Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

model of asa for response rate limit

Hi , i'm new , just registered

I need to know what kind of cisco asa i should buy for my company, i need to use response rate limit , for limit dns requestes on my dns server.

If you' can helm me, i'll be very gratefull..


model of asa for response rate limit

nobody can help me?

model of asa for response rate limit

Recent versions of ISC BIND can rate-limit their responses themselves; Cisco ASA software can police packet flow rates but it's not their primary function.  If the only thing you want is rate-limiting, I wouldn't bother with the ASA.   If you need actual firewall, NAT, or IPS functionality, the ASA becomes useful.

To size an ASA, you'd need to know what kind of traffic rates you need to support, and what kind of inspections you plan to do.  Cisco has some published packet and throughput data at e.g.

In my own experience, simple firewall configurations and test traffic will at least meet and often exceed Cisco's guidance.

Personally, I'm using ASA 5525-x devices to support ~350 users on gigabit fiber uplinks averaging about 6kps, mixed sizes with good results.  With the older 5520's I was dropping packets during peak traffic surges to full line rates.

-- Jim Leinweber, WI State Lab of Hygiene

model of asa for response rate limit

thank you for reply james

actually i have in my company kerio firewall, the problem born when we exposed our dns server to internet, it works as a public dns server, but whe we open 53 port our bandwith will be saturated,

i thought that we need something that manage dns requests, so as to prevent the same ip can make requests in a short time.

bind, if I'm not mistaken, is a linux based dns server, but we had already a dns server

asa choise couldn't help me???

CreatePlease login to create content