Black hole filtering

Black hole filtering is a technique usually used by service providers for traffic filtering without applying access-lists.

The technique is very useful in mitigation of many types of DOS attacks. The idea behind Black hole filtering is very simple; just define the traffic you want to discard and configure a static route pointing to the Null0 interface.

The following rules summarize the technique:

  • Define the suspected traffic by destination.
  • Configure static route pointing this destination to null0.
  • Black hole filtering is based on the destination address of the packet.
  • Packets directed to the Null interface are just discarded.
  • Static routes to the Null0 interface use the same rules of normal static routes (redistribution, AD, etc..).


!-- packets destined to are discarded
ip route null0

!-- Disable ICMP unreachable packets
int null0
no ip unreachables

Check Also

Best AI tools list