url. • If you want to mitigate/blackhole the client/ip, click the mitigate button to start the process of null routing the ip • Choose blackhole as the format Fill in the form • Offramp prefix should be the ip of the cusomter (including /32) • Select Null route as nexthop • Select both core routers (do so by selecting them and click the black down arrow) (see sheet 6) • Enter communities if you want traffic in upstream provider to be dropped (Hit the set community group to set communities) (see sheet 7 and see sheet 8 vor when to set them) • Choose a timeout (for now 2 hours should do it, or if choose more minutes if you want a good night sleep) Start the magic • Hit the start button to null route! How to add routers Add communities When to null route upstream? • Check the affected routes section in the DoS report (next sheet is an example) • Per port the impact can be seen. If one port of the upstream provider (JointTransit 1x20G, Cogent 2x10G, EUtransit 2x20G)is potentially saturated When to null route upstream?