Configuring the response rate limit
The response rate limit keeps the FortiADC authoritative DNS server from being used in amplifying reflection denial of service (DoS) attacks.
Before you begin:
• You must have a good understanding of DNS.
• You must have Read-Write permission for Global DNS Server settings.
After you have created a response rate limit configuration, you can select it in the DNS policy and DNS general settings configurations.
To configure the response rate limit:
1. Go to Global Load Balance > Zone Tools.
2. Click the Response Rate Limit tab.
3. Click Add to display the configuration editor.
4. Complete the configuration as described in
Table 42.
Table 42: Response rate limit configuration
Settings | Guidelines |
Name | Configuration name. Valid characters are A-Z, a-z, 0-9, _, and -. No spaces. You reference the name in the global DNS policy configuration. After you initially save the configuration, you cannot edit the name. |
Responses per Second | Maximum number of responses per second. The valid range is 1-2040. The default is 1000. |