BIG-IP DNS

Hyperscale up to 100 million responses per second (RPS) to manage rapid increases in DNS queries. With a feature set that includes multicore scalability, DNS Express, and IP Anycast integration, DNS delivery can handle millions of DNS queries and ensures top application performance for users.

• 100m RPS Performance - BIG-IP DNS hyperscales authoritative DNS up to 100 million query responses per second (RPS), ensuring that users connect to the best site, and delivers on-demand scaling for DNS and global apps. DNS Express improves standard DNS functions by offloading DNS responses and scaling from hundreds of thousands to more than 50 million RPS.
• DNS On-Demand Scaling - Deploy on-demand scaling with rate limit and object limit capacity as desired to BIG-IP DNS and GSLB.
• Global Performance in the Cloud and On Premise - Direct users to servers that will deliver the fastest, most reliable connection based on business policies, user locations and app/server performance.

Total security is necessary for every application because applications are the center of attention for both bad actors and legitimate users. A poorly secured network can have damaging consequences, costing customers and revenue. BIG-IP DNS services provide DevOps-friendly agility with the scale, security depth, and investment protection needed for both established and emerging apps.

• DNS Firewall/DDoS - Can be combined with BIG-IP AFM to provide extensive security, including shielding DNS from volumetric DDoS attacks such as UDP floods or amplification DDoS attacks.
• DNSSEC - Protect LDNS servers from cache poisoning and man-in-the-middle attacks with real-time DNSSEC.
• DoH/DoT - BIG-IP DNS decrypts and resolves DNS queries over HTTPS (DoH) without impacting RPS. DNS over TLS (DoT) ensures that DNS requests and responses are not tampered with or forged via on-path attacks.

Enhance caching and resolving to increase scalability

DNS latency can be reduced by enabling a DNS cache on BIG-IP DNS and having it respond immediately to client requests. This consolidates the cache and increases the cache hit rate, reducing DNS latency up to 80 percent. In addition to caching, BIG-IP DNS allows the device to do its own DNS resolving without requiring the use of an upstream DNS resolver.

• Cache Consolidation - Latency and response time reduced by up to 80%.
• DNS Load Distribution - IP Anycast integration distributes the DNS request load and directs single IP requests to multiple local devices.
• Location-Based Routing - Routes clients to the nearest data center with geolocation-based load balancing for the best user experience.

Simplify DNS network management

Networks are growing, both in scale and traffic demands, driving the need for improved availability for users and better access and management for administrators. BIG-IP DNS affords easy visibility and programmability, ensuring network architectures are easier to maintain.

• Integration with current infrastructure - Communicate and integrate with network devices like SNMP agents, third-party caches, servers, routers, and load balancers to diagnose network endpoint health.
• Flexible site options - Enable flexible site options including Active/Active, Active/Passive, or Active/DR Only.
• Failover that ensures availability - Failover whole data centers or individual apps/servers to ensure users have uninterrupted access to the apps they need.