This document discusses DNS reflection attacks and ways to mitigate them. DNS uses UDP, allowing source IP addresses to be spoofed. An attacker can spoof the victim's IP and use open DNS resolvers to reflect large DNS responses, overwhelming the victim. Response rate limiting aims to throttle responses to a network if too many identical queries are received, reducing the attack payload size. Configuring DNS servers to provide minimal responses and closing open resolvers also helps reduce the risks.