Pulse:Stay updated, Stay Relevant

Pulse helps network engineers like you stay updated with the networking industry news everyday for FREE

Pulse: All the updates you need to know in one place

Stay relevant with the information that you need to know about the networking market for FREE

MegaSh: Never forget a command again

150+ *nix Cheatsheets in one page to give your super powers :)

Black hole filtering

Black hole filtering is a technique usually used by service providers for traffic filtering without applying access-lists.

The technique is very useful in mitigation of many types of DOS attacks. The idea behind Black hole filtering is very simple; just define the traffic you want to discard and configure a static route pointing to the Null0 interface.

The following rules summarize the technique:

  • Define the suspected traffic by destination.
  • Configure static route pointing this destination to null0.
  • Black hole filtering is based on the destination address of the packet.
  • Packets directed to the Null interface are just discarded.
  • Static routes to the Null0 interface use the same rules of normal static routes (redistribution, AD, etc..).

Example:

!-- packets destined to 192.168.1.1 are discarded
ip route 192.168.1.1 255.255.255.255 null0

!-- Disable ICMP unreachable packets
int null0
no ip unreachables

You might also like

- Stay on top of AI tools
- 150+ Linux Devops cheatsheets in one page
- Classic DC and M-LAG
- text2pcap - How to convert ASCII packet dumps to .pcap files?
- CCIE SPv4.1 Blueprint Resources

Check Also

Best AI tools list