Techgeeeg,
You should treat legitimate traffic and bad traffic separately. You just jumped from one topic (controlling the TTL) to another (being attacked). These are two unrelated things. You understand that changing the TTL will not prevent you from being attacked.
For the legitimate traffic, you might have a good reason not to compare LTM and GTM traffic while evaluating the bandwidth. For example, one connection is dedicated to DNS requests and there is no other traffic on the link (never seen that before, but why not). In all other cases, because you know that DNS will always be a tiny percentage of your actual traffic (HTTP), you don't need to worry about it too much.
Now if you prefer, you can calculate the maximum number of DNS responses your bandwidth could handle... Take the average DNS packet size (it's usually about 100 Bytes = 800 bits). If your bandwidth is only 10 Mb/s, 10,000,000/800 = 12,500 DNS responses per second. If that's not enough, it means you need a bigger bandwidth.
Regarding bad traffic, implementing only the GTM module can already help you protect against DDoS attacks. Implementing DNS Express is a good example (DNS Express is a GTM feature that is also available with LTM).
Now if you want more control then yes, you should provision and configure AFM. As for ASM, it doesn't do anything with DNS in its current version.