Remote Blackholing: Fighting DDoS closer to the source

With DE-CIX’s GlobePEER Remote service, you can announce Blackholes at remote DE-CIX Internet Exchanges.  As a result, traffic is dropped closer to the source of the DDoS traffic creation. Dropping DDoS traffic closer to the source of origin takes the load off your backbones and network, so your peering and transit connections are unburdened. This reduces operational complexity and saves money.

Benefits of using remote Blackholing

  • DDoS traffic is dropped closer to the source
  • Your backbones and network are relieved of DDoS traffic
  • Transit and peering connections closer to your service region are unburdened
  • Attack volumes and collateral damage in your service region are reduced
  • The operational complexity of mitigating DDoS attacks is reduced
  • Money is saved

Cost-efficient way to get rid of DDoS traffic 

Remote Blackholing can be used in combination with DE-CIX’s GlobePEER Remote service. A low-bandwith GlobePEER Remote service to a certain remote DE-CIX Internet Exchange (e.g. Frankfurt if you already have a presence at DE-CIX New York) is sufficient to be able to trigger Blackholes at this remote DE-CIX exchange. Traffic-heavy peering relationships at this remote exchange are not required.

How remote Blackholing works - Example

DDoS attack traffic flows from Europe to a host in New York, coming in via various peering and transit connections (see picture A). By announcing a Blackhole at DE-CIX Frankfurt, DDoS traffic is automatically dropped there. This eases the traffic load of transatlantic network connections and leaves more capacity for legitimate traffic (see picture B). 

Picture A: DDoS attack traffic flows from Europe to a host in New York via various peering and transit connections

Picture B: By announcing a Blackhole at DE-CIX Frankfurt, DDoS traffic is automatically dropped there