Anti-DDoS Basic may actively trigger a black hole to lock network access to the instance if the data transfer rate exceeds the default black hole threshold (unit: bps). Once in a black hole, the instance under attack cannot be unblocked.
See the following table for the default threshold settings for different regions.
- The default threshold settings apply to ECS, SLB, and EIP.
- The actual black hole threshold of your ECS, SLB, or EIP instance also indicates the type and network bandwidth of the instance, and is subject to the threshold in the Alibaba Cloud console. For more information, see How to check the black hole threshold of your instance?
|Region||Solo-Core CPU ECS||Duo-Core CPU ECS||Quad-Core or higher CPU ECS||SLB and EIP|
|East China 1||500 M||1 G||5 G||5 G|
|East China 2||500 M||1 G||2 G||2 G|
|North China 1||500 M||1 G||5 G||5 G|
|North China 2||500 M||1 G||2 G||2 G|
|North China 3||500 M||1 G||2 G||2 G|
|South China 1||500 M||1 G||2 G||2 G|
|Hong Kong||500 M||500 M||500 M||500 M|
|US East 1||500 M||500 M||500 M||500 M|
|US West 1||500 M||1G||2G||2 G|
|Tokyo||500 M||500 M||500 M||500 M|
|Singapore||500 M||500 M||500 M||500 M|
|Sydney||500 M||500 M||500 M||500 M|
|Kuala Lumpur||500 M||500 M||500 M||500 M|
|Mumbai||500 M||1 G||1 G||1 G|
|Frankfurt||500 M||500 M||500 M||500 M|
|Dubai||500 M||500 M||500 M||500 M|
The black hole duration is the amount of time the triggered black hole lasts, 2.5 hours by default. The actual black hole duration varies from 30 minutes to 24 hours, depending on attack intensity. Additionally, the following factors are considered:
The black hole duration is extended, if the attack continues.
The black hole duration is shortened automatically when the ECS instance is attacked for the first time, but can be prolonged accordingly, if under frequent attacks.
Note: If an ECS instance triggers too many black holes, Alibaba Cloud Security reserves the right to extend the black hole duration and lower its threshold. For actual duration and threshold information, see the Alibaba Cloud console.
Follow these steps to check the actual black hole threshold of your ECS, SLB, or EIP instance:
Log on to Alibaba Cloud Security console.
Select Anti-DDoS Basic, and select the region of the ECS, SLB, or EIP instance that you want to check with.
Select ECS, Server Load Balance, or EIP, locate the instance, and check the actual black hole threshold of the instance.
A higher capacity for DDoS mitigation can be obtained at Anti-DDoS Pro. Anti-DDoS Pro provides up to 300 Gbps (Mainland China) and 100 Gbps (Hong Kong and Singapore) DDoS mitigation with a better performance.