Forum Discussion

Altostratus

Aug 09, 2022

F5 DNS iRule for disabling DNS Express for a CNAME query on a particular domain

Hey Folks! So we're using an F5 DNS as a resolver for some of our linux servers and at the same time it is the authoritative DNS for that particular domain let's say we host example.com on the F5 D...

application delivery

LiefZimmerman

Admin

Aug 15, 2022

Leilow214 - this has been hanging out for a while - have you figured out a path forward?
If not...let me know if anything has changed since the 9th and I'll see if I can find someone to lend a hand.

Leilow214
Altostratus
Aug 15, 2022
Hey Lief,
Good day!

Thanks for checking out on my question, I havent tested any solutions yet. But here's what Irule I did, Im not sure if this would work.
Name: CNAME_DNSX_iRule
when DNS_REQUEST {
if { ([string toupper [DNS::question type]] eq "CNAME") }
{
DNS::disable dnsx
}
}

Thank you.
- JRahm
  Admin
  Aug 15, 2022
  yes, that should work fine, DNS iRules processing is handled up front (as shown in this lightboard lesson). You can further refine by extending your if condition to the targeted domain in the query received if necessary.
  
  I'm pretty sure DNS::question type returns all caps already, but you could test to make sure and then eliminate the extra string command for the comparison.
  - Leilow214
    Altostratus
    Aug 16, 2022
    Hi JRahm,
    Good day!
    Thank you for the response, appreciate it. How do I refine it only for the targeted domain? Can you share the commands/syntax please?
    Regards,
    Leo