Destination Snat Using DNS

Problem this snippet solves:

This iRule, selects a snatpool based on which virtual called the iRule, and will select the member servers to use based on DNS resolution.

Code :

when RULE_INIT {

   # The hostname to resolve to an IP address
   set ::myhostname ""

   # The number of requests to use the cached DNS answer for
   set ::max 100

   # Force a DNS lookup on the first request to get a current answer
   set ::count 100


   # Increment the count of requests
   incr ::count

   # Only look up the address every 100 resolutions
   # Modify this as needed by changing $::max in RULE_INIT
   if { $::count >= $::max } {
      set ::count 0
      NAME::lookup $::myhostname

   # Set the selected node to the current resolved IP address and the port the client requested.
   # The port could be hard coded to any value.
   node $::server_ip [TCP::local_port]

   # You might consider a switch statement or hash lookup
   # for more flexibility or performance
   if { [IP::addr [IP::local_addr] equals] } {
      snatpool partner_snat_a
   } else {
      snatpool partner_snat_b


   log local0. "NAME_RESOLVED: [NAME::response]"
   # can we just use [NAME::response 0], is the response a list?
   set ::server_ip [lindex [split [NAME::response] " "] 0]
Published Mar 17, 2015
Version 1.0

Was this article helpful?

No CommentsBe the first to comment