F5 DNS Solution for Communications Service Providers
Nov 18, 2014
F5 DNS Solution for Communications Service Providers
2
Key Facts
F5 Provides Communications Service Providers with a Carrier-Grade DNS Solution that Delivers:
• High speed authoritative DNS responses
• High volume query rates
• Secure DNS transactions
• IPv4 and IPv6 integration
• Attack impact mitigation
3
Why DNS? Every Second Counts…
A one-second delay means:
• 7% loss in conversions
• 11% fewer page loads
• 16% decrease in customer satisfaction
If your site earns $100,000 a day, this translates to millions lost per year!
4
The F5 Service Delivery Network Dynamic & Unified Service Intelligence
Data Services
Video Services
Voice Services
Core Strategic Point of Control• Traffic steering & policy enforcement• Load balancing • AAA scaling• Connection brokering• Optimization & acceleration
Edge Strategic Point of Control• Traffic steering & policy enforcement• Network Address Translation (NAT)• IPv6 interworking• TCP optimization• Caching
End-to-End Session Awareness
Video
Data
Voice
BIG-IP VIPRION BIG-IP VIPRION
5
F5 Carrier-Grade DNS Solution
• Dimensional DNS traffic scaling - ScaleN
• Destination service high availability – global server load balancing
• Attack mitigation – IP Anycast
• DNSSEC
• Performance – DNS Express, DNSSEC Key Management
• Flexibility – iRules, iApps
• IPv6 – DNS64, integration with NAT64
Solution
6
Scaling and Distribution
Features
• Virtualization of authoritative DNS servers and multisite load balancing
• Transparent monitoring and route health injections
• DNSSEC with signed responses
• Layer 7 DoS and brute force attack protection (ASM)
• Location based services
Benefits• Distributes user application requests based
upon policies, data center conditions and network conditions
• Carrier-class availability and scalability to support millions of subscribers
• Enables multi-site redundancy for disaster recovery
• Simplified implementation and reduced management
Solution
IP AnyCast
Client Services
DNS Servers
DNS 64
Data Center 1
DNS Servers
DNS 64
Data Center 2
7
DNS Express• Ability to manage tens of millions of records
• Fast response times for multiple authoritative responses
• Increases scalability
• Mitigation of DoS/DDoS Attacks
• Consolidate DNS servers
DNS Express in TMOS
DNS Server
ManageDNS
Records
NIC
OSAdminAuth.Roles
DynamicDNS
DHCP
AnswerDNS
Query
AnswerDNS
Query
AnswerDNS
Query
AnswerDNS
Query
AnswerDNS
Query
Managing High Volume Requests
8
DNS Attack Mitigation
• Same IP address for multiple devices• Geographically separate the DNS request load for all requests• Scale DNS infrastructure up and out per BIG-IP • Revenue and brand are protected
9
Hardware Designed for Service Providers
• Industry’s best performance – up to 72 Gbps
throughput
• Hot-swappable components; on-demand
performance
• Flexible deployment options – NEBS, DC power