What is a black hole?
A black hole means that when the inbound traffic rate of an external network IP exceeds the limit threshold of its data center, the IP will trigger the traffic blocking mechanism, that is, the access traffic to the IP will be discarded.
Necessity of black hole strategy
Why is there a black hole strategy? Why can't you directly help users resist attacks for free?
- When a large traffic attack occurs, the entire cloud network will be affected except by the attacker. In order to avoid expanding the scope of influence, a black hole strategy is required.
- DDoS defense requires two costs: 1) bandwidth cost and 2) cleaning cost. The biggest cost is bandwidth fees, and operators such as China Unicom, China Telecom, and China Mobile who charge bandwidth fees will not distinguish between normal traffic and attack traffic. UCloud will try its best to provide customers with basic attack defense, but when the attack exceeds the limited threshold, it needs to adopt a black hole strategy to block the IP.
How long is a black hole?
The blocked IP will be unsealed 24 hours later.
be careful:
For users who have triggered the blocking mechanism more than three times in the last week, UCloud reserves the right to extend the blocking time, restrict the purchase of Internet IP, unbind and freeze Internet IP and other measures.
What should I do if I get caught in a black hole?
What should I do if I don't want to be black holed and want to avoid DDoS attacks affecting my business?
If it is a domestic computer room:
After being attacked, it is recommended to replace the IP address of the source station and access it in order to prevent the IP address from being attacked again and affecting the service Advanced defense Protect.
If it is an overseas computer room:
After being attacked, there is no need to change the IP address of the source station, and overseas protection services are used to ensure the normal operation of the business.
Attachment: Protection threshold of each data center
Regional name |
Subordinate zone |
Protection threshold |
Beijing II |
Zone B/C/D/E |
3Gbps |
Shanghai I |
Zone A |
2Gbps |
Shanghai II |
Zone A/B/C |
2Gbps |
Guangzhou |
Zone B |
2Gbps |
Hong Kong |
Zone A/B |
1Gbps, 800Mbps for inland lines |
Los Angeles |
Zone A |
1Gbps |
Washington |
Zone A |
1Gbps |
Frankfurt |
Zone A |
1Gbps |
Bangkok |
Zone A/B |
2Gbps, Thailand international line 1000Mbps |
Seoul |
Zone A |
1Gbps |
Singapore |
Zone A |
1Gbps |
Moscow |
Zone A |
1Gbps |
Tokyo |
Zone A |
1Gbps |
Taipei |
Zone A |
1Gbps |
Dubai |
Zone A |
1Gbps |
Jakarta |
Zone A |
1Gbps |
bombay |
Zone A |
1Gbps |
Sao Paulo |
Zone A |
1Gbps |
London |
Zone A |
1Gbps |
Lagos |
Zone A |
900Mbps |
Ho Chi Ming City |
Zone A |
1Gbps |
Manila |
Zone A |
1Gbps |
Note: The Hong Kong machine room will be blocked if the line back to the mainland exceeds 800M.
Original article by Mo Tao, if reproduced, please indicate the source: https://imotao.com/4998.html