F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

daboochmeister's avatar
daboochmeister
Icon for Cirrus rankCirrus
Sep 25, 2017

GTM/DNS - separate listeners for internal vs. external DNS requests recommended?

Have had our GTMs setup for internal gslb for a bit now - going to expose the GTMs for public DNS access as well. An external firewall will NAT the incoming traffic to the GTM's listener (which is a ...
application delivery
BIG-IP DNS
Vijay_E's avatar
Vijay_E
Icon for Cirrus rankCirrus
Sep 25, 2017

There is really no need to have 2 separate WIPs for internal and external DNS requests.

 

There is one thing that you may want to consider - DNS tends to get DoS'd quite frequently with brute force/flood of requests. Can the firewall in front of the GTM handle flood of traffic ? If the firewall also filters non-DNS traffic for other applications, you can remove the firewall and use a standalone GTM with public IP address in order to prevent other services from going down because of a DNS DoS attack.