This command resets all the RRL parameters on the DNS Server to default values.
Example 3: Set RRL to LogOnly mode
PS C:\> Set-DnsServerRRL -Mode LogOnly
This command sets the RRL on the DNS server to LogOnly mode.
Parameters
-AsJob
Runs the cmdlet as a background job. Use this parameter to run commands that take a long time to complete.
The cmdlet immediately returns an object that represents the job and then displays the command prompt.
You can continue to work in the session while the job completes.
To manage the job, use the *-Job cmdlets.
To get the job results, use the Receive-Job cmdlet.
For more information about Windows PowerShell background jobs, see about_Jobs.
Parameter properties
Type:
SwitchParameter
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-CimSession
Runs the cmdlet in a remote session or on a remote computer.
Enter a computer name or a session object, such as the output of a New-CimSession or Get-CimSession cmdlet.
The default is the current session on the local computer.
Parameter properties
Type:
CimSession[]
Default value:
None
Supports wildcards:
False
DontShow:
False
Aliases:
Session
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-ComputerName
Specifies a remote DNS server.
You can specify an IP address or any value that resolves to an IP address, such as a fully qualified ___domain name (FQDN), host name, or NetBIOS name.
Parameter properties
Type:
String
Default value:
None
Supports wildcards:
False
DontShow:
False
Aliases:
Cn
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
Type:
SwitchParameter
Default value:
False
Supports wildcards:
False
DontShow:
False
Aliases:
cf
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-ErrorsPerSec
Specifies the maximum number of times that the server can send an error response to a client within a one-second interval.
The error responses include: REFUSED, FORMERR and SERVFAIL
Parameter properties
Type:
UInt32
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
True
Value from remaining arguments:
False
-Force
Forces the command to run without asking for user confirmation.
Parameter properties
Type:
SwitchParameter
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-IPv4PrefixLength
Specifies the IPv4 prefix length, which indicates the size of the subnet in which the incoming queries are grouped.
The server applies RRL if queries resulting in the same response occur more frequently than expected in a specified time window.
The default value of this parameter is 24.
Parameter properties
Type:
UInt32
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
True
Value from remaining arguments:
False
-IPv6PrefixLength
Specifies the IPv6 prefix length, which indicates the size of the IPv6 subnet in which the incoming queries are grouped.
The server applies RRL if queries resulting in the same response occur more frequently than expected in a specified time window.
The default value of this parameter is 56.
Parameter properties
Type:
UInt32
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
True
Value from remaining arguments:
False
-LeakRate
Specifies the rate at which the server responds to dropped queries.
For queries that meet criteria to be dropped due to RRL, the DNS server still responds once per LeakRate queries.
For example, if LeakRate is 3, the server responds to one in every 3 queries.
The allowed range for LeakRate is 2 to 10.
If LeakRate is set to zero, then no responses are 'leaked' by RRL.
LeakRate leaves a chance for the victims in the same subnet as the forged IP address to get responses to their valid queries.
The default value for LeakRate is 3.
Parameter properties
Type:
UInt32
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
True
Value from remaining arguments:
False
-MaximumResponsesPerWindow
The Set-DnsServerResponseRateLimiting cmdlet enables Response Rate Limiting (RRL) on a Windows DNS server.
Parameter properties
Type:
UInt32
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
True
Value from remaining arguments:
False
-Mode
Specifies the state of RRL on the DNS server.
The acceptable values for this parameter are: Enable, or Disable, or LogOnly.
If the mode is set to LogOnly the DNS server performs all the RRL calculations but instead of taking the preventive actions (dropping or truncating responses), it only logs the potential actions as if RRL were enabled and continues with the normal responses.
The default value is Enable.
Parameter properties
Type:
String
Default value:
None
Accepted values:
LogOnly, Enable, Disable
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
True
Value from remaining arguments:
False
-PassThru
Returns an object representing the item with which you are working.
By default, this cmdlet does not generate any output.
Parameter properties
Type:
SwitchParameter
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-ResetToDefault
Indicates that this cmdlet sets all the RRL settings to their default values.
Parameter properties
Type:
SwitchParameter
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
True
Value from remaining arguments:
False
-ResponsesPerSec
Specifies the maximum number of times that the server sends a client the same response within a one-second interval.
Parameter properties
Type:
UInt32
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
True
Value from remaining arguments:
False
-ThrottleLimit
Specifies the maximum number of concurrent operations that can be established to run the cmdlet.
If this parameter is omitted or a value of 0 is entered, then Windows PowerShell® calculates an optimum throttle limit for the cmdlet based on the number of CIM cmdlets that are running on the computer.
The throttle limit applies only to the current cmdlet, not to the session or to the computer.
Parameter properties
Type:
Int32
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-TruncateRate
Specifies the rate at which the server responds with truncated responses.
For queries that meet the criteria to be dropped due to RRL, the DNS server still responds with truncated responses once per TruncateRate queries.
For example, if TruncateRate is 2, one in every 2 queries receives a truncated response.
The TruncateRate parameter provides the valid clients a way to reconnect using TCP.
The allowed range for TruncateRate is 2 to 10.
If it is set to 0, then this behaviour is disabled.
The default value is 2.
Parameter properties
Type:
UInt32
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
True
Value from remaining arguments:
False
-WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
Parameter properties
Type:
SwitchParameter
Default value:
False
Supports wildcards:
False
DontShow:
False
Aliases:
wi
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-WindowInSec
Specifies the period (in seconds) over which rates are measured and averaged for RRL.
RRL is applied if queries from same subnet, resulting in same response, occur more frequently than expected in a specified time window.
The default value is 5.
Parameter properties
Type:
UInt32
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
True
Value from remaining arguments:
False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable,
-InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable,
-ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see
about_CommonParameters.
The Microsoft.Management.Infrastructure.CimInstance object is a wrapper class that displays Windows Management Instrumentation (WMI) objects.
The path after the pound sign (#) provides the namespace and class name for the underlying WMI object.