ltm rule command DNS edns0
iRule(1) BIG-IP TMSH Manual iRule(1)
DNS::edns0
Gets (v11.0+) and sets (v11.1+) the values of the edns0 pseudo-RR.
SYNOPSIS
DNS::edns0 'remove' ('nsid' | 'subnet')?
DNS::edns0 'exists' ('nsid' | 'subnet')?
DNS::edns0 'do' (BOOLEAN)?
DNS::edns0 'sz' (UNSIGNED_SHORT)?
DNS::edns0 'nsid' (BYTE_ARRAY)?
DNS::edns0 'subnet' (('address' (IP_ADDR)? ) |
('source' (DNS_EDNS0_SOURCE)? ) |
('scope' (DNS_EDNS0_SCOPE)? )
)
DESCRIPTION
This iRules command gets (v11.0+) and sets (v11.1+) the values of the
edns0 pseudo-RR.
Note: This command requires the DNS Profile, which is only enabled as
part of GTM or the DNS Services add-on.
Syntax
DNS::edns0 remove []
* Removes the entire EDNS0 psuedo-RR or just the nsid or subnet section, if specified.
DNS::edns0 exists []
* Returns boolean for the presense of the EDNS0 psuedo-RR in the
current DNS packet. Specifying nsid or subnet returns a
boolean for the presense of the NSID or subnet option
respectively in the EDNS0 rdata.
DNS::edns0 [value]
* Returns or sets the values of the edns0 pseudo-RR.
+ do (DNSSEC)
o returns boolean of false if no edns0 RR, boolean for
presence of DO flag, or integer for the UDP size
+ sz (UDP Max Payload Size)
o returns boolean of false if no edns0 RR, boolean for
presence of DO flag, or integer for the UDP size
+ nsid (Nameserver ID, RFC 5001)
o returns a byte array: empty if an NSID query, non-empty
containing NSID bytes
TCL_ERROR is returned if the command is called when there is
no edns0 or NSID field.
DNS::edns0 subnet [] [value]
* v11.5+
* Returns or sets IP address, source or scope as specified by the
argument
from the client-subnet option. Without an argument, returns an
IP
address, Integer, and Integer, respectively for IP address,
source,
and scope.
RETURN VALUE
VALID DURING
DNS_REQUEST, DNS_RESPONSE, GLOBAL_GTM
EXAMPLES
when DNS_REQUEST {
if { [DNS::edns0 exists] } {
log local0. [DNS::edns0 subnet address]"
}
}
HINTS
SEE ALSO
CHANGE LOG
@BIGIP-11.0.0 --First introduced the command.
BIG-IP 2017-01-31 iRule(1)