For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

rravens_165977's avatar
rravens_165977
Icon for Nimbostratus rankNimbostratus
Jun 04, 2015

need an irule to forward DNS requests based on FQDN

We have the need to forward DNS that comes from a particular subnet (i.e. source = 10.10.10.0/24) to our internal DNS for all queries EXCEPT a list of 20 domain names that need to hit the external to...
application delivery
BIG-IP DNS
design
devops
iRules
LTM
cdougall_14195's avatar
cdougall_14195
Icon for Cirrus rankCirrus
Jun 04, 2015

https://devcentral.f5.com/wiki/iRules.DNS__rrname.ashx

Something like this might work if you've got a GTM. 

when DNS_REQUEST {
  if { ([IP::addr [IP::client_addr] equals 10.10.10.0/24]) } {
    switch -glob [string tolower [DNS::rrname]] {
        "www.domain1.com" -
        "www.domain2.com" -
        "www.domain3.com" -
        "www.domain4.com" -
        "www.domain5.com" {
            pool external_dns_pool
        }
        default {
            pool internal_dns_pool
        }
    }
  }
}

If you're wanting to do something like this on an LTM, you're going to have some troubles. Is there a reason to not have the internal DNS do a recursive lookup for those requests?

Brandon_12607's avatar
Brandon_12607
Icon for Nimbostratus rankNimbostratus
Apr 07, 2016
i was trying to add this IRULE on the GTM in DNS -> Delivery -> iRules -> iRule List -> create… gives me an error with the DNS::rrname. I have tried to use DNS::name but gives me an error also. Any thoughts?