For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Disable DNS Express to allow recursion of a delegated sub-domain

Problem this snippet solves: If you are using GTM to act both a authoritative slave with DNS Express and as a recursive cache, recursion will not work if a request is made for a delegated sub-domain...

Published May 25, 2016

Version 1.0

Cirrus

Joined February 19, 2020

View Profile

Brad_Parker

Cirrus

Joined February 19, 2020

View Profile

Patricia_Gonzal

Nimbostratus

Sep 21, 2016

Ok, we got the irule working with these modifications.

when DNS_REQUEST {

  set rrr [DNS::query dnsx [DNS::question name] [DNS::question type]]

  set rname [lindex $rrr 0]
  set rtype [DNS::type [lindex $rrr 1]]

  log local0.debug "client=[IP::client_addr] name=$rname type=$rtype"

  if { $rname equals "" && $rtype equals "NS"} {

    log local0.debug "ns record detected"
    DNS::disable dnsx

  } elseif { [IP::addr [IP::client_addr] equals 192.168.0.0/24] } {

      pool /Common/ServerResolver
      log local0.debug "ServerResolver"
      return

  } else {

      pool /Common/UserResolver
      log local0.debug "UserResolver"
      return

  }


}

Disable DNS Express to allow recursion of a delegated sub-domain

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS