Forum Discussion
DNS Lookup
Playing with the following rule trying to get DNS lookups working. Every time I hit the rule the name::response allways comes back empty. Any ideas what I am doing wrong. Thanks
when HTTP_REQUEST {
set host [HTTP::host]
NAME::lookup $host
HTTP::collect
log "$host"
}
when NAME_RESOLVED {
set address [NAME::response address 0]
use node $address 80
log "$address"
HTTP::release
}
30 Replies
- JRahm
Admin
I had the syntax way wrong for RESOLV::conf. Please check out the wiki:
http://devcentral.f5.com/wiki/default.aspx/iRules/resolv__lookup.html 
hoolioCirrostratus
Thanks for the updates. Would RESOLVE::lookup been too intuitive for a name? :D
Any idea why this command wouldn't be valid in RULE_INIT? Logically, it seems like it wouldn't need to be tied to a connection.
Thanks,
Aaron- hoolioHi Tom,
That was the easiest event to test it with (and not have to add the rule to a VIP and make a request). I could imagine it might be useful to only perform the lookup once if it's not a value that is expected to change frequently. I guess it's more of a question of why not.
Aaron - Hi,
I am trying to make RESOLV::lookup more robust by resolving against more than one DNS server. I have seen elsewhere in the forums that if you configure a DNS VIP that load balances to a pool of DNS servers (eg 1.1.1.1:53) and then specify this VIP in the RESOLV command i.e. (RESOLV::lookup @1.1.1.1 www.test.com) this should work.
Well, in 10.2.1 i cannot get this to work. is this possible? I have tried using the "virtual" command within the RESOLV::lookup and that doesn't work either.
Anybody managed to get this to work?? - hoolioHi Evan,
If you query the DNS virtual server directly does it work? dig @1.1.1.1 www.example.com
Aaron - Hey aaron,
Yep, if i do a dig @VIP from the Bigip CLI (or from an external client) this works. but within the iRule, the lookup times out...
I have a workaround where i set the resolve retries and timouts to be small and then sequentially try the next server if there is a failure i.e
set ips [RESOLV::lookup @$static::DNS_RESOLVER $host]
set _ipaddress [lindex $ips 0]
if {$_ipaddress eq "" }{
set ips [RESOLV::lookup @$static::DNS_RESOLVER_BACKUP $host]
set _ipaddress [lindex $ips 0]
}
It would be MUCH better if we could avoid the timeout and go directly to the working DNS server once Bigip has marked the other one down... - Could you specifically check each of the nodes with LB::status?
Something like:set status1 [LB::status pool member ] set status2 [LB::status pool member ] if {$status1 eq "up"} { set ips [RESOLV::lookup @$static::DNS_RESOLVER $host] set _ipaddress [lindex $ips 0] } elseif {$status2 eq "up"}{ set ips [RESOLV::lookup @$static::DNS_RESOLVER_BACKUP $host] set _ipaddress [lindex $ips 0] }
This way you wouldn't have to endure the timeout.
Colin - hoolioI expected the VS IP to work with RESOLV::lookup. It would be great if you could open a case with F5 Support if this isn't working to document the issue and ideally get it fixed (if it's a bug or limitation).
Aaron - Hey did you ever open up a case on this one? I'm looking to do something similar in the future.. Would you mind posting what you found/find?
Thanks! - Colin - thanks for the suggestion, i may give it a try in the short term.
In the long term, i'm opening a case... will update you all with what i find...
Cheers,
Evan.
