DnsServerResponseRateLimiting manages Response Rate Limiting (RRL) on a Windows DNS server.
Source |
|
DSC Resource |
N/A |
Documentation |
|
Important
|
Currently only a basic set of |
| Parameter | Attribute | DataType | Description | Allowed Values |
|---|---|---|---|---|
Mode |
String |
Specifies the state of RRL on the DNS server. If the mode is set to LogOnly the DNS server performs all the RRL calculations but instead of taking the preventive actions (dropping or truncating responses), it only logs the potential actions as if RRL were enabled and continues with the normal responses. |
|
|
ErrorsPerSec |
UInt32 |
Specifies the maximum number of times that the server can send an error response to a client within a one-second interval. The error responses include: REFUSED, FORMERR and SERVFAIL |
||
ResponsesPerSec |
UInt32 |
Specifies the maximum number of times that the server sends a client the same response within a one-second interval. |
||
Hashtable[] |
RRL exception lists on a DNS Server. |
| Parameter | Attribute | DataType | Description | Allowed Values |
|---|---|---|---|---|
Name |
Key |
String |
Specifies the name of an RRL exception list. |
|
Fqdn |
Mandatory |
String |
Specifies FQDN values for the exception list. The value must have the following format: COMPARATOR, value1, value2,…, COMPARATOR, value 3, value 4,.. where the COMPARATOR can be EQ or NE. There can be only one EQ and one NE in a value. See Set-DnsServerResponseRateLimitingExceptionlist for more details. |
DnsServerResponseRateLimiting:
Mode: Enable
ErrorsPerSec: 10
ResponsesPerSec: 10
Exceptions:
- Name: ExceptionListSafe
Fqdn: EQ,*.contoso.com