DNS Forwarding iRule on F5 GTM Listener

Question

Hello,I currently have a GTM that answers for all the DNS queries. But what I want to do, is to be able to for particular zones, to be able to forward to external DNS server. Given that add those zones to Data group and match for those zones in the iRule, what would my iRule look like? I am specifically interested about the forwarding partwhen DNS_REQUEST {
    set forwarded 0
    if {[class match [DNS::question name] ends_with forwarded_zones]}{
...............How can I explicitly set forwarding to specific forwarding IP or list of IPs in the forwarders list?I am using 11.5.8 Version BIG IP software.Thanks in advance

eey0re · Answer

To do this with an iRule, use the "pool" command to select the pool of nameservers you want to forward the query to. The query will bypass on-box BIND, and be proxied instead. This will need to be an LTM iRule attached to the Virtual Server, not a GTM iRule attached to a Wide IP.

Another way to do this, without an iRule, is to define the zones in ZoneRunner as "forward" type zones, and let BIND do the forwarding for you.

Forum Discussion

DNS Forwarding iRule on F5 GTM Listener

1 Reply

Recent Discussions

import live updates from version x to version y

Tenant image upgrade

iRule editor partition button does not work

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

UDP DNS listener doesn't resolve DNS query but TCP DNS listener can

BIG-IP DNS Forwarder Support via iRule

Disable vip that is listening on different ports

iRule for AFM IP Intelligence security policy to work with HTTP XFF (X-Forwarded-For) headers

Configuring listener IP for TCP