Statement introduced in Junos OS Release 10.2.
When a match is made in a rulebase-ddos rule you can set the then action to ip-connection-rate-limit, which will limit the rate of future connections based on a connections per second limit that you set. This can be used to reduce the number of attacks from a client.
value—Defines the connection rate limit per second on the matched host.
Range: 1 to the maximum connections per second capability of the device.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.