RRL = Response Rate Limiting

You have to use the CLI to implment DNS rate limiting.

• DNS Rate Limit is used to protect the server from being overloaded by queries (e.g. protect against DDoS attacked and amplification attacks against another system).
• IP Rate Limit is when we protect the DNS server from being overwhelmed by responses to queries that it made (e.g. protect against cache poisoning).

Enable RRL

set dns_rrl enable

Use the set dns_rrl command to configure RRL (Response Rate Limiting) settings for the Grid or members

Set for Grid Wide

set dns_rrl responses_per_second 100 log_only false window default slip 2 logging disable

The set ip_rate_limit commands enable and disable rate limiting UDP traffic from source port 53, configure rate limiting rules that control the traffic, and remove rate limiting rules. Once you enable rate limiting, the current rate limiting rules take effect.

Enable ip_rate_limit

set ip_rate_limit on

Block all traffic from 10.1.1.1

set ip_rate_limit add source 10.1.1.1 limit 0

Limit the traffic to five packets per minute from host 10.10.1.2/24, with an allowance for burst of 10 packets

set ip_rate_limit add source 10.10.1.2/24 limit 5/m burst 10