My view is that you're better off adding this logic into your DNS server and using ECMP before adding yet another application into the stream of DNS packets.

If you want your individual servers to coordinate their attack profile, you can do that either in-band, or out-of-band.

We've never seen any benefit to anything besides affinity-based (src/dst/etc.) ECMP.