DNS_REQUEST

Question

Hi everybody,&nbsp;
&nbsp;I have some trouble with the behavior of the GTM when a DNS_REQUEST occurs.&nbsp;
&nbsp;I would like to manage the request according to the type of the DNS_REQUEST.
&nbsp; I want to get the GTM to process if the type is "A" or "CNAME", forward to a DNS server if "MX", "NS" or "SOA", and reject the request if the type is another one.&nbsp;
&nbsp;Normally, the DNS::rrtype give us the opportunity to manage all the types of DNS but the GTM enters in the irules only if the rrtype is "A". Is it normal?&nbsp;
&nbsp;Here is my irule :&nbsp;
&nbsp;when DNS_REQUEST {
&nbsp;    log "RRType : [DNS::rrtype]"
&nbsp;    if { ([DNS::rrtype] != "A") or
&nbsp;         ([DNS::rrtype] == "CNAME")
&nbsp;        } { 
&nbsp;        if { ([DNS::rrtype] == "MX") or
&nbsp;            ([DNS::rrtype] == "NS") or
&nbsp;            ([DNS::rrtype] == "SOA") 
&nbsp;        } {
&nbsp;            forward
&nbsp;        }
&nbsp;        else {
&nbsp;            reject
&nbsp;            }
&nbsp;}
&nbsp;}&nbsp;&nbsp;
&nbsp;When the DNS_REQUEST is a "A" one, the GTM enters the irule otherwise it doesn't enter the irule.
&nbsp;How can i do to get the GTM have that behavior?&nbsp;
&nbsp;Thanks,&nbsp;
&nbsp;Marylène&nbsp;

the_bhattman · Answer

Hi Marylène, 
&nbsp;   I have you tried the following 
&nbsp;  
&nbsp; 
when DNS_REQUEST {
   Log local.0 "RRtype : [DNS::rrtype]"
   if { !([DNS::rrtype] eq "A") or ([DNS::rrtype] eq "CNAME") } {
     switch -glob [DNS::rrtype] {
       "MX" -
       "NS" - 
       "SOA" { 
               forward 
                  }
        default {
               reject 
                     }  
    }
  }
}
 
&nbsp;  
&nbsp; NOTE: This is untested code 
&nbsp;  
&nbsp; I hope this helps 
&nbsp;  
&nbsp; Bhattman 
&nbsp;  &nbsp;

mtanfin_90263 · Answer

Same thing, the irule is not activated when a DNS request occurs.
&nbsp;There is nothing with "RRtype" in the log file..&nbsp;

the_bhattman · Answer

Hi Marylène 
&nbsp;   So there is the value of [DNS::rrtype] is completely empty in the GTM or LTM log file?&nbsp;
&nbsp; Bhattman

mtanfin_90263 · Answer

When the type of the request is A, I can see the log DNS:RRType in the log. 
&nbsp; When the request is another type, i can't see anything with RRType in the log... 
&nbsp; I think the irule is not activated in that case..

mtanfin_90263 · Answer

I found the reason. The TMOS first check the request, and if the rrtype is A,AAAA,A6 or CNAME, it sends the request to the gtm otherwise it forwards the request to the DNS server. So we can just use these rrtype in a GTM irule. 
&nbsp;  
&nbsp; Thanks Bhattman

Forum Discussion

DNS_REQUEST

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

DNS_REQUEST

iRule trouble DNS_request

DNS_Request redirects traffic slowly

irule: read DNS update fields from DNS_REQUEST

looks the RESOLV::lookup and NAME::lookup cannot be used in DNS_REQUEST event

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS