Forum Discussion
William_Benett1
Nimbostratus
NimbostratusLB based on DNS response?
Hi folks,
I'm trying to write an iRule to perform a DNS lookup on the IP address of the client, and based on something contained in the reverse, make a load balancing decision.
Initially I wrote this:
when CLIENT_ACCEPTED {
NAME::lookup IP::client_addr
}
when NAME_RESOLVED {
if { [NAME::response] contains ".abc.com"} then {
pool www-pool2
}
}
But i realize now that, for some reason, I cannot select a pool in the NAME_RESOLVED event.
Is there a way to pull this off? I'm running on version 9.1.2, but I can upgrade if need be.
Thanks,
--Bill
I'm testing this rule with HTTP traffic, but in production I need to use this for SMTP and other non-HTTP protocols.
2 Replies
William_Benett1So adding some more data into this. . .
It looks like the tmm_config.tcl changes I made were causing the resolve call to go into nowhere. I changed it to point to a hard coded DNS server instead of $IP_ADDR_LOCALHOST. Now I can write an iRule that can successfully log the reverse of the client IP address. I'm guessing that I need named running on the BIG-IP so it can query itself. Just a caveat I suppose, I've moved on from that.
I'm now getting a TCL error: Rule DNSbasedLD - Address in use (line 3) invoked from within "pool www-pool2"
I still believe that i'm not allowed to make LB decisions in the NAME_RESOLVED event. The only thing I can think of is writing a method, in this iRule, to load balance using the "node" command. That seems really icky. Any advise would be appreciated.- William_Benett1It took me a while, but I figured it out.
This code seems to work:
when CLIENT_ACCEPTED {
NAME::lookup [IP::client_addr]
}
when NAME_RESOLVED {
if { [NAME::response] contains "abc.com"} then {
LB::detach
pool www-pool2
} else {
LB::detach
pool www-pool1
}
}
The key is detaching the LB pool before assigning a new one.
