Black hole (networking)

From Wikipedia, the free encyclopedia

This article is about the networking term. For other uses, see Black hole (disambiguation).

In networking, black holes refer to places in the network where incoming traffic is silently discarded (or "dropped"), without informing the source that the data did not reach its intended recipient.

When examining the topology of the network, the black holes themselves are invisible, and can only be detected by monitoring the lost traffic; hence the name.

Contents 1 Dead addresses 2 Firewalls and "stealth" ports 3 Black hole filtering 4 See also 5 External links

[edit] Dead addresses

The most common form of black hole is simply an IP address that specifies a host machine which isn't running, or an address which no host has been assigned.

Even though TCP/IP provides means of communicating the delivery failure back to the sender via ICMP, traffic destined for such addresses is often just dropped.

[edit] Firewalls and "stealth" ports

Most firewalls can be configured to silently discard packets addressed to forbidden hosts or ports, resulting in small or large "black holes" in the network.

[edit] Black hole filtering

Black hole filtering refers specifically to dropping packets at the routing level, usually using a routing protocol to implement the filtering on several routers at once, often dynamically to respond quickly to distributed denial-of-service attacks.

[edit] See also

• /dev/null
• Internet background noise

[edit] External links

• Remotely triggered black hole filtering (Cisco Systems)