Forum Discussion
Adrian_1807
Nimbostratus
NimbostratusIrule: how to resolve DNS queries
Hi,
I have some doubts in the creation of an irule in a LTM.
I have a HTTP petition incoming in a LTM. I have to extract the url of the header, for example www.google.com, resolve the url with an external DNS and once i have the resolution of the query(209.85.227.106), route the petition to nated to the final server.
Any idea how to convert the url into ip via irule?? is there any way to ask for a DNS resolution with irules????
Thank you very much in advance.
Best regards.
7 Replies
hoolioCirrostratus
Hi Adrian,
I did some basic testing of a basic (limited HTTP only) web proxy iRule. I wouldn't consider it fully functional, but you could use it as a start. It would probably be better to implement a true web proxy and have LTM load balance or route to that though.
LTM like Web Proxy (Squid)
http://devcentral.f5.com/Default.aspx?tabid=53&forumid=31&tpage=1&view=topic&postid=8551885545
Aaron
Adrian_1807Hi Aaron,
Thank you very much for your sample, I will begin with that....
I think you are right, it should be better with a true web proxy, but it is a customer requirement, so.....
Than you!!!- hoolioHi Adrian,
If you end up improving the example, could you reply here with it or add it to the iRule Codeshare?
Thanks,
Aaron - Adrian_1807Hi Aaron.
Ok if i improve the irule i will provide it to you.
Anyway, I will talk with our customer to see if it is really the best implementation. Perhaps this kind of complex irules affects the traffic and it is a better idea to use an external proxy.
Thanks. - hoolioI wouldn't try to use that iRule as it is in a production environment as a replacement for a full web proxy. It was more of an exercise than a fully functional rule.
Aaron - Adrian_1807Ok, thank you very much.
One more question. Do you think it is really a good idea to implement that proxy in a BIGIP LTM 3600??
I mean, the final iRule should be quite complex, and perhaps it will end in a high usage of CPU and a bad performance of the LTM.
Till now, all the iRules implemented are quite simple, and they do not affect very much the traffic, but this seems to be a complex one and I have no experience with these kind.
I have to say that the solution is for a mobile internet provider, so the number of petitions should be quite high. Actually, the virtual where will apply the iRule has 10 K concurrent connections.
Finally, one more thing. When loading a web page, there are a lot of objects downloaded with diferent GETs. I think each GET is a different petition and a new DNS resolution, do you know if it is ok??
Thank you very much!! - hoolioHi Adrian,
I think it would be a very bad idea to use that rule in a production environment. The iRule doesn't even start to implement all of the requirements from the HTTP 1.1 or 1.0 RFCs. It would be much more reliable and efficient to use a true web proxy or collection of proxies which LTM load balances compared with this rule.
Aaron
