cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.
Mustaki_64997
Nimbostratus
Nimbostratus

Problem this snippet solves:

A WideIP is linked to an LTM Virtual Server that uses Internal IP Addresses. the DNS should reply with External IP addresses. although its possible via gui, its quiet tricky to get the monitors and the translation right. for your convenience , here is an Irule that does just that.

How to use this snippet:

cut and past this code into a new Irule under DNS->Delivery->Irules->Irule List and then add it to the DNS Listener.this Irule fixes 2 A records.

a.a.a.a = internal ip address#1

aaa.aaa.com. = the A record#1

b.b.b.b = external ip address#1

c.c.c.c = internal ip address#2

ccc.ccc.com. = the A record#2

d.d.d.d = external ip address#2

Code :

when DNS_RESPONSE {
     set rrs [DNS::answer]
     foreach rr $rrs {
     if { ([DNS::rdata $rr] eq "a.a.a.a")} {
    DNS::answer clear
    DNS::answer insert [DNS::rr "aaa.aaa.com. IN A b.b.b.b"]

}
     elseif { ([DNS::rdata $rr] eq "c.c.c.c")} {
    DNS::answer clear
    DNS::answer insert [DNS::rr "ccc.ccc.com. IN A d.d.d.d"]
}
 
}
}
Comments
ShyamYadav_3117
Nimbostratus
Nimbostratus

It's good:)

 

Shiran_Cohen
Nimbostratus
Nimbostratus

It Works, Thanks A Lot.

 

Neil_66348
Nimbostratus
Nimbostratus

Love it, simple and effective

 

Stanislas_Piro2
Cumulonimbus
Cumulonimbus

If you want to rewrite the answer data, you can replace rdata without deleting it, and create a array with NAT values.

 

when RULE_INIT { array set static::DNS_NAT { a.a.a.a b.b.b.b c.c.c.c d.d.d.d } } when DNS_RESPONSE { set rrs [DNS::answer] foreach rr $rrs { if { [DNS::type $rr] == "A" && [DNS::class $rr] == "IN"} { if { [info exists static::DNS_NAT([DNS::rdata $rr])]} { DNS::rdata $rr $static::DNS_NAT([DNS::rdata $rr]) } } } }
Version history
Last update:
‎16-Feb-2017 07:05
Updated by:
Contributors