Fortinet Document Library

Version:

Version:

Version:

Version:


Table of Contents

Handbook

Download PDF
Copy Link

Configuring the response rate limit

The response rate limit keeps the FortiADC authoritative DNS server from being used in amplifying reflection denial of service (DoS) attacks.

Before you begin:

  • You must have a good understanding of DNS.
  • You must have Read-Write permission for Global Load Balance settings.

After you have created a response rate limit configuration, you can select it in the DNS policy and DNS general settings configurations.

To configure the response rate limit:
  1. Go to Global Load Balance > Zone Tools.
  2. Click the Response Rate Limit tab.
  3. Click Create New to display the configuration editor.
  4. Complete the configuration as described in Response rate limit configuration.

 

Response rate limit configuration

Settings Guidelines

Name

Configuration name. Valid characters are A-Z, a-z, 0-9, _, and -. No spaces. You reference the name in the global DNS policy configuration.

After you initially save the configuration, you cannot edit the name.

Responses per Second

Maximum number of responses per second. The valid range is 1-2040. The default is 1000.

Configuring the response rate limit

The response rate limit keeps the FortiADC authoritative DNS server from being used in amplifying reflection denial of service (DoS) attacks.

Before you begin:

  • You must have a good understanding of DNS.
  • You must have Read-Write permission for Global Load Balance settings.

After you have created a response rate limit configuration, you can select it in the DNS policy and DNS general settings configurations.

To configure the response rate limit:
  1. Go to Global Load Balance > Zone Tools.
  2. Click the Response Rate Limit tab.
  3. Click Create New to display the configuration editor.
  4. Complete the configuration as described in Response rate limit configuration.

 

Response rate limit configuration

Settings Guidelines

Name

Configuration name. Valid characters are A-Z, a-z, 0-9, _, and -. No spaces. You reference the name in the global DNS policy configuration.

After you initially save the configuration, you cannot edit the name.

Responses per Second

Maximum number of responses per second. The valid range is 1-2040. The default is 1000.