reverse DNS lookup on iRule

I am seeing the same behavior. I never see the DNS query leave the F5. I must be missing something. It takes a full 20 seconds, so it looks like it is timing out trying to do the lookup. I also do not see any traffic leaving the F5 on 53 when running tcpdump. When I just do a lookup from the CLI, I see everything fine.

 

 

May 19 14:47:17 local/tmm2 info tmm2[5006]: Rule DNS_PTR_Domain_Lookup : 10.34.18.213:55386: New connection to 10.26.16.5:80

 

May 19 14:47:17 local/tmm2 info tmm2[5006]: Rule DNS_PTR_Domain_Lookup : 10.34.18.213:55386: Collecting HTTP for new lookup

 

May 19 14:47:37 local/tmm2 info tmm2[5006]: Rule DNS_PTR_Domain_Lookup : 10.34.18.213:55386: Lookup result:

 

 

My code is as follows (I stripped it down trying to troubleshoot):

 

 

 

when CLIENT_ACCEPTED {

 

 

Trigger a name lookup for new connections

 

set do_lookup 1

 

log local0. "[IP::client_addr]:[TCP::client_port]: New connection to [IP::local_addr]:[TCP::local_port]"

 

}

 

when HTTP_REQUEST {

 

 

Check if we haven't done a lookup already on this connection

 

if { $do_lookup }{

 

log local0. "[IP::client_addr]:[TCP::client_port]: Collecting HTTP for new lookup"

 

 

Hold HTTP data until client IP address is resolved

 

HTTP::collect

 

 

Start a name resolution on the client IP address

 

NAME::lookup -ptr [IP::client_addr]

 

}

 

}

 

 

when NAME_RESOLVED {

 

 

FQDN of client IP address

 

 

log local0. "[IP::client_addr]:[TCP::client_port]: Lookup result: [NAME::response]"

 

 

set do_lookup 0

 

HTTP::release

 

}