I am running a PowerDNS 3.4.1 slave pdns-s with various DNS masters, most of them non-PDNS. One of the masters is another PDNS under my control ( pdns-m ).
pdns-s works just fine BUT from time to time bombards pdns-m with SOA queries, presumably to check zone freshness. That would not be an issue except there's a firewall inbetween that feels this is a UDP flood (defined as more than 1k packets/s). Unfortunately the fw UDP flood setting can only be changed globally and the fw admin is not keen to raise it.
Preferably there'd be a setting that limits the number of SOA queries per second. The only tweak I found was slave-cycle-interval which was already raised from 60 to 300.