{{channelName}} Blackhole Strategy

What is a Blackhole?

A blackhole refers to when the inbound traffic rate from an external network IP exceeds the threshold set by its data center, this IP will trigger the traffic blocking mechanism, that is, the access traffic to this IP will be discarded.

The Necessity of Blackhole Strategy

Why is there a blackhole strategy? Why can’t users directly resist attacks for free?

1. When a large traffic attack occurs, in addition to the attacked, the entire cloud network will be affected. In order to prevent the impact range from expanding, a blackhole strategy is needed.
2. DDoS defense requires cost in two aspects: 1) Bandwidth cost, 2) Cleaning cost. The biggest cost is the bandwidth fee, and the bandwidth fee charged by telecom operators such as Unicom, Telecom, and Mobile will not distinguish between normal traffic and attack traffic. {{channelName}} will do its best to provide basic attack defense for customers, but when the attack exceeds the set threshold, it needs to adopt a blackhole strategy to block IPs.

How long is the blackhole period?

For blocked IPs, they are generally unblocked after 24 hours.

Note:

For users that have triggered the blocking mechanism multiple times in the last week, {{channelName}} reserves the right to extend the blocking time, restrict the purchase of external network IPs, and unbind and freeze external network IPs.

What if my IP gets blackholed?

If you don’t want to be blackholed and want to avoid the impact of DDoS attacks on your business, what should you do?

If you are in a domestic data center:

After being attacked, in order to avoid the IP being attacked again and affecting business, it is recommended to change the source station IP and access
UDDoS for protection.

If you are in an overseas data center:

After being attacked, there is no need to change the source station IP. Use the overseas protection service to ensure the normal operation of the business.

Attachment: The Protection Threshold of Each Data Center