Forum Discussion
NimbostratusRESOLV::lookup not able to pick resolved IP from DNS query answer
I recently used an irule on LTM to do DNS query for traffic forwarding. I used RESOLV::lookup in the irule to go against my DNS server and use resolved IP as pool member IP to establish the connection. it worked in most of the LTM, how a pair of the VCMP guests were not able to get the IP resolved from the URL by irule. I did a tcmpdump on the LTM and I can see the irule was triggered and DNS query was send and received answer from the DNS server with IP resolved. however, the LTM constantly end up with no IP available. any one can help to think why?
my VCMP guests are on BIG-IP 11.5.3 Build 1.0.167 Hotfix HF1
I cannot paste the irule here for some reason
please see my irule in my comment
Marcus_Hong_Yu---following is my irule, It seems [RESOLV::lookup @$dns -a ";] is returning empty, my log has records " IP = "-------
when CLIENT_ACCEPTED { set dns 10.1.1.1 log local0. "SN dns => $dns" set dest [lindex [RESOLV::lookup @$dns -a ";] 0] log local0. " IP = [RESOLV::lookup @$dns -a ";]"
if {$dest eq ""}{ log local0. "No valid IP resolved" reject } else { node $dest 443 log local0. "SN Return IP=> $dest" } }
cjuniorNacreous
Hello Marcus, I remember you from another similar case, right? I don't know if is the case, so, if you permit me a question, is the selfips on vCMP guests, running in a default Route Domain "0" or did you created another RD?
Respectfully,Try without the semicolon. From:
set dest [lindex [RESOLV::lookup @$dns -a "www.cbc.com";] 0]To:
set dest [lindex [RESOLV::lookup @$dns -a "www.cbc.com"] 0]- Marcus_Hong_Yu
hi Cjunior,
that's correct. the DNS query irule worked on most of the LTMs in my environment, however this specific pair got issue. This pair only have RD 0. hence I didn't append domain ID in the irule. also, I did a tcpdump when the irule was triggered, I can see the LTM was using it's local selfIP to reach the DNS server and received the correct answer with IP address resolved. however, the resolve::lookup keeps returning as empty. really confused me.
- cjunior
Marcus, I can't see why, in this vCMP case where you can peek on tcpdump, the iRule was empty for that responses.
Maybe by separating things, you could see where is the issue. In you log line, I see you are double checking dns. Did you try it in separated lines before?when CLIENT_ACCEPTED { set dns 10.1.1.1 set host "www.cbc.com" set result [RESOLV::lookup @$dns -a $host] log local0. "DNS => $dns | Query A: $host | Result: $result" if { $result ne "" } { log local0. "Selected Node -> [lindex $result 0]:443" node [lindex $result 0] 443 } else { log local0. "No valid IP resolved" reject } unset dns host result }Regards.
