Forum Discussion
rravens_165977
Nimbostratus
Nimbostratusneed an irule to forward DNS requests based on FQDN
We have the need to forward DNS that comes from a particular subnet (i.e. source = 10.10.10.0/24) to our internal DNS for all queries EXCEPT a list of 20 domain names that need to hit the external to...
cdougall_14195
Cirrus
Cirrushttps://devcentral.f5.com/wiki/iRules.DNS__rrname.ashx
Something like this might work if you've got a GTM.
when DNS_REQUEST {
if { ([IP::addr [IP::client_addr] equals 10.10.10.0/24]) } {
switch -glob [string tolower [DNS::rrname]] {
"www.domain1.com" -
"www.domain2.com" -
"www.domain3.com" -
"www.domain4.com" -
"www.domain5.com" {
pool external_dns_pool
}
default {
pool internal_dns_pool
}
}
}
}
If you're wanting to do something like this on an LTM, you're going to have some troubles. Is there a reason to not have the internal DNS do a recursive lookup for those requests?
rravens_165977cdougall, Thank you!- rravens_165977Sorry, I just saw your question on the recursive lookups. This is a unique setup in that we have a remote access VPN that terminates in a DMZ. We are using full tunnel exclude ( public sites at our company such as Lync) are not going over the tunnel and require the public IP address. If we use our internal DNS, that replies with the private IP address for the servers that Lync uses when on the LAN. We need clients to use internal for all except a few sites that we want to exclude from the VPN tunnel and hit on public IP addresses. thanks
Brandon_12607i was trying to add this IRULE on the GTM in DNS -> Delivery -> iRules -> iRule List -> create… gives me an error with the DNS::rrname. I have tried to use DNS::name but gives me an error also. Any thoughts?- Brandon_12607when DNS_REQUEST { switch -glob [string tolower [DNS::rrname]] { "www.domain1.com" - "www.domain2.com" - "www.domain3.com" - "www.domain4.com" - "www.domain5.com" { pool external_dns_pool snat none } } }
