Use the following iptables command to rate limit connections per IP. This is useful for preventing a DDoS attack on DNS servers. However, for DDoS protection for your DNS servers, you should be hosting DNS with the big cloud providers like Cloudflare, or running dnsdist in front of your authoritive servers.