This section covers the following features:

  • Visibility and Analytics

  • Log Settings

Visibility and Analytics

Navigate to Applications > Virtual Services and click the name of a virtual service configured for DNS. For instance, DNS-Site-US-East.

The Analytics tab displays the required metrics.

The Logs tab provides detailed information about DNS queries from clients, including FQDN, query-type, significant errors, responses such as IP addresses, CNAME, SRV, etc.

Log Settings

  • Non-significant logging is not recommended, since a DNS service usually receives a large number of DNS requests, resulting in an excessive number of log entries.

  • Categorization of non-significant logs is also very important. If certain errors are typical in a certain deployment, these errors should be excluded from significant logs.

  • Refer to Exclude DNS Error for more details on the exclude DNS errors section.

Select the options available as per the requirement in the Log Analytics selector, as shown in the example below:

  • Sub-domain names can be used to filter DNS requests.

  • NO-DATA may occasionally appear when a metric tile is selected. This typically implies “Not Applicable”. For instance, a GSLB service name may not be applicable for the DNS proxy or a static entry.

The DNS Records tab is unique to this kind of virtual service.

Additional Information

  • Any domains that are not explicitly configured on the DNS service are dropped through domain filtering (The default setting is to allow all domains).

  • Time-to-live (TTL) can be customized (Default is 30 seconds).

  • Network security policy can be based on client (source) IP and port.

  • With full TCP proxy, client spoofing is prevented for TCP DNS queries. SYN flood attacks are mitigated.

  • You can respond to failed DNS requests by returning a DNS error code or dropping the packets.