      arya_wae_6493
      Icon for Nimbostratus rankNimbostratus
      Aug 17, 2017

      Hi,

       

      Thanks for answering. But I do not want to use iRules, because it will break HW acceleration. So, any solution without iRules?