Page 1 of 1
:resolve function and multiple ip addresses
Posted: Tue Jan 03, 2012 11:34 am
by pablo
so :resolve returns on ip address at a time. It seems like multiple calls to resolve will return different ip addresses if more than one is assigned to a serverand then it'll cycle through them... so for example:
[admin@MikroTik] > :put [:resolve talkr.l.google.com]
72.14.203.126
[admin@MikroTik] > :put [:resolve talkr.l.google.com]
209.85.225.126
[admin@MikroTik] > :put [:resolve talkr.l.google.com]
74.125.113.126
[admin@MikroTik] > :put [:resolve talkr.l.google.com]
74.125.93.126
[admin@MikroTik] > :put [:resolve talkr.l.google.com]
209.85.229.126
[admin@MikroTik] > :put [:resolve talkr.l.google.com]
74.125.159.126
[admin@MikroTik] > :put [:resolve talkr.l.google.com]
74.125.65.126
[admin@MikroTik] > :put [:resolve talkr.l.google.com]
74.125.157.126
[admin@MikroTik] > :put [:resolve talkr.l.google.com]
209.85.145.126
[admin@MikroTik] > :put [:resolve talkr.l.google.com]
74.125.127.126
[admin@MikroTik] > :put [:resolve talkr.l.google.com]
74.125.45.126
[admin@MikroTik] > :put [:resolve talkr.l.google.com]
209.85.225.126
[admin@MikroTik] >
When I try this out with: pop.gmail.com or plus.pop.mail.yahoo.com (which only have 2 ip addresses each) :resolve alternates predictably between them. I'm trying to figure out exactly how :resolve works so I can script around this to make sure I've picked up all of the ip addresses associated with a server and not missed any.
I've dug through the forums and documentation but haven't found anything so any help would be appreciated.
Re: :resolve function and multiple ip addresses
Posted: Tue Jan 03, 2012 12:55 pm
by janisk
on request one address is given as first record and the rest (if given at all) are give as secondary options. It is called RR load ballancing, to reduce load on one host, several hosts can resolve same name to different addresses. as result several separate servers/clusters/whatever can respond to manu more requests coming in when there is no difference what is serving your request. :resolve just gives you one option out of many - desired behaviour of service provider. Oser way service provide rwhen setting up DNS names can set up priority what host to give out and what not.
Re: :resolve function and multiple ip addresses
Posted: Tue Jan 03, 2012 11:55 pm
by pablo
Thanks for the quick response. I definitely understand the behaviour but I'm used to working with something like nslookup. Like to figure out if there is a way of doing something similar and getting all of the ip addresses. I'm creating address-lists for firewall rules/mangle so I don't just want one that'll work but I want all of them at that point in time.
Re: :resolve function and multiple ip addresses
Posted: Wed Jan 04, 2012 9:19 am
by janisk
it is more like - i have this domain name, give me an working address.
Re: :resolve function and multiple ip addresses
Posted: Wed Jan 04, 2012 11:54 am
by pablo
Thank you. In case it helps someone else (and if anyone wants to give me some feedback) here is what I ended up doing:
#delete old address lists
:foreach a in=[/ip firewall address-list find list=safe_pop_servers] do={
/ip firewall address-list remove $a;
}
:local popServers {"plus.pop.mail.yahoo.com";"pop.gmail.com"};
:foreach popServer in=$popServers do={
:resolve $popServer;
#get any A records and add them directly
:foreach aRecord in=[/ip dns cache all find where (name=$popServer && type="A")] do={
/ip firewall address-list add list=safe_pop_servers address=[/ip dns cache all get $aRecord data] comment=$popServer;
}
#Check for CNAME
:local cname;
:local nextCname
:set cname [/ip dns cache all find where (name=$popServer && type="CNAME")];
:set nextCname [/ip dns cache all find where (name=[/ip dns cache all get $cname data] && type="CNAME")];
:while ($nextCname != "") do={
:set cname $nextCname;
:set nextCname [/ip dns cache all find where (name=[/ip dns cache all get $cname data] && type="CNAME")];
}
:foreach aRecord in=[/ip dns cache all find where (name=[/ip dns cache all get $cname data] && type="A")] do={
/ip firewall address-list add list=safe_pop_servers address=[/ip dns cache all get $aRecord data] comment=$popServer;
}
}
Re: :resolve function and multiple ip addresses
Posted: Thu Jan 05, 2012 11:27 am
by pablo
And here's a slightly more sophisticated version of the script. First you need to set three globals before calling...
