Gremlin Docs Logo
Go to app
Quick Start Guides
AWS Quick Start Guide
Reliability Management (RM) Quick Start Guide
Getting Started
Compatibility
Installing the Gremlin Agent
Authenticating the Gremlin Agent
Configuring the Gremlin Agent
Enabling DNS collection
Enabling AWS PrivateLink
Platform
Private Network Integration Agent
Managing the Gremlin Agent
Updating Gremlin
Managing Users and Teams
Configuring Role Based Access Control (RBAC)
User Authentication via SAML and Okta
Managing Kubernetes namespaces
Integrations
Health Checks
Restricting Testing Times
Command Line Interface
Reports
Managing running, scheduled, and past experiments
Gremlin Private Edition
Reliability Management
Services and Dependencies
Detected Risks
Test Suites
Reliability Tests
Reliability Score
Fault Injection
Targets
Experiments
Scenarios
GameDays
Failure Flags
Failure Flags
Deploying Failure Flags on AWS Lambda
Deploying Failure Flags on AWS ECS
Deploying Failure Flags on Kubernetes
Deploying Failure Flags on the Istio service mesh via Envoy
Deploying Failure Flags on Pivotal Cloud Foundry (PCF)
Installing the Failure Flags SDK
Running Failure Flags experiments
API Reference
Getting started with the Gremlin API
Classes, methods, & attributes
API examples
Security
Security
Container security
Release Notes
GeneralLinuxIntegration Agent for LinuxWindowsChaoHelmFailure Flags: SidecarFailure Flags: Lambda Extension
Resources
Gremlin User Community SlackBlogTutorialsGlossary
Start your 30 day free trial.
START FOR FREE
Docs Home
Fault Injection
Blackhole Experiment

Blackhole Experiment

Supported platforms:

Linux
,
Windows
,
Containers
,
Kubernetes
,

The Blackhole experiment drops inbound and outbound network traffic. You can specify the type of traffic to impact by hostname, port, IP address, and additional arguments.

Blackhole drops IP packets at the transport layer (Layer 4) of the OSI model. This includes TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) traffic. Like most network experiments, Blackhole does not impact traffic to and from api.gremlin.com by default. This allows the agent to communicate with the Gremlin Control Plane during an experiment. It does not impact DNS traffic for this same reason. If you want to drop DNS traffic, use the DNS experiment.

Options

Parameter Flag Default Version Description
IP Addresses -i IP address 0.0.1 Only impact traffic to these IP addresses. Also accepts CIDR values (i.e. 10.0.0.0/24 ).
Device -d interfaces Device discovery 0.0.1 Impact traffic over these network interfaces. Comma separated lists and multiple arguments supported. You can define multiple interfaces starting with agent version 2.30.0.
Hostnames -h hostnames ^api.gremlin.com 0.0.1 Only impact traffic to these hostnames.
Remote Ports