Black Hole Filtering
Black hole filtering is an alternative technique you can deploy in place of access control lists to filter out undesired traffic. You create black hole filters by creating specific routes for the traffic that needs to be filtered and then pointing these routes to a null interface. A null interface cannot pass traffic, so it drops the traffic. This has some performance gains over traditional access list filtering. In the case of access lists, the traffic first has to be routed and then subjected to access list processing, which in and of itself can be intensive. However, all that needs to be done in the case of null route filtering, is to route the traffic, saving a resource-intensive step. However, note that null routing ...
Get Network Security Principles and Practices now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
