The PCs in our org point to the GTM for DNS. The Citrix NetScaler needs see the Client source IP.
=======================================================================================================================================================================================
When the client reaches the GTM currently has 2 options if client uses a Wide IP, or load balances to DNS servers.
we will be adding a 2nd Pool 3rd option VIA a IRULE Citrix NetScaler pool.
========================================================================================================================================================================================
GTM
Wide IPs
============================================================================================
Pool 1 Default Pool
DNS Severs
========================================================================================
Pool 2
(The only way use this pool use a IRULE )
Will be new NetScaler DNS IP
============================================================================================
This is the IRULE we were looking at
when DNS_REQUEST {
if { ([IP::addr [IP::client_addr] equals 10.10.10.0/24]) } {
switch -glob [string tolower [DNS::rrname]] {
"www.domain1.com" -
"www.domain2.com" -
"www.domain3.com" -
"www.domain4.com" -
"www.domain5.com" {
pool external_dns_pool
snat none
}
default {
pool internal_dns_pool
}
}
}
====================================================================================================================================================================================================================================================================================
So all of this to send to NetScaler with the Client IP as the source. My question is when the NetScaler sends the traffic back to the GTM via a policy route, When the GTM receives the packet remember we turned Snat off via the irule for this pool, so will the session be open still for the GTM to send a reply back to the Client with DNS response? Or will it do something else to send the reply back to Client?