Enabling the Second-Level Blackhole

Real-time statistics about traffic destined to a specified IP address is collected for comparison with the threshold every second. When the traffic of a specified IP address exceeds the blackhole threshold, the corresponding blackhole action is triggered.

Procedure

  1. Configure the notification mode of second-level blackhole event.
  2. Set the blackhole mode of the Zone.
  3. Enable the second-level blackhole.
    1. Choose Defense > Policy Settings > Zone.
    2. Click of the Zone.
    3. In the Defense Policy dialog box, configure a blackhole policy. Table 1 lists related parameters.
      Table 1 Blackhole parameter configuration

      Parameter

      Description

      Second-Level Blackhole

      Select Enabled.

      Threshold (Mbit/s)

      Set the blackhole threshold.

      When the traffic exceeds the value of Threshold, enable the corresponding blackhole type for defense.

      Type

      Set the blackhole type to LPU blackhole.
    4. Click OK.
Parent topic: Dynamic Blackhole Policy
Copyright © Huawei Technologies Co., Ltd.