You can configure IP Anycast for DNS services on the BIG-IP system to help mitigate distributed denial-of-service attacks (DDoS), reduce DNS latency, improve the scalability of your network, and assist with traffic management. This configuration adds routes to and removes routes from the routing table based on availability. Advertising routes to virtual addresses based on the status of attached listeners is known as Route Health Injection (RHI).
|Allow||The BIG-IP system forwards the query to a DNS server or a member of a pool of DNS servers. Note that if the pool is not associated with a listener and the Use BIND Server on BIG-IP option is set to enabled, queries are forwarded to the local BIND server. (Allow is the default value.)|
|Drop||The BIG-IP system does not respond to the query.|
|Reject||The BIG-IP system returns the query with the REFUSED return code.|
|Hint||The BIG-IP system returns the query with a list of root name servers.|
|No Error||The BIG-IP system returns the query with the NOERROR return code.|
|dns||This is the default DNS profile. With the default dns profile, GTM forwards non-wide IP queries to the BIND server on the GTM system itself.|
|<custom profile>||If you have created a custom DNS profile to handle non-wide IP queries in a way that works for your network configuration, select it.|