AI ADC01: Weak DNS practices

Lori Mac VittieDistinguished Engineer and Chief Evangelist | F5

It’s always DNS.

The great Azure meltdown of 2025? DNS. The AWS regional outage in 2025 that took down half the internet for a few hours? DNS again. The oldest running joke in IT still holds because name resolution is the first domino and when it falls, everything after it faceplants.

Now toss AI into that mix. AI doesn’t magically fix DNS. It magnifies every weakness in it. Inference endpoints come and go, pods respawn, services rename themselves faster than you can curse them. If DNS isn’t resilient, you’re chasing ghosts while GPUs idle.

When we worked through the top ten application delivery challenges, the very first item on the list was related to DNS. ADC01 warned about weak DNS practices because they wreck performance, availability, and scale. That truth hasn’t aged a day. What’s changed is velocity: AI architectures spin faster, and every misconfigured TTL or unsecured update becomes a million-dollar outage waiting for daylight.

DNS isn’t glamorous. It’s the plumbing. But if you’re building AI systems that rely on real-time inference or globally distributed models, your DNS better be smarter than your model or it’s game over before the first token drops.

How AI impacts DNS practices

Here are the major shifts you’ll face when moving from “regular apps” to serious AI systems and how DNS is still the root choke point.

1. Velocity and churn of infrastructure

AI isn’t static. Endpoints pop up, scale out, then get torn down across data centers, regions, and out to the edge. If your DNS updates don’t keep pace (remember the dynamic updates warning in ADC01) you’ll hit stale records, failed connections, and performance gaps.

Because with AI, every millisecond counts. The model might be ready, the GPU might be spinning, but if the DNS lookup to the inference endpoint is slow or wrong, you’re dead in the water.

2. Global reach + edge presence

AI systems often span geographies, cloud providers, and edge sites. Availability is mission-critical. ADC01 flagged that weak DNS hurts availability. With AI, the stakes are higher. Mis-routing, latency spikes, or DNS outages mean degraded model responses or even service blackouts for users across regions.

3. Security and trust issues amplified

AI workloads frequently handle sensitive data, make decisions, and serve regulatory-bound operations. If DNS is unsecured (e.g., no DNSSEC), then an attacker redirecting traffic or spoofing endpoints can have catastrophic consequences including corrupted training data, rogue inference outputs, and data breaches.

With AI, you can’t say “we’ll fix DNS later;” you must assume adversaries will exploit any gap.

4. Scaling complexity and cost pressure

ADC01 points out that weak DNS practices hamper scalability and increase operational cost. In AI, cost is already huge: data pipelines, GPUs, model-ops, monitoring. DNS inefficiencies become wasted compute, wasted time, and wasted budget.

The DNS question becomes: can your infrastructure scale the name-resolution scaffolding as fast as your model scale-out?

5. Dependencies are opaque and cascades are faster

In AI, there are many dependencies: data ingestion, model serving, orchestration, logging, telemetry. DNS sits underneath all that. If DNS fails, everything above collapses faster than in traditional apps. ADC01’s impact categories (performance, availability, scalability, ops-efficiency) all map directly, but with AI the ripple effect is magnified, much like AI’s impact on just about everything else.

It really is always DNS

Here’s the bottom line: It’s always DNS. That might sound like an old cliché but that’s because it’s true. You can build the most sophisticated AI model in the world, but if the name resolution fails, the user never sees it.

The guidance in ADC01 remains rock-solid, even for AI workloads and, perhaps, especially for agentic AI. If we want our systems run at AI-speed and scale, we must apply that guidance sooner and more rigorously.

DNS isn’t something you worry about “after we nail the model.” It’s something you master before you expose your model to the world.

Get DNS right and you free your AI system to actually shine. Ignore it and your model becomes just a very expensive black blob nobody can reach.

About the Author

Lori Mac VittieDistinguished Engineer and Chief Evangelist | F5

Lori MacVittie is a Distinguished Engineer and Chief Evangelist in F5’s Office of the CTO with deep expertise in application delivery, automation strategy, and infrastructure. She is known for turning complexity into clarity whether she’s defining guardrails for AI agents, dissecting brittle multicloud architectures, or probing the limits of scalable systems. She brings more than thirty years of industry experience across application development, IT architecture, and network and systems operations. Before joining F5, she served as an award-winning technology editor. MacVittie holds an M.S. in Computer Science and is a prolific author whose publications span security, cloud, and enterprise architecture. She is also an avid tabletop and video gamer with unapologetically strong opinions about cheese.

More blogs by Lori Mac Vittie