Functionality questions regarding commands that we're using in a DNS_REQUEST related iRule

I opened a ticket w/F5 regarding this but they recommended I try DevCentral instead, so here we are :)

We're currently in the process of creating and testing an iRule/configuration in a test environment with the intent of eventually applying it to the listeners in our F5 DNS/GTM production environment that will forward DNS requests made to our production F5 DNS/GTM environment with only specific criteria to a separate Windows DNS server to answer back through our production F5 DNS/GTM environment.

What we have so far which appears to be working:

when DNS_REQUEST {

# Check if the query is for a TXT record and matches a specific FQDN

if { ([DNS::question type] equals "TXT") and ([string tolower [DNS::question name]] contains "_acme-challenge") } {

# Forward to a specific pool of DNS servers

DNS::disable dns-express

snat automap

translate address enable

pool /Common/dns_fwdtxttest_pool

}

}

In order for us to get it to work we had to add the following commands to the iRule that we found online:

DNS::disable dns-express

snat automap

translate address enable

In both our test and production F5 DNS/GTM environments we:

-Do use dns-express

-Have source address translation set to none on our listeners

-Have address translation disabled on our listeners

My questions are in regard to how those 3 commands may/may not affect other requests/traffic made to our production F5 DNS/GTM environment NOT being processed by the iRule when it gets triggered during and post completion.

Will the features/settings affected by those commands only apply to the request/traffic that triggers and is processed by the iRule, or all traffic?

Will the features/settings affected by those commands automatically revert back to how they are currently set/functioning prior to implementation in our production F5 DNS/GTM environment (DNS Express - enabled, source address translation - none, address translation - disabled) again once the iRule completes processing the triggered request/traffic, or do they need to be toggled back manually at the end of the iRule in some way again as well?

We're just trying to make sure we have all our bases covered and are accounting for as much as we can before going live with it and potentially running into other unexpected issues with production requests/traffic upon implementation.

All that being said - is there anything else that we may be missing/overlooking?

Anyone out there have any thoughts/suggestions/guidance at all?

Thanks in advance and hope all is well!