Playing with the following rule trying to get DNS lookups working. Every time I hit the rule the name::response allways comes back empty. Any ideas what I am doing wrong. Thanks when HTTP_REQUEST { set host [HTTP::host] NAME::lookup $host HTTP::collect log "$host" } when NAME_RESOLVED { set address [NAME::response address 0] use node $address 80 log "$address" HTTP::release }

I have not yet used the NAME:: commands, but I did find this code: (Click here which seems to use slightly different syntax for the NAME::response command. HTH /deb

You also need to be sure that you've tweaked your configs appropriately, as is noted in the CodeShare page deb linked to in the above post. Use the syntax listed there along with the conf changes need, and you should be all set. Colin

Is this configuration still required on v9.4? I tried this and am get a blank response as well. I'm just doing a brute force test to see if resolution is working. I assume this can be host to IP. when HTTP_REQUEST priority 5 { Hold HTTP data until hostname is resolved HTTP::collect Start a name resolution on the hostname NAME::lookup "www.xmission.com" } when NAME_RESOLVED { log local0. "client name = >[NAME::response]<" Release HTTP data once hostname is resolved HTTP::release } Thanks, Tom Schaefer

Hi, One question. When doing the NAME::lookup, i understand it will send a name resolution petition to a DNS. My question is where to configure the DNS where the petitions will be sent. Can it be specified in the command, or it must be done in other configuration?? Thank you very much. BR

hi Adrian, For 9.4.2+ you can use the steps in SOL8437: SOL8437: Configuring BIG-IP to resolve DNS hostnames https://support.f5.com/kb/en-us/solutions/public/8000/400/sol8437.html For older versions, you can check SOL3624: SOL3624: Configuring DNS name resolution https://support.f5.com/kb/en-us/solutions/public/3000/600/sol3624.html And here are a few examples of using NAME::lookup and validating the response: http://devcentral.f5.com/wiki/default.aspx/iRules/DestinationSnatUsingDNS.html http://devcentral.f5.com/Default.aspx?tabid=53&forumid=31&tpage=1&view=topic&postid=8551885545 SOL5299: The BIG-IP system does not forward DNS requests after configuring the BIND Forwarder Server List https://support.f5.com/kb/en-us/solutions/public/5000/200/sol5299.html Aaron

DNS Lookup | DevCentral

30 Replies

hoolio
Cirrostratus
Apr 01, 2011
I quickly tested this as well on 10.2.0HF1 and RESOLV::lookup didn't work with a VIP address. I'll see about opening a case on this as well. Evan, if you do too, could you reply here with the case number?

Thanks, Aaron
Colin_Walker_12
Historic F5 Account
Apr 04, 2011
Good info Aaron, I've updated the wiki page to reflect this. Click Here

Colin
spark_86682
Historic F5 Account
Apr 04, 2011
For the RESOLV::lookup command, if you want to target a VIP, you should do so by name, not by IP. Have you tried doing that? Is there some reason you have to specify the VIP by IP?
hoolio
Cirrostratus
Apr 04, 2011
No particular reason--I assumed a virtual IP would be treated the same way as any other IP address for RESOLV::lookup.

Jeffrey just updated the wiki page to say 'virtual name' instead of the original 'virtual'. Thanks for pointing this out.

Aaron
hoolio
Cirrostratus
Apr 05, 2011
I updated the wiki page to make this a bit clearer. Thanks for letting us know about the correct format.

Aaron
Colin_Walker_12
Historic F5 Account
Apr 05, 2011
Thanks spark and Aaron, good to know.

Colin
Thomas_Schaefer
Nimbostratus
Jun 10, 2011
I had an interesting thing come up recently. A new host name was added as an alias record of another host. Now when we call the NAME::Lookup, nothing comes back. If I dig the name on the BigIP command line, it works just fine. Does anyone know if there are issues with DNS records that use A and CNAME records?

Thanks,

Tom Schaefer
hoolio
Cirrostratus
Jun 10, 2011
Hi Tom,

Can you post an anonymized sample of the relevant DNS record(s) you're seeing the issue with?

Aaron
Thomas_Schaefer
Nimbostratus
Jun 10, 2011
Aaron,

Here you go...

C:\>nslookup fmservices.ocfo.mycompany.com

Server: dnr-anycast.mycompany.com

Address: 117.142.8.122

Name: fmservices.gss.mycompany.com

Address: 117.142.8.140

Aliases: fmservices.ocfo.mycompany.com

If I run dig, I see the alias as a CNAME record. My understanding from the other team is this is done like this for their load balancer that offers up addresses (3DNS).

Prior to the CNAME record being added, NAME::lookup worked fine. Now I get nothing back in the address list.

Time to ask support?

Thanks,

Tom
hoolio
Cirrostratus
Jun 10, 2011
So you're calling NAME::lookup fmservices.gss.mycompany.com which has a CNAME of fmservices.ocfo.mycompany.com?

I don't think NAME::lookup (or RESOLV::lookup) supports cnames. So you'd need to query for fmservices.ocfo.mycompany.com to get the A record for that. I'm not sure why we can't query for CNAMEs. You might open a support case to ask this. If you do, could you post the answer you get?

Thanks, Aaron