diff --git a/files/etc/kubernetes/psa.yaml b/files/etc/kubernetes/psa.yaml
index 9072c55..fe13d52 100644
--- a/files/etc/kubernetes/psa.yaml
+++ b/files/etc/kubernetes/psa.yaml
@@ -16,3 +16,12 @@ plugins:
       usernames: []
       runtimeClasses: []
       namespaces: [kube-system, cis-operator-system]
+- name: EventRateLimit
+  configuration:
+    apiVersion: eventratelimit.admission.k8s.io/v1alpha1
+    kind: Configuration
+    limits:
+    - burst: 20000
+      qps: 5000
+      type: Server
+  path: ""
diff --git a/templates/var/lib/rancher/k3s/server/manifests/np-01-default-network-dns-policy.yaml.j2 b/templates/var/lib/rancher/k3s/server/manifests/np-01-default-network-dns-policy.yaml.j2
index e0c00b8..9357b4f 100644
--- a/templates/var/lib/rancher/k3s/server/manifests/np-01-default-network-dns-policy.yaml.j2
+++ b/templates/var/lib/rancher/k3s/server/manifests/np-01-default-network-dns-policy.yaml.j2
@@ -2,7 +2,7 @@ apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
   name: default-network-dns-policy
-  namespace: <NAMESPACE>
+  namespace: kube-system
 spec:
   ingress:
   - ports: