All Products
Search
Document Center

Anti-DDoS:View the thresholds that trigger blackhole filtering in Anti-DDoS Basic

Last Updated:Nov 13, 2024

Anti-DDoS Basic provides the DDoS mitigation capability for some Alibaba Cloud services free of charge. When the peak attack bandwidth of DDoS attacks exceeds the mitigation capability provided for a service, blackhole filtering is triggered for the service. This topic describes the thresholds at which Anti-DDoS Basic automatically triggers blackhole filtering in each region.

Blackhole filtering thresholds

Note
  • Blackhole filtering thresholds vary based on the instance type and bandwidth that you purchase. For more information, go to the Assets page of the Traffic Security console for more details. For more information, see View the Assets page.

  • To obtain the blackhole filtering threshold for a Cloud Web Hosting instance, view the blackhole filtering threshold for an Elastic Compute Service (ECS) instance of the same instance type in the following table.

    Blackhole filtering thresholds for shared Cloud Web Hosting instances are not fixed because multiple shared Cloud Web Hosting instances share one IP address. The blackhole filtering threshold for shared Cloud Web Hosting instances is lower than the blackhole filtering threshold for exclusive Cloud Web Hosting instances in the same region. If volumetric DDoS attacks occur on a shared Cloud Web Hosting instance and blackhole filtering is triggered, other shared Cloud Web Hosting instances that share the same IP address with the instance cannot be accessed. If your service requires high security and stability, we recommend that you purchase exclusive Cloud Web Hosting instances or ECS instances.

  • In the following table, a tick (√) indicates that the feature is supported and a cross (×) indicates that the feature is not supported.

Region

Support IPv4

Support IPv6

ECS instance with one vCPU and simple application server with one vCPU

ECS instances with two vCPUs

ECS instance with four or more vCPUs

SLB instance, EIP, EIP that is associated with a NAT gateway, EIP that is associated with an IPv6 gateway, Anycast EIP, WAF instance, and GA instance

China (Hangzhou)

500 Mbit/s

1 Gbit/s

5 Gbit/s

5 Gbit/s

China (Shanghai)

500 Mbit/s

1 Gbit/s

2 Gbit/s

2 Gbit/s

China (Nanjing - Local Region)

×

500 Mbit/s

1 Gbit/s

1 Gbit/s

1 Gbit/s

China (Fuzhou - Local Region)

500 Mbit/s

1 Gbit/s

1 Gbit/s

1 Gbit/s

China (Wuhan - Local Region)

×

500 Mbit/s

1 Gbit/s

1 Gbit/s

1 Gbit/s

China (Qingdao)

500 Mbit/s

1 Gbit/s

2 Gbit/s

2 Gbit/s

China (Beijing)

500 Mbit/s

1 Gbit/s

2 Gbit/s

2 Gbit/s

China (Zhangjiakou)

500 Mbit/s

1 Gbit/s

2 Gbit/s

2 Gbit/s

China (Hohhot)

500 Mbit/s

1 Gbit/s

2 Gbit/s

2 Gbit/s

China (Ulanqab)

500 Mbit/s

1 Gbit/s

2 Gbit/s

2 Gbit/s

China (Shenzhen)

500 Mbit/s

1 Gbit/s

2 Gbit/s

2 Gbit/s

China (Heyuan)

500 Mbit/s

1 Gbit/s

2 Gbit/s

2 Gbit/s

China (Guangzhou)

500 Mbit/s

1 Gbit/s

2 Gbit/s

2 Gbit/s

China (Chengdu)

500 Mbit/s

1 Gbit/s

2 Gbit/s

2 Gbit/s

China (Hong Kong)

500 Mbit/s

500 Mbit/s

500 Mbit/s

500 Mbit/s

Japan (Tokyo)

500 Mbit/s

500 Mbit/s

500 Mbit/s

500 Mbit/s

Singapore

500 Mbit/s

500 Mbit/s

500 Mbit/s

500 Mbit/s

Malaysia (Kuala Lumpur)

500 Mbit/s

500 Mbit/s

500 Mbit/s

500 Mbit/s

Indonesia (Jakarta)

500 Mbit/s

500 Mbit/s

500 Mbit/s

500 Mbit/s

South Korea (Seoul)

500 Mbit/s

500 Mbit/s

500 Mbit/s

500 Mbit/s

Germany (Frankfurt)

500 Mbit/s

500 Mbit/s

500 Mbit/s

500 Mbit/s

UK (London)

×

500 Mbit/s

500 Mbit/s

500 Mbit/s

500 Mbit/s

US (Silicon Valley)

500 Mbit/s

1 Gbit/s

2 Gbit/s

2 Gbit/s

US (Virginia)

500 Mbit/s

500 Mbit/s

500 Mbit/s

500 Mbit/s

UAE (Dubai)

×

500 Mbit/s

500 Mbit/s

500 Mbit/s

500 Mbit/s

Thailand (Bangkok)

500 Mbit/s

500 Mbit/s

500 Mbit/s

500 Mbit/s

SAU (Riyadh - Partner Region)

500 Mbit/s

500 Mbit/s

500 Mbit/s

500 Mbit/s

Philippines (Manila)

500 Mbit/s

500 Mbit/s

500 Mbit/s

500 Mbit/s

References