DNS connections

Question

Hello, good morning&nbsp;
One question, if someone can help me.&nbsp;
 &nbsp;
I have 2 links. I have also created a DNS VS specific for ANY:53 all protocols, with fast layer 4. the method of least connections without persistence.&nbsp;
&nbsp;
Using the command b conn server domain: 53 show all I can see the connections made to this VS, and I see being made normally for the two links.&nbsp;
&nbsp;
When one of the links goes down, or if I give disable one of the links, repeating this command b conn server domain: 53 show all, I can see that some connections are still trapped in that link went down, just a litle, but exist. There is a time for these connections? this is configurable?&nbsp;
&nbsp;
What would be the best outlet to fix it?&nbsp;
&nbsp;
thanks a lot&nbsp;

what_lies_bene1 · Answer

You can adjust the Idle Timeout in a custom FastL4 profile that you can assign to the VS. The default value is 300s. If your DNS traffic is UDP you can drop this to quite a low value I would have thought, however for TCP that might not be so wise.

hooleylist · Answer

You might try a stateless virtual server if it's UDP DNS traffic.  See this thread for a good discussion: 
&nbsp;  
&nbsp; https://devcentral.f5.com/internal-forums/aft/1168069 
&nbsp;  
&nbsp; Aaron

kleython_kell_5 · Answer

thanks, i will adjust the timeout to 5 seconds

Forum Discussion

DNS connections

3 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5 Rseries HA

Need advise to setup a policy on F5

F5 Rseries R2600 Tenant sizing

Can iRule mask the payload content on event logs of security

Related Content

Using F5 Distributed Cloud DNS Load Balancer health checks and DNS observability

Logging of DNS Requests and Responses without a DNS license

Logging DNS Requests

GSLB Split DNS by iRule

ESRP Strategies: DNS Water Torture Attack