Manual Chapter :
Overview: Filtering DNS traffic
Applies To:
Show Versions
BIG-IP AFM
- 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.10, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0
Overview: Filtering DNS traffic
With a DNS security profile, you can filter DNS to allow or deny specific
DNS query types, and to deny specific DNS OpCodes. The DNS security profile is attached to, and
works with, a local traffic DNS profile to configure a range of DNS settings for a virtual
server. Use DNS protocol filtering:
- To filter DNS query types or header OpCodes that are not necessary or relevant in your configuration, or that you do not want your DNS servers to handle.
- As a remediation tool to drop packets of a specific query type, if a DoS Protection Profile identifies anomalous DNS activity with that query type.
