When a DNS query arrives at a F5 GTM/DNS, this is the processing order for the DNS query.
1 – DNS Query is processed by the Listener.
2- If Recursion Desired (RD) flag is set in the incoming query and if the DNS Profile associated with the Listener has “Process Recursion Desired” enabled, the following is done:
a. DNS iRule
b. DNSSEC Key Processing
c. DNS Express
d. DNS Profiles
3 – If Recursion Desired (RD) flag is set in the incoming query and if the DNS Profile associated with the Listener has “Process Recursion Desired” disabled, the query is considered “Un-handled” and dispatched according to “Unhanded Query Action” set in DNS Profile.
4 – DNS Cache is used to handle any DNS query that doesn’t match Big-IP GTM/DNS or DNS Express Records.
Reference: K14510