Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?





Hierarchy Level

Release Information

Statement introduced in Junos OS Release 10.2.


When a match is made in a rulebase-ddos rule you can set the then action to ip-connection-rate-limit, which will limit the rate of future connections based on a connections per second limit that you set. This can be used to reduce the number of attacks from a client.


value—Defines the connection rate limit per second on the matched host.

Range: 1 to the maximum connections per second capability of the device.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.