16-Sep-2022 19:29
Current we are using dns server integrated with AD, and all client ,server, device...point to these dns to resolve internal and resolve public domain. But dns hange some time when have server problem send more dns as ddos to DNS server and hang. If We are using F5 DNS then can prevent this ? and I worry all client , server join domain and point dns to F5 DNS instead-of AD DNS ? and if point to F5 then client, server still join domain and login AD normal ? please suggest help me. and another solution if have.tks
21-Sep-2022 12:00
Hi @Thanh_Tien - I see that your post hadn't gotten a response yet, and just wanted to let you know that I've asked a colleague to jump in with an answer for you.
26-Sep-2022 16:27
FYI, @AubreyKingF5 will post an answer for you tomorrow.
29-Sep-2022 11:31
This is the easiest way to get this done. I have personally configured this in a Tier 1 Service Provider mobility environment, so I can tell you that performance is QUITE high, when tuned appropriately with a udp profile.
This also allows you to add a full proxy caching dns firewall in front of your AD DNS.
29-Sep-2022 11:32
Sorry for the delay. I was certain I posted this here on the same day I made the video to answer the question.
04-Oct-2022 12:04
Checking back to make sure you're good on this. Have you tried or tested this solution yet? It's far easier than secondarying and we run this architecture for BIND, Infoblox, AD.. you name it.