For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Implementing Client Subnet DNS Requests

Problem this snippet solves: Update 2018-10-23: As of BIG-IP DNS 14.0 there is now a checkbox feature for edns-client-subnet. Please see: Using Client Subnet in DNS Requests. The following is stil...

Published Jun 16, 2015

Version 1.0

Employee

Joined May 16, 2013

View Profile

Eric_Chen

Employee

Joined May 16, 2013

View Profile

StephanManthey

Nacreous

Dec 18, 2019

In service request C3152801 the F5 support confirmed a bug (ID832769: [DNS::edns0 subnet address] printing random octets when edns client subnet mask is /24 or lower) for TMOS v12 which is fixed in TMOS v14.

In case you are using DNS::return in your TMOS v12 iRule, the EDNS0-ECS information will be inserted automatically. So there is no need to insert this information in the context of DNS_RESPONSE.

But in case the request is handled by gtmd or bind you will need to insert the EDNS0-ECS information the DNS_RESPONSE context.

TMOS v14 has changes in behaviour and fixes. In case you are upgrading, review your iRules, please.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

Implementing Client Subnet DNS Requests

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS