Anti-DDoS
Anti-DDoS
- What's New
- Service Overview
- User Guide
- Best Practices
-
FAQs
-
About Anti-DDoS
- What Is Anti-DDoS?
- What Are a SYN Flood Attack and an ACK Flood Attack?
- What Is a CC Attack?
- What Is a Slow HTTP Attack?
- What Are a UDP Attack and a TCP Attack?
- What Is the Million-level IP Address Blacklist Database?
- How Will Anti-DDoS Be Triggered to Scrub Traffic?
- Does Anti-DDoS Traffic Cleaning Affect Normal Services?
- How Does Anti-DDoS Scrub Traffic?
- What Are the Restrictions of Anti-DDoS?
- What Is the Protection Capacity of Anti-DDoS?
- What Data Can Be Provided by Anti-DDoS?
- In Which Regions Is Anti-DDoS Available?
- What Is the Maximum Protection Capacity Provided by HUAWEI CLOUD Anti-DDoS for Free?
- Which Services Can Use Anti-DDoS?
- Can Anti-DDoS Be Used Across Clouds?
- How to Determine Whether an Attack Occurs?
-
About Basic Functions
- What Are Regions and AZs?
- What Is the HTTP Request Threshold Set for Anti-DDoS Protection?
- What Would Happen When I Am Under a DDoS Attack Exceeding 500 Mbit/s?
- Which Types of Attacks Does Anti-DDoS Mitigate?
- What Should I Do If My Service Is Frequently Attacked?
- What Is the Difference Between ELB Protection and ECS Protection?
- Why Is the Number of Times of Cleaning Different from the Number of Attacks for the Same Public IP Address?
- Is Anti-DDoS Enabled by Default?
- Does Anti-DDoS Protect a Region or a Single IP Address?
- Do I Need to Clear the Resources of Anti-DDoS When I Delete an Account?
- How Do I View the Traffic Cleaning Frequency?
- How Can I View Anti-DDoS Protection Statistics?
- How Can I View Public IP Address Monitoring Data in Anti-DDoS?
- How Can I View an Interception Report?
- Can I Disable Anti-DDoS Completely?
- How Do I Check Whether the Inbound Traffics Are Routed Through Anti-DDoS Devices?
- About Threshold and Black Hole
- About Alarm notification
- Change History
-
About Anti-DDoS
- Glossary
-
More Documents
-
User Guide (ME-Abu Dhabi Region)
- Service Overview
- Viewing a Public IP Address
- Enabling Alarm Notification
- Configuring an Anti-DDoS Protection Policy
- Viewing a Monitoring Report
- Viewing an Interception Report
-
FAQs
-
About Anti-DDoS
- What Is Anti-DDoS?
- What Are a SYN Flood Attack and an ACK Flood Attack?
- What Is a CC Attack?
- What Is a Slow HTTP Attack?
- What Are a UDP Attack and a TCP Attack?
- What Is the Million-level IP Address Blacklist Database?
- How Will Anti-DDoS Be Triggered to Scrub Traffic?
- Does Anti-DDoS Traffic Cleaning Affect Normal Services?
- How Does Anti-DDoS Scrub Traffic?
- What Are the Restrictions of Anti-DDoS?
- About Basic Functions
- About Alarm notification
-
About Anti-DDoS
- Change History
-
API Reference (ME-Abu Dhabi Region)
- Before You Start
- API Overview
- API Calling
-
API
-
Anti-DDoS APIs
- Querying Optional Anti-DDoS Defense Policies
- Querying Configured Anti-DDoS Defense Policies
- Updating Anti-DDoS Defense Policies
- Querying Anti-DDoS Tasks
- Querying the List of Defense Statuses of EIPs
- Querying the Defense Status of a Specified EIP
- Querying the Traffic of a Specified EIP
- Querying Events of a Specified EIP
- Querying Weekly Defense Statistics
- Alarm Reminding APIs
-
Anti-DDoS APIs
- Appendix
- Change History
-
User Guide (Kuala Lumpur Region)
- Service Overview
- Viewing a Public IP Address
- Enabling Alarm Notification
- Configuring an Anti-DDoS Protection Policy
- Viewing a Monitoring Report
- Viewing an Interception Report
-
FAQs
-
About Anti-DDoS
- What Is Anti-DDoS?
