You can configure IP Anycast for DNS services on BIG-IP Global Traffic Manager (GTM) to help mitigate distributed denial-of-service attacks (DDoS), reduce DNS latency, improve the scalability of your network, and assist with global traffic management. This configuration adds routes to and removes routes from the routing table based on availability. Advertising routes to virtual addresses based on the status of attached listeners is known as Route Health Injection (RHI).
Perform these tasks to configure BIG-IP GTM for IP Anycast.
|Allow||Forward the connection request to another DNS server or DNS server pool. Note that if a DNS server pool is not associated with a listener and the Use BIND Server on BIG-IP option is enabled, connection requests are forwarded to the local BIND server. (Allow is the default value.)|
|Drop||Do not reply.|
|Reject||Return the query with the REFUSED return code.|
|Hint||Return the query with a list of root name servers.|
|No Error||Return the query with the NOERROR return code.|
|All VLANs||When you want this listener to handle traffic on all VLANs within
the network segment.
Note: Use this option if BIG-IP GTM is handling traffic for the destination IP address locally. This option also applies when the system resides on a network segment that does not use VLANs.
|Enabled on||When you want this listener to handle traffic on only the VLANs that you move from the Available list to the Selected list.|
|dns||This is the default DNS profile. With the default dns profile, BIG-IP GTM forwards non-wide IP queries to the BIND server on the BIG-IP GTM system itself.|
|<custom profile>||If you have created a custom DNS profile to handle non-wide IP queries in a way that works for your network configuration, select it.|