ltm rule command DNS origin
iRule(1) BIG-IP TMSH Manual iRule(1)
DNS::origin
Returns the originator of the DNS message.
SYNOPSIS
DNS::origin
DESCRIPTION
Returns the last module to modify the DNS message. Return values:
CLIENT
This message has just been received by the BigIP from a client's query,
and nothing has been processed.
SERVER
This message has just been received by the BigIP from a server's
response to a DNS query, such as On-Box or Off-Box BIND, or another
BigIP entirely.
CACHE
This message is a response from the DNS Cache.
RPZ
This message is a response from the Response Policy Zone in your BigIP.
It was blocked and either NXDOMAIN or a Walled Garden was returned as a
response.
GTM_BUILD
GTM built this response in it's entirety
GTM_REWRITE
GTM did not build the response completely, but modified the response on
its way out
DNSX
This means that the DNS Response received was answered by the BigIP's
DNS Express module.
DNSSEC
This means that you queried for a DNSSEC type and got a DNSSEC-typed
answer. An example command is "dig @1.2.3.4 example.com +dnssec DNSKEY"
LAST_ACTION
This means that "Unhandled Query Action" was the last thing to handle
this packet. So, for example, if you have this set to "Reject", then by
the time it gets to the "Unhandled Query Action", it will respond with
"Status Refused" and this originates from "LAST_ACTION"
TCL
An iRule modified the DNS response.
RATE_LIMITER
Syntax
DNS::origin
* Returns the last module to modify the DNS message. Return values:
+ CLIENT
+ SERVER
+ CACHE
+ GTM_BUILD
+ GTM_REWRITE
+ DNSX
+ DNSSEC
+ LAST_ACTION
+ TCL
+ RPZ
+ RATE_LIMITER
RETURN VALUE
CLIENT SERVER CACHE GTM_BUILD GTM_REWRITE DNSX DNSSEC LAST_ACTION TCL
RPZ RATE_LIMITER
VALID DURING
DNS_REQUEST, DNS_RESPONSE, GLOBAL_GTM
EXAMPLES
# Drop all requests that were not resolved by DNS Express
when DNS_RESPONSE {
if { [DNS::origin] ne "DNSX" } {
DNS::drop
}
}
HINTS
SEE ALSO
CHANGE LOG
@BIGIP-11.1.0 --First introduced the command.
BIG-IP 2017-01-31 iRule(1)