resolv
2 TopicsHelp with irule using eval and RESOLV
Help with irule using eval and RESOLV I've an iapp and im trying to cache dns server response. The irule works on standalone F5 running 11.5.3 but fails on HA pair (no mirror, active/standby). Section of the irule which is not working: when RULE_INIT { set static::ext1 { RESOLV::lookup @$::dns__ip1 -a $::main__dns__name } after 10000 -periodic { set srv_ips \[ eval \$static::ext1 \] set dest \[ lindex \$srv_ips 0 \] } } This is not complete irule but a section of it. Pls note that irule does works with standalone box and only with HA pair running same sw code it doesnt work. on HA pair either the RESOLV or eval doesnt work and returns blank response. Following are the things tried a. Reboot of F5 (guest and host) b. tried inputing %0 indicating default route domain in the iapp where it takes DNS as input. c. Unable to use RESOLV without since event is RULE_INIT. However, the same irule works on host which is standalone. d. did pcap and could not find any DNS queries made out. e. Suspected rule_init is not triggered and made modifications to that section. Later noticed that every time iapp is applied, rule_init is invoked. Any suggestions/advise would be helpful.310Views0likes2CommentsRESOLV::lookup failure handling
We have an iRule that dynamically selects a node via DNS lookup. The host name and DNS server are hard coded within the iRule event. But we occasionally see errors like this in the LTM log: Jun 20 04:16:38 bigip1a err tmm1[20105]: 01220001:3: TCL error: /Common/iRule_Logon_Page - bad IP address format (line 1)TCL error (line 1) (line 1) invoked from within "node [RESOLV::lookup @$DNS "server1.company.com"]` $DNS is statically set at the beginning of the HTTP_REQUEST event, and the host lookup is based solely on whether the request involves our production, QA or dev logon server. The purpose of the RESOLV was purely to avoid hard coding IPs in case the server ever moves. Since both the DNS server IP and the host names are static and known to exist with a single IP each, clearly it's not a normal DNS lookup failure. It happens perhaps 1-5 times a day, out of thousands of daily requests. Could this be due to a timeout waiting for a DNS response during times of heavy load on the network, DNS server, etc.? If so, how can this be detected? There is no viable alternative to a failed lookup, and would represent a major infrastructure outage (it's our employee logon server). So, my guess is that every once in a while, an employee gets some type of connection error while attempting to logon, and probably just retries and gets in. Reading the RESOLV description in the iRules Wiki, it's not clear what a failure should look like. If there is no response, is there a return error code to catch, or just a zero-length list the same as a host not found?489Views0likes1Comment