Forum Discussion

Arnor_Arnason's avatar
Arnor_Arnason
Icon for Altostratus rankAltostratus
May 23, 2011

How to answer a DNS SRV request in a irule on GTM

Hi,

I know how I could answer an A request directly with an host ip in an irule:

when DNS_REQUEST {
  if { [IP::addr [IP::client_addr]/24 equals "10.10.10.0] } {
    use pool GTM_pool1
  } elseif { ([DNS::rrtype] eq "A") and ([DNS::rrname] eq "www.domain.com") }
      host 10.20.10.15
  }

But what if I want to answer to a SRV request - what do I use instead of the 'host' keyword in the above ?

when DNS_REQUEST {
  if { [IP::addr [IP::client_addr]/24 equals "10.10.10.0] } {
    use pool GTM_pool1
  } elseif { ([DNS::rrtype] eq "SRV") and ([DNS::rrname] eq "_sip._tcp.domain.com") }
      ?????? "1 0 5061 srv.domain.com"
  }

I have searched through the wikis and references here - but I haven't found what to use ?

I'm pretty sure that this is something very simple, but everything I have tried in the irule editor has created an error when checking the syntax ?

Regards,

Arnor

application delivery
dev
devops
iRules
  • aref_zine_6013's avatar
    aref_zine_6013
    Icon for Nimbostratus rankNimbostratus
    Jan 19, 2016

    Hello Arnor,

     

    Were you able to find a solution? If yes please share.

     

    Regards, Aref

     

  • Kai_Wilke's avatar
    Kai_Wilke
    Icon for MVP rankMVP
    Jan 19, 2016

    Hi Aref,

    you may try the syntax below to intercept and respond to a specific SRV DNS query. It will also set authority information and additional records for the resolved SRV records to speed up DNS resolution (if supported by the DNS client).

    when DNS_REQUEST { 

    log local0. "\[DNS::question name\]: [DNS::question name], \[DNS::question class\]: [DNS::question class], \[DNS::question type\]: [DNS::question type]"

    set ttl 300
    if { [string tolower [DNS::question name]] starts_with "_ldap._tcp.dc._msdcs.domain.de" } then { 

        if { [DNS::question type] equals "SRV" } then {

             SOA information
            DNS::authority insert "domain.de. $ttl IN SOA server1.domain.de hostmaster.domain.de 1337 900 600 86400 3600"

             SRV response
            DNS::answer insert "[DNS::question name]. $ttl IN [DNS::question type] 1 0 389 server1.domain.de"
            DNS::answer insert "[DNS::question name]. $ttl IN [DNS::question type] 1 0 389 server2.domain.de"

             Additional records
            DNS::additional insert  "server1.domain.de. $ttl IN A 192.168.1.1"
            DNS::additional insert  "server2.domain.de. $ttl IN A 192.168.1.2"
            DNS::return

        }
    }
}

    Note: The syntax can be used for v11.1+ LTM deployments.

    Cheers, Kai

  • Arnor_Arnason's avatar
    Arnor_Arnason
    Icon for Altostratus rankAltostratus
    Jan 19, 2016

    Ahh brilliant Kai, thanks :-)

     

    I hadn't checked this again recently, and obviously not after version 11.1. At least I did not find this DNS::answer command back then.

     

    Arnór

     

  • StephanManthey's avatar
    StephanManthey
    Icon for MVP rankMVP
    May 12, 2016

    Nice one +1 for Kai.

    In case you like to return a SOA record with an up-to-date serial number (reflecting current day, i.e. "2016051201" for 01 of 05/12/2016 [mm/dd/yyyy]) you can use the following:

    DNS::authority insert [DNS::rr "gtm.lb-net.bit." SOA IN 60 "gtm1.lb-net.bit hostmaster.lb-net.bit [clock format [clock seconds] -format {%Y%m%d01}] 10800 3600 604800 60"]