Forum Discussion

Chris_Roy_10356's avatar
Chris_Roy_10356
Icon for Nimbostratus rankNimbostratus
Jul 26, 2006

DNS Rewrite

Is there any way to hijack a DNS request or rewrite a DNS response through an LTM iRule?

I'm trying to get DNS to respond to internal requestors with a private NAT address (that may or may not be on the BigIP) for an Internet host that would ordinarily return a public address. I am able to do this in GTM through a WideIP with multiple aliases (so we can keep them all in one place) and the following iRule:


when DNS_REQUEST {
if {[IP::server_addr] equals "10.1.2.1"} {
switch [DNS::rrname] {
www.a.com { host 10.1.1.1 }
www.b.com { host 10.1.1.2 }
}
}
}

Unfortunately, I need to add another listener to GTM and send all of my outbound requests there to catch just a few hosts. I would rather have an LTM iRule that I could put on my outbound Network VS for udp:53 that could do the dirty work without changing the DNS server config. I have some iRule command references that indicate DNS commands exist (or existed at some point), but my BigIP running 9.2 doesn't seem to want to recognize them.

Any help or clarification is appreciated...

application delivery
dev
devops
iRules
  • Colin_Walker_12's avatar
    Colin_Walker_12
    Historic F5 Account
    Aug 03, 2006
    You could certainly write an iRule on LTM to grab the traffic heading outbound and re-write the payload contents to use the response address you want. It just wouldn't be quite as straight-forward as on GTM. You'd have to do some string matching (regex, scan, etc.) against the payload and then rewrite where necessary.

     

     

    There are a few examples of rewriting packet payload contents (not all of them are referring to DNS packets, but the idea is the same), at least one of which is in the Docs & Tips section. I'd check a couple of those out to get started.

     

     

    Colin