Forum Discussion
NimbostratusModifying GTM DNS response based on source IP - use translation field in virtual server definition
EmployeeAs Hamish relates in this post:
https://devcentral.f5.com/questions/gtm-private-ip-versus-public-ip-in-gtm-dns-answers
"The translation address is NOT actually for the GTM to resolve addresses to. It's actually the IP address the GTM will 'see' the remote VS as when/if it's NAT'ed between the GTM and the LTM."
To that end, since translation address isn't really an option, you have a few alternatives. The first of course is Hamish's iRule/data group solution. A second alternative is perhaps the following:
-
Under the respective LTM server object, create your virtual server instances manually and create TWO for each WIP. For the example iRule below, I've created virtual servers with the "_ext" and "_int" extension. Example:
test_vs_int test-vs_ext -
Add both virtual server instances to the pool.
-
Create an address-based data group that defines your internal address space.
-
Apply an iRule like the following:
when DNS_REQUEST { set server [lindex [lindex [members -list [LB::server pool]] 0] 1] set vs [string map {"_ext" "" "_int" ""} [lindex [lindex [members -list [LB::server pool]] 0] 2]] if { [class match [IP::client_addr] equals private_net_test] } { pool test_pool member "$server ${vs}_int" } else { pool test_pool member "$server ${vs}_ext" } }
The output of [members -list [LB::server pool]] will be a list of lists. Example:
{/Common/test_pool /Common/ltm1 test_vs_ext} {/Common/test_pool /Common/ltm1 test_vs_int}
I need the LTM server object name (ie. "/Common/ltm1"), and a virtual server name without the "_ext" or "_int" extension (ie. "test_vs"). Then, if the client is coming from the defined internal network, I'll attach the "$server ${vs}_int" pool member, otherwise the "$server ${vs}_ext" pool member.
Admittedly this option doesn't account for availability, but it is perhaps a place to start.
