DNS Response Rewrite

Question

Can we modify the payload of dns response?&nbsp;
&nbsp;The customer would like to check the dns response,if there has the "DNS:  Response Code: 3 (Name Error)" in the payload then bigip will modify the reply with a specific ip address to answer the dns query.&nbsp;
&nbsp;Rules gurus,do you have any idea for it?&nbsp;&nbsp;&nbsp;

colin_walker_12 · Answer

Well, you can certainly modify the response, as it's passing through the BIG-IP.  As far as the DNS response status, there isn't currently an iRules variable in place for that information.  This means you'll have to read through the information coming back from the DNS server and decipher the status yourself using a scan, string match, etc.&nbsp;
&nbsp;Once you do this, you'll add some logic to alter the IP address if necessary.&nbsp;
&nbsp;I'd start by taking a look at the UDP::payload, UDP::respond and "string match" commands.  Note that the string matching commands in iRules are not F5 specific, they are standard TCL syntax. For a good tcl reference I recommend - Click here - http://tmml.sourceforge.net/doc/tcl/index.html&nbsp;
&nbsp;HTH,
&nbsp;-Colin

Forum Discussion

DNS Response Rewrite

1 Reply

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

F5 Networks F5CAB1 Exam - Need Help Regarding Prep

Username is not filled in EdgeClient in the Modern customization

The GSLB pool is providing an incorrect IP to end users

iRule causing requests to be duplicated (sometimes)

Cisco TACACS+ Config on ISE LTM Pair

Related Content

Logging of DNS Requests and Responses without a DNS license

F5 DNS/GTM External Monitor(EAV) with SNI support and response code check

Rewrite http:// to https:// in response content

F5 XC Distributed Cloud DNS GSLB implementing Split-DNS

Thinking Outside the Box: Rewriting Web Pages with F5 Distributed Cloud (XC)

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS