Forum Discussion

Nimbostratus

Feb 03, 2015

New connection and Active connection

hi all. I've deployed the DNS. the new connection graph displays 30k connections. and In the fastL4 profile, timeout value is 1s for udp dns query. But, the active connection gr...

StephanManthey

Nacreous

Feb 03, 2015

Hi,

for DNS via UDP I would recommend to use a dedicated virtual server in mode standard configured on port 53 for UDP protocol with a pre-defined "udp_gtm_dns" profile assigned.

This specific profile has the "Datagram LB" option enabled and a 5 seconds timeout. It will delete the connection table entry right after the servers response.

Perhaps you may want to create a second virtual server to handle DNS via TCP as well using the same IP in mode "Performance (Layer 4)" with to handle TCP port 53 with a fastL4 profile.

In case you got the DNS services add-on module or run a LTM/GTM combo, both virtual servers may run in mode "standard" and use a DNS profile allowing you to provide DNS protocol proxy capabilities by your virtual server.

Thanks, Stephan Thanks, Stephan

Forum Discussion

New connection and Active connection

Recent Discussions

Question about adding VEs to existing physical appliance device group without ASM licenses

2026 301a exam

How can I measure Advanced WAF (ASM) throughput on a running BIG-IP VE (per VIP / per policy)?

What is the best practice for migrating from iseries to rseries?

BIG-IP i11000 – License compatibility with TMOS versions above 14.1.2 and Web GUI inaccessible

Related Content

Site-to-Site Connectivity in F5 Distributed Cloud Network Connect – Reference Architecture

F5 Distributed Cloud Kubernetes Integration: Securing Services with Direct Pod Connectivity

AWS Transit Gateway Connect: GRE + BGP = ?

Securely connecting Kubernetes Microservices with F5 Distributed Cloud

DevCentral Connects hosts Capture the Flag!