Address Manager includes DNS response rate limiting to the DNS configuration in order to better guard against DDoS attacks. Response rate limiting is a method of limiting the rate of responses by a DNS server in order to reduce the impact of DNS reflection and amplification attacks.
It's intended for use on authoritative servers. These kinds of attacks employ false source IP addresses which can't be detected at a distance. DNS servers responding to queries from these IP addresses without rate limiting are at risk of sending a stream of very large responses to an IP address that didn't solicit the responses. Response rate limiting sets a cap on the number of responses sent from the DNS server, effectively dampening the attack.
You can configure DNS response rate limiting by adding a DNS Raw option from the Address Manager user interface. BlueCat recommends configuring this DNS Raw option at the Server level.
To configure DNS response rate limiting: