09-Aug-2022 09:22
Hey Folks!
So we're using an F5 DNS as a resolver for some of our linux servers and at the same time it is the authoritative DNS for that particular domain
let's say we host example.com on the F5 DNS.
When we create a CNAME record on example.com
test.example.com CNAME test.aws.com
and test.aws.com hosts 3 A records.
What happens is DNS Express wont let us use the recursion since its built that way.
What we want is to disable DNSExpress when a CNAME query for example.com specifically.
Is there an irule to do that?
Any help is greatly appreciated!
Thank you!
15-Aug-2022 12:00
@Leilow214 - this has been hanging out for a while - have you figured out a path forward?
If not...let me know if anything has changed since the 9th and I'll see if I can find someone to lend a hand.
15-Aug-2022 12:17
Hey Lief,
Good day!
Thanks for checking out on my question, I havent tested any solutions yet. But here's what Irule I did, Im not sure if this would work.
Name: CNAME_DNSX_iRule
when DNS_REQUEST {
if { ([string toupper [DNS::question type]] eq "CNAME") }
{
DNS::disable dnsx
}
}
Thank you.
15-Aug-2022 19:47
yes, that should work fine, DNS iRules processing is handled up front (as shown in this lightboard lesson). You can further refine by extending your if condition to the targeted domain in the query received if necessary.
I'm pretty sure DNS::question type returns all caps already, but you could test to make sure and then eliminate the extra string command for the comparison.
16-Aug-2022 05:11
Hi JRahm,
Good day!
Thank you for the response, appreciate it. How do I refine it only for the targeted domain? Can you share the commands/syntax please?
Regards,
Leo
16-Aug-2022 13:53
something like this should work for you, I threw in my.domain.com as a test condition.
when DNS_REQUEST {
if { ([string toupper [DNS::question type]] eq "CNAME") && ([string toupper [DNS::question name]] eq "my.domain.com")} {
DNS::disable dnsx
}
}
Again...i'd test to see how DNS::question returns values, and if all caps or all lower case on each sub-command (type, name, etc) then you can safely remove the string toupper to avoid the additional operations.
17-Aug-2022 06:27
Thank you so much for the response guys! I will test this out by next week and let you all know the result.
Regards,
Leo
13-Oct-2022 17:51
@Leilow214 - were you able to sort this out? Was @JRahm 's proposal a viable solution?