You can configure a resolver or validating resolver DNS cache on the BIG-IP system to generate SNMP alerts and log messages when the
cache receives unsolicited replies. This is helpful as an alert to a potential security
attack, such as cache poisoning or DDoS.
On the Main tab, click
The DNS Cache List screen opens.
Click the name of the cache you want to modify.
The Properties screen opens.
In the Unsolicited Reply Threshold field, change the default
value if you are using the BIG-IP system to monitor for unsolicited
replies using SNMP.
The system always rejects unsolicited replies. The default value of 0 (off) indicates
the system does not generate SNMP traps or log messages when rejecting unsolicited
replies. Changing the default value alerts you to a potential security attack, such as
cache poisoning or DOS. For example, if you specify 1,000,000 unsolicited replies, each
time the system receives 1,000,000 unsolicited replies, it generates an SNMP trap and log