You can use BIG-IP® Global Traffic Manager™ (GTM™) as a traffic screener in front of an existing DNS server. With this setup, all DNS traffic flows through BIG-IP GTM. Listeners that you configure on BIG-IP GTM verify incoming DNS queries. If the query is for a wide IP, BIG-IP GTM resolves the request. If the query is for a destination that does not match a wide IP or for an IP address that is not configured on BIG-IP GTM, the system forwards the query to the specified DNS server for resolution. When forwarding a query, BIG-IP GTM transforms the source address to a self IP address on BIG-IP GTM.
Traffic flow when BIG-IP GTM screens traffic to a DNS server
A listener is a specialized virtual server that passively checks for DNS packets on port 53 and the IP address you assign to the listener. When a DNS query is sent to the IP address of the listener, BIG-IP GTM™ either handles the request locally or forwards the request to the appropriate resource.
A wildcard listener is a special listener that is assigned an IP address of 0.0.0.0 and the DNS query port (port 53). When you want BIG-IP® GTM™ to respond to DNS queries coming into your network, regardless of the destination IP address of the given request, you use a wildcard listener.
Perform these tasks to send traffic through BIG-IP® GTM™.
Create listeners to alert the BIG-IP system to queries destined for a DNS server. Create four wildcard listeners: two that use the UDP protocol (one each for an IPv4 address and IPv6 address), and two that use the TCP protocol (one each for an IPv4 address and IPv6 address).
You now have an implementation in which BIG-IP®GTM™ receives all DNS queries. If the query is for a wide IP, BIG-IP GTM load balances the request to the appropriate resource. If the query is for an IP address of a DNS server, BIG-IP GTM either routes or forwards the query to the DNS server for resolution.