:global Servers {"apple.com";"pop.gmail.com";"pop.plus.mail.yahoo.com";"scs.msg.yahoo.com";"scsa.msg.yahoo.com";"scsc.msg.yahoo.com"}
:global Done true
:global ListName test
then you can go ahead and call it anyway you want. And here's the script. Again.. hope it helps... not fully tested and error handling is of course an issue but feedback is welcome as I hope to learn from this effort:
:global ListName
:global Servers
:global Done
#make sure previous runs have finished
while (!$Done) do={
:nothing;
}
#delete old address lists
:foreach aListItem in=[/ip firewall address-list find list=$ListName] do={
/ip firewall address-list remove $aListItem;
}
:foreach aServer in=$Servers do={
#force the dns entries to be cached
:resolve $aServer;
:foreach dnsRecord in=[/ip dns cache all find where (name=$aServer)] do={
#if it's an A records add it directly
:if ([/ip dns cache all get $dnsRecord type]="A") do={
/ip firewall address-list add list=$ListName address=[/ip dns cache all get $dnsRecord data] comment=$aServer;
}
#if it's a CNAME follow it until we get A records
:if ([/ip dns cache all get $dnsRecord type]="CNAME") do={
:local cname;
:local nextCname
:set cname [/ip dns cache all find where (name=$aServer && type="CNAME")];
:set nextCname [/ip dns cache all find where (name=[/ip dns cache all get $cname data] && type="CNAME")];
:while ($nextCname != "") do={
:set cname $nextCname;
:set nextCname [/ip dns cache all find where (name=[/ip dns cache all get $cname data] && type="CNAME")];
}
#add the a records we found
:foreach aRecord in=[/ip dns cache all find where (name=[/ip dns cache all get $cname data] && type="A")] do={
/ip firewall address-list add list=$ListName address=[/ip dns cache all get $aRecord data] comment=$aServer;
}
}
}
}
#allow other scripts to call this
:set Done true
Re: :resolve function and multiple ip addresses
Posted: Thu Jan 05, 2012 12:14 pm
by janisk
looks good, after some time you could set up wiki page with this script so it is easier to find.
Re: :resolve function and multiple ip addresses
Posted: Fri Jan 06, 2012 1:30 am
by pablo
I don't have perm for private messages... how do I register to post on the wiki?
Re: :resolve function and multiple ip addresses
Posted: Fri Jan 06, 2012 8:42 am
by janisk
write to support for wiki account.
Re: :resolve function and multiple ip addresses
Posted: Sun Jan 08, 2012 10:15 am
by huigezi
find where
why to use the where? what mean?
Re: :resolve function and multiple ip addresses
Posted: Mon Jan 09, 2012 2:56 am
by pablo
Well each one serves a different purpose...
1. "/ip dns cache all find where (name=$aServer)"
Find everything added to the dns cache for the server we are trying to add to the ip address list
2. "/ip dns cache all find where (name=$aServer && type="CNAME")"
Keep in mind that this done prior to a while do and the value will change. The goal is to follow the cname entries until we get to A records
3. '/ip dns cache all find where (name=[/ip dns cache all get $cname data] && type="A")"
Finally we're trying to get the a records that we found. The data of the cname record will be the A record
P
Re: :resolve function and multiple ip addresses
Posted: Tue Nov 06, 2018 5:45 pm
by indnti
Works great for amazon cloud addresses - thanks a lot