Forum Discussion
Ferzat_263580
Nimbostratus
NimbostratusRedirect hosts using iRules
Hi all,
How can I achieve the below using iRules.
if clients from [network1, network2...] querying [sub.domain.com] --answer--> 1.2.3.4;
12 Replies
Yann_Desmarest_Nacreous
Hello,
You can use a similar irule :
when HTTP_REQUEST { if { [HTTP::host] equals "sub.domain.com" } { HTTP::respond 302 Location "1.2.3.4" noserver } }
Ferzat_263580Thanks for your quick response Yann. I'm using F5 BIG-IP GTM as a caching DNS, and my question was regarding DNS queries redirect.
Yann_DesmarestCirrus
Hello,
You can use a similar irule :
when HTTP_REQUEST { if { [HTTP::host] equals "sub.domain.com" } { HTTP::respond 302 Location "1.2.3.4" noserver } }- Ferzat_263580Thanks for your quick response Yann. I'm using F5 BIG-IP GTM as a caching DNS, and my question was regarding DNS queries redirect.
- Yann_Desmarest
Ok, let's try this one 🙂
when DNS_REQUEST { set ttl 1800 set A "[DNS::question name]. $ttl [DNS::question class] [DNS::question type]" if { [string tolower [DNS::question name]] ends_with "sub.domain.com" } { DNS::answer insert "$A 1.2.3.4" } DNS::return }- Ferzat_263580Thank you Yann. How can I filter on a specific network for the above. e.g. if clients = match-clients { 10.1.1.0/13; 10.2.1.0/13; ...etc } querying for "sub.domain.com" do when DNS_REQUEST { set ttl 1800 set A "[DNS::question name]. $ttl [DNS::question class] [DNS::question type]" if { [string tolower [DNS::question name]] ends_with "sub.domain.com" } { DNS::answer insert "$A 1.2.3.4" } DNS::return }
- Yann_DesmarestYou have to use "class match" command to compare [IP::client_addr] with a datagroup that contains the filtered IP subnet. You can find several peace of code in devcentral
- Ferzat_263580Thanks Yann, is the below correct when DNS_REQUEST { if { [string tolower [DNS::question name]] ends_with "sub.domain.com" } { if { ( [IP::addr [IP::client_addr] equals 10.1.0.0/13] ) or ( [IP::addr [IP::client_addr] equals 10.2.0.0/13] ) } { set ttl 10800 set A "[DNS::question name]. $ttl [DNS::question class] [DNS::question type]" DNS::answer insert "$A 10.10.10.2" } } else { return } DNS::return }
- Yann_Desmarest_
Ok, let's try this one 🙂
when DNS_REQUEST { set ttl 1800 set A "[DNS::question name]. $ttl [DNS::question class] [DNS::question type]" if { [string tolower [DNS::question name]] ends_with "sub.domain.com" } { DNS::answer insert "$A 1.2.3.4" } DNS::return }- Ferzat_263580Thank you Yann. How can I filter on a specific network for the above. e.g. if clients = match-clients { 10.1.1.0/13; 10.2.1.0/13; ...etc } querying for "sub.domain.com" do when DNS_REQUEST { set ttl 1800 set A "[DNS::question name]. $ttl [DNS::question class] [DNS::question type]" if { [string tolower [DNS::question name]] ends_with "sub.domain.com" } { DNS::answer insert "$A 1.2.3.4" } DNS::return }
- Yann_Desmarest_You have to use "class match" command to compare [IP::client_addr] with a datagroup that contains the filtered IP subnet. You can find several peace of code in devcentral
- Ferzat_263580Thanks Yann, is the below correct when DNS_REQUEST { if { [string tolower [DNS::question name]] ends_with "sub.domain.com" } { if { ( [IP::addr [IP::client_addr] equals 10.1.0.0/13] ) or ( [IP::addr [IP::client_addr] equals 10.2.0.0/13] ) } { set ttl 10800 set A "[DNS::question name]. $ttl [DNS::question class] [DNS::question type]" DNS::answer insert "$A 10.10.10.2" } } else { return } DNS::return }
