If you are configuring the ServerIron ADX to load balance traffic to multiple servers on the other side of routers and you want to load-balance the traffic according to TCP or UDP application, you disable the Layer 4 health checks. If you do not disable the health checks in this type of configuration, the routers will fail the health checks (because the target applications for the health checks are not on the routers themselves) and the ServerIron ADX will stop forwarding traffic to those servers.
The port dns l4-check-only command configures the ServerIron ADX to use Layer 4 UDP keepalive health checks for the DNS port, instead of Layer 7 DNS health checks. This command applies to keepalive health checks only, not to the health check performed when the DNS port is brought up. When the DNS port on a real server is brought up, by default the ServerIron ADX performs a Layer 4 TCP health check. You can configure the ServerIron ADX to perform a Layer 4 UDP health check when the DNS port is brought up by adding the
no tcp keepalive enable command to the DNS port profile. For example:
