GTM Monitors internal LTM, but I need Public IP as Answer

Problem this snippet solves:

A WideIP is linked to an LTM Virtual Server that uses Internal IP Addresses. the DNS should reply with External IP addresses. although its possible via gui, its quiet tricky to get the monitors and the translation right. for your convenience , here is an Irule that does just that.

How to use this snippet:

cut and past this code into a new Irule under DNS->Delivery->Irules->Irule List and then add it to the DNS Listener.this Irule fixes 2 A records.

a.a.a.a = internal ip address#1

aaa.aaa.com. = the A record#1

b.b.b.b = external ip address#1

c.c.c.c = internal ip address#2

ccc.ccc.com. = the A record#2

d.d.d.d = external ip address#2

Code :

when DNS_RESPONSE {
     set rrs [DNS::answer]
     foreach rr $rrs {
     if { ([DNS::rdata $rr] eq "a.a.a.a")} {
    DNS::answer clear
    DNS::answer insert [DNS::rr "aaa.aaa.com. IN A b.b.b.b"]

}
     elseif { ([DNS::rdata $rr] eq "c.c.c.c")} {
    DNS::answer clear
    DNS::answer insert [DNS::rr "ccc.ccc.com. IN A d.d.d.d"]
}
 
}
}
Published Feb 16, 2017
Version 1.0
application delivery
BIG-IP DNS
cloud
iRules
  • Stanislas_Piro2's avatar
    Stanislas_Piro2
    Icon for Cumulonimbus rankCumulonimbus
    Nov 02, 2018

    If you want to rewrite the answer data, you can replace rdata without deleting it, and create a array with NAT values.

    when RULE_INIT {
    array set static::DNS_NAT {
        a.a.a.a b.b.b.b
        c.c.c.c d.d.d.d
    }
}

when DNS_RESPONSE {
     set rrs [DNS::answer]
     foreach rr $rrs {
         if { [DNS::type $rr] == "A" && [DNS::class $rr] == "IN"} {
             if { [info exists static::DNS_NAT([DNS::rdata $rr])]} {
                DNS::rdata $rr $static::DNS_NAT([DNS::rdata $rr])
             } 
        }
    }
}