For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

dstogsdill_2492's avatar
dstogsdill_2492
Icon for Nimbostratus rankNimbostratus
14 years ago

GTM iRule - cname

Hi all,   I'm trying to test a simple iRule to return a cname for a wide IP. I looked at the cname Wiiki on dev central and my syntax looks correct, however, it is not returning the cname respons...
application delivery
dev
devops
iRules
dstogsdill_2492's avatar
dstogsdill_2492
Icon for Nimbostratus rankNimbostratus
14 years ago
I was told by my F5 rep that the RFC states that a root record query can only be answered with an A record. The link i posted previously states pretty much the same thing.

 

 

Anyways, I was able to come with a solution. Since the application will be hosted within AWS and all i need to do is host the domain I really have no need to check the health of the application. Essentially, i just need to provide DNS resolution and let AWS provide the global load balancing.

 

 

I ended writing a simple shell script to lookup the IP's of the AWS Alias, output the IP's to a file and then update an iFile. The iRule then uses the iFile to return the IP as an A record.

 

 

This would be much simpler if I could have used the Resolve::Lookup iRule method on the GTM, however, it only seems to be available within the LTM Module.

 

 

Anyways, for anyone who is interested here is the script. I initially created the iFile record via the gui so this script just updates the existing iFile.

 

 

I use dig to get the IP's. Amazon returns two IP's so I remove the second listed IP. I then have to remove the new line and trailing white spaces before outputting to a file. This is essential as the iRule Host command doesn't like any white spaces. I then issue the TMSH commands to update the iFile.

 

 

I have to thank the guys on this post for giving me the syntax to specify a file on the local file system when modifying the iFile. I could not find any documentation on AskF5 for this.

 

https://devcentral.f5.com/Community/GroupDetails/tabid/1082223/asg/53/aft/2159165/showtab/groupforums/Default.aspx

 

 

I will end up rewriting this to return both IP's and error checking but this works for now.

 

-----------------------------------------------------------------------------------------------

 

!/bin/bash

 

 

dig +short @8.8.8.8 node.amazonaws.com IN A | sed '$d' | tr '\n' ' ' | sed 's/ $//' > /config/scripts/ag_aname.txt

 

 

tmsh modify /sys file ifile ag_aname.txt source-path file:/config/scripts/ag_aname.txt

 

tmsh save /sys config >>/dev/null

 

 

---------------------------------------------------------------------------------------------

 

 

And here is the iRule

 

 

------------------------------------------------------------------------------------------

 

when DNS_REQUEST {

 

set ifileContent [ifile get "/Common/ag_aname"]

 

host $ifileContent

 

log local0. $ifileContent

 

unset ifileContent

 

}

 

 

If anyone has a simpler way of doing this I would love to hear it.