LTM delay with AAAA record request over IPv4?

Question

I have an LTM running 11.5.3 that seems to be causing a delay when a RedHat6 server makes a combined AAAA/A request over IPv4 (only) to a DNS server pool being load-balanced by the LTM. There's a FastL4 udp profile in place (no DNS profile). This is not a problem with an old ACE30 load-balancer; only with the LTM. Anyone have any suggestions about how to deal with this? Documentation refers quite a bit to IPv6-to-IPv4 traffic manipulation but nothing that I could find concerning a combined A/AAAA request over IPv4. Apparently the AAAA request always goes first and sometimes a AAAA record can be returned and sometimes it's an A record (simply based on what's available for that lookup). Not sure if the v6-to-v4 settings apply in this situation since there's no actual v6 traffic.

kai_wilke · Answer

Hi MB,&nbsp;
if you don't apply a DNS profile to your Virtual Server, your F5 wouldn't care about A, AAAA or even combined A &amp; AAAA queries. Only the payload size of the DNS query / response would matter in this case...&nbsp;
Have you already captured the ingress / egress traffic of your F5 to see if the F5 quickly forwards the DNS request/responses and/or if the client eventually tries to use DNS-over-TCP and needs to wait for TCP timeouts (e.g. DNS payload &gt;= 512 bytes)?&nbsp;
Cheers, Kai&nbsp;

Forum Discussion

LTM delay with AAAA record request over IPv4?

1 Reply

Recent Discussions

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Reverse Proxy Not Behaving

Stable Firmware for F5

Related Content

Block requests by reverse DNS record

Solution for delayed BIG-IP page load of the Configuration utility

Logging DNS Requests

Distributed caching of authentication requests with NGINX Ingress Controller

Enabling DNSSEC for 1 record only