RESOLVER::name_lookup¶
Description¶
RESOLVER::name_lookup attempts to send a DNS request using a specified
net resolver, a domain name, and any of A, AAAA, TXT, MX, PTR, SRV, and NAPTR query types. A DNS request is
sent, and response will returned in the form of an opaque dns_message
structure. This structure can be used by RESOLVER::summarize and the
DNSMSG iRule commands to extract the specific data in a user
friendly format.
Note 1: The PTR record requires reverse format notation in the query (octet4.octet3.octet2.octet1.in-addr.arpa) prior to 15.1.3, 16.0.1.1, and 16.1.0. See Bug ID 896861.
Note 2: When replacing the deprecated irule function RESOLV::lookup, you should use the combination of RESOLVER::name_lookup and RESOLVER::summarize to return the requested values.
Examples¶
# Make sure your resolver exists in tmsh
net dns-resolver r1 {
forward-zones {
. {
nameservers {
8.8.8.8:domain { }
9.9.9.9:domain { }
}
}
}
route-domain 0
}
# Resolving an A record
when CLIENT_ACCEPTED {
set result [RESOLVER::name_lookup "/Common/r1" www.abc.com a]
# use RESOLVER::summarize to extract the A records requested from the opaque dns_message
set rrs [RESOLVER::summarize $result]
}
# Resolving a PTR record. This requires some extra help
# Proc to resolve in appropriate format
proc resolv_ptr_v4 { addr_v4 } {
# Convert $addr_v4 into its constituent bytes
set ret [scan $addr_v4 {%d.%d.%d.%d} a b c d]
if { $ret != 4 } {
return
}
# Perform a PTR lookup on the IP address $addr_v4, and return the first answer
set ret [RESOLVER::name_lookup "/Common/r1" "$d.$c.$b.$a.in-addr.arpa" PTR]
set ret [lindex [DNSMSG::section $ret answer] 0]
if { $ret eq "" } {
# log local0.warn "DNS PTR lookup for $addr_v4 failed."
return
}
# Last element in '1.1.1.10.in-addr.arpa. 600 IN PTR otters.example.com'
return [lindex $ret end]
}
# Call the proc to resolve the query
when CLIENT_ACCEPTED {
set result [call resolv_ptr_v4 [IP::client_addr]]
}