Last Modified: Apr 11, 2024
Affected Product(s):
BIG-IP DNS, GTM
Known Affected Versions:
16.1.0, 15.1.3.1
Fixed In:
17.0.0, 16.1.1, 15.1.4
Opened: Apr 12, 2021 Severity: 3-Major
The RESOLV::lookup iRule command may target an incorrect virtual server (i.e. something other than the one specified by the BIG-IP Administrator in the iRule).
As an incorrect virtual server receives the DNS query, no response, or an incorrect response, may be returned to the iRule command (which may in turn cause application failures).
-- The RESOLV::lookup iRule command is invoked specifying a virtual server name as argument. -- The virtual server specified as argument to the command shares the same IP/port/route-domain combination with other virtual servers on the system (so that the only difference between the virtual servers is another configuration property, such as 'vlans' or 'source').
Specify a virtual server as argument which doesn't share the same IP/port/route-domain combination with any other virtual server on the system.
The RESOLV::lookup iRule command now connects to the correct virtual server specified by name.