drop
2 TopicsiRule to discard specific DNS REQUEST
Hi We use F5 DNS and we saw there is many DNS request to us. for example. we have many spam dns request for www.seo.com which is not exist in our domain name. (it's non-existing domain spam) Can we have irule to discard only this request for www.seo.com in our listener? Is this irule work? when DNS_REQUEST { if {([string tolower [DNS::question name]] equals "www.seo.com")} { drop (or DNS::drop) } else { } }1.4KViews0likes1CommentDrop reason counters.rx_portd_rdisc
Hello everyone, i'm asking for your help in order to undestand some values i'm seeing when looking for the drop reason in my big ip devices I have 2 big ip i5600 devices in an Active/Standby configuration and both of them are reporting packet drops Both devices have a unique trunk of 2 interfaces (1.1 and 1.2)which process all the application traffic (the HA configuration use this trunk too). When runnig tmsh "show /net interface" i can see 1.7M in the "Drops in" field. When running "tmctl drop_reason" according to https://my.f5.com/manage/s/article/K31938413 i can see the field "counters.rx_portd_rdisc" with a value of "1058490" which i thinks its arround 1M. Both devices reports similiar values for "counters.rx_portd_rdisc" but ONLY in the interface 1.2 I cant find any information related to the "counters.rx_portd_rdisc" field of the drop reason. Someone have an idea of what "counters.rx_portd_rdisc" means? Thanks in advance for your answers!Solved152Views0likes3Comments