> For the complete documentation index, see [llms.txt](https://docs.console.zenlayer.com/welcome/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.console.zenlayer.com/welcome/elastic-compute/ddos-protection/04-eip-blocked-rules.md). # EIP Blocked Rules EIP Blocked Rules are available in every region and are always active. When traffic to or from an EIP crosses a configured threshold, the rules trigger automatically — no DDoS Protection required. In regions without DDoS Protection, this is your primary inbound defense. In regions with DDoS Protection, it operates as a second layer after cleaning. ## How It Works Each EIP is assigned a set of traffic thresholds. The system continuously monitors traffic metrics and compares them against these thresholds. When any threshold is exceeded, the system takes protective action: * **Inbound threshold breach (BPS, PPS, or InCPS):** Traffic to the affected EIP is blackholed, dropping all inbound packets to prevent the attack from saturating your instance or impacting other tenants. * **Outbound threshold breach (OutCPS):** Internet connectivity for the affected EIP is restricted at the network interface level, preventing a potentially compromised instance from participating in outbound attacks. ## Configurable Thresholds Each EIP supports both system-default and custom thresholds. Custom thresholds allow you to fine-tune protection to match your specific workload characteristics. To adjust thresholds for a specific EIP, navigate to the [Elastic IPv4](https://console.zenlayer.com/zec/elastic-ip) page, find the target EIP, click the **⋯** menu in the Actions column, and select **Change Block Threshold**. Blocking actions are temporary and automatically expire after a configurable duration (default: 2 hours), after which traffic is re-evaluated. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.console.zenlayer.com/welcome/elastic-compute/ddos-protection/04-eip-blocked-rules.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.