Forum Discussion

Nimbostratus

Jul 25, 2011

Return DNS replies to specific clients

I'm trying to return DNS replies to only a couple of different subnets. If the request comes in from anything else, I'd like to ignore it, or return a bogus response. Trying to get this to work, but...

Nimbostratus

Jul 26, 2011

After getting some inspiration from this thread ... http://devcentral.f5.com/Community/GroupDetails/tabid/1082223/asg/50/aft/1177010/showtab/groupforums/Default.aspx

Why not make a region with your IPs you want to allow resolution from, call it GOODIPS, and then try this:

when DNS_REQUEST {

if { [matchregion ldns GOODIPS]}{

pool Good_Pool

}

else{

pool Bad_Pool

}

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Return DNS replies to specific clients

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

no reply from big3d: timed out

irule to Redirect client from specific Public IP to a specific node

find specific SNMP OID

Enhance your Application Security using Client-side signals

check the utilization on specific node

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS