GTM query bind, if not found query DNS pool
I have an iRule configured by an F5 PSE. It works fine as designed, but now I have a need to query zonerunner on the GTM after the WIP check and if not found there, then continue looking to the DNS pool.
I'll post the iRule below. In short, this was done b/c I needed a way for my internal clients to get a GTM answer for WIP's, but still have the ability to query my internal DNS servers. Windows can not delegate records, ie: www to the GTM, so in asking GTM for all queries, it checks its WIP, then disables bind and forwards to my AD servers via the internal DNS pool list. This came about b/c I need a cname for my main domain that points to an external domain, ie: record.domain.com which I own points to
Windows won't do that, but GTM can and does currently, I just need a way to gte to that record.
DNS Selective Recursion iRule
CPU impact: Low
Requirement: GTM Module, DNS Profile
Orginal Creator: Blake Deakins, Consultant II, F5 Professional Services
Author Date: 3/20/2014
This iRule is intended to selectively perform recursion of queries
received by the internal GTM listener
If the query received contains congressionalfcu.org, the iRule
disables the validating resolver cache and load-balances
the query to the AD DNS server pool.
Otherwise, the query is recursively resolved.
when RULE_INIT {
set debug to 1 to see debug messages
set static::Selective_Recursion_debug 1
}
when DNS_REQUEST {
Ensure the DNS query is not for root
if {!([DNS::question name] == ".")} {
set question_name [DNS::question name]
set fqdn_name .[DNS::question name]
if { $static::Selective_Recursion_debug } {
log local2.alert "Recursion DNS Question: $question_name"
log local2.alert "Recursion Setting FQDN to: $fqdn_name"
}
} else {
if { $static::Selective_Recursion_debug } {
log local2.alert "Recursion DNS Query was for root ($question_name)"
}
}
If the dns query matches one of the internal zones, disable cache and LB to AD servers
if { [class match $fqdn_name ends_with internal_zone_list] } {
DNS::disable cache
DNS::disable bind
pool DNS_Internal_Pool
if { $static::Selective_Recursion_debug } {
log local2.alert "Recursion Query is for internal zone. Disabling Cache and assigning pool."
}
}
}