You can configure IP Anycast for DNS services on the BIG-IP system to help mitigate distributed denial-of-service attacks (DDoS), reduce DNS latency, improve the scalability of your network, and assist with traffic management. This configuration adds routes to and removes routes from the routing table based on availability. Advertising routes to virtual addresses based on the status of attached listeners is known as Route Health Injection (RHI).
Perform these tasks to configure the BIG-IP system for IP Anycast.
|Allow||The BIG-IP system forwards the connection request to another DNS server or DNS server pool. Note that if a DNS server pool is not associated with a listener and the Use BIND Server on BIG-IP option is set to enabled, connection requests are forwarded to the local BIND server. (Allow is the default value.)|
|Drop||The BIG-IP system does not respond to the query.|
|Reject||The BIG-IP system returns the query with the REFUSED return code.|
|Hint||The BIG-IP system returns the query with a list of root name servers.|
|No Error||The BIG-IP system returns the query with the NOERROR return code.|
|All VLANs||When you want this listener to handle traffic from VLANs within the
Note: Use this option if BIG-IP GTM is handling traffic for the destination IP address locally. This option also applies when the system resides on a network segment that does not use VLANs.
|Enabled on||When you want this listener to handle traffic from only the VLANs that you move from the Available list to the Selected list.|
|Disabled on||When you want this listener to exclude the traffic from the VLANs that you move from the Available list to the Selected list.|
|dns||This is the default DNS profile. With the default dns profile, BIG-IP GTM forwards non-wide IP queries to the BIND server on the BIG-IP GTM system itself.|
|<custom profile>||If you have created a custom DNS profile to handle non-wide IP queries in a way that works for your network configuration, select it.|