- What Are a SYN Flood Attack and an ACK Flood Attack?
- What Are a UDP Attack and a TCP Attack?
- What Is the Million-level IP Address Blacklist Database?
- How Will Anti-DDoS Be Triggered to Scrub Traffic?
- Does Anti-DDoS Traffic Cleaning Affect Normal Services?
- How Does Anti-DDoS Scrub Traffic?
- What Are the Restrictions of Anti-DDoS?
- About Basic Functions
- About Alarm notification
-
About Anti-DDoS
- Change History
-
API Reference (Kuala Lumpur Region)
- Before You Start
- API Overview
- API Calling
-
API
-
DDoS Protection Management
- Querying the List of Defense Statuses of EIPs
- Querying Anti-DDoS specifications
- Querying Weekly Defense Statistics
- Querying Configured Anti-DDoS Defense Policies
- Enabling Anti-DDoS
- Updating Anti-DDoS Defense Policies
- Querying the Traffic of a Specified EIP
- Querying Events of a Specified EIP
- Querying the Defense Status of a Specified EIP
- Anti-DDoS Task Management
- Alarm Configuration Management
-
DDoS Protection Management
- Status Code
- Anti-DDoS Error Codes
- Obtaining a Project ID
- Change History
-
User Guide (Ankara Region)
- Service Overview
- Enabling Anti-DDoS
- Viewing a Public IP Address
- Enabling Alarm Notification
- Configuring an Anti-DDoS Protection Policy
- Viewing a Monitoring Report
- Viewing an Interception Report
-
FAQs
-
About Anti-DDoS
- What Is Anti-DDoS?
- What Are a SYN Flood Attack and an ACK Flood Attack?
- What Is a CC Attack?
- What Is a Slow HTTP Attack?
- What Are a UDP Attack and a TCP Attack?
- What Is the Million-level IP Address Blacklist Database?
- How Will Anti-DDoS Be Triggered to Scrub Traffic?
- Does Anti-DDoS Traffic Cleaning Affect Normal Services?
- How Does Anti-DDoS Scrub Traffic?
- What Are the Restrictions of Anti-DDoS?
- About Basic Functions
- About Alarm notification
-
About Anti-DDoS
- Change History
-
API Reference (Ankara Region)
- Before You Start
- API Overview
- API Calling
-
API
-
Anti-DDoS APIs
- Querying Optional Anti-DDoS Defense Policies
- Enabling Anti-DDoS
- Querying Configured Anti-DDoS Defense Policies
- Updating Anti-DDoS Defense Policies
- Querying Anti-DDoS Tasks
- Querying the List of Defense Statuses of EIPs
- Querying the Defense Status of a Specified EIP
- Querying the Traffic of a Specified EIP
- Querying Events of a Specified EIP
- Querying Weekly Defense Statistics
- Alarm Reminding APIs
-
Anti-DDoS APIs
- Appendix
- Change History
-
User Guide (ME-Abu Dhabi Region)
- General Reference
On this page
Copied.
Black Hole Policy
A black hole will be triggered to block accesses from the Internet within a time range when a cloud server is under volumetric traffic attacks.
What Is a Black Hole?
A black hole refers to a situation where access to a cloud server is blocked by HUAWEI CLOUD because the attack traffic targeting the cloud server exceeds the configured black hole threshold. The system automatically deactivates the black hole 24 hours after the access to a cloud server is blocked. If the system detects that the attack traffic still persists and exceeds the threshold, the access will be blocked again.
The black hole service is purchased from the carrier, who has restrictions on the time and frequency of its deactivation. Therefore, the black hole cannot be manually deactivated. You need to wait until the system automatically deactivates it.
Why Is the Black Hole Policy Used?
DDoS attack mitigation is costly, especially in the bandwidth fees. Bandwidth is purchased by HUAWEI CLOUD from carriers. Carriers do not take the cleaned part out when charging HUAWEI CLOUD for bandwidth fees. HUAWEI CLOUD provides as much free defense as possible. However, when the attack traffic exceeds the threshold, it will route traffic to a black hole. To ensure service continuity, it is a better choice to purchase Advanced Anti-DDoS to expand protection capabilities.
Parent topic: Concepts
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
