Forum Discussion

Josh_Hildebran1's avatar
Josh_Hildebran1
Icon for Nimbostratus rankNimbostratus
Feb 04, 2013

GTM split zone DNS responses - iRule

  I've just implemented GTM.. we have a split dns zone.. internal IPs for our intranet, and external IPs for our external folks. I consider that pretty standard. Oddly, F5 doesn't appear to ha...
application delivery
dev
devops
iRules
RiverFish's avatar
RiverFish
Icon for Altostratus rankAltostratus
Jan 13, 2015

I wanted to avoid cluttering up our GTM with a bunch of internal pools, so I ended up creating an iRule for each WIP. We have active/active data centers. One data center has a public range of 100.100.100.x/24 that NATs to a private range of 172.100.100.x/24, the other has a public range of 200.200.200.x/24 that NATs to a private range of 10.200.200.x/24. When the GTM receives a query from a private IP (defined in Topology > Regions), the iRule returns the internal IP (LTM VIP) after the GTM has made the LB decision (chosen the "up" pool member). The iRule has been working in production for close to a year now with no issues. It could probably be written more efficiently but I haven't had the chance to revisit it yet.

when LB_SELECTED {
  if { ([matchregion ldns private-ranges]) && ([LB::server addr] starts_with "100.100.100.") }  {
    host 172.100.100.5
  } elseif { ([matchregion ldns private-ranges]) && ([LB::server addr] starts_with "200.200.200.") } {
    host 10.200.200.36
  }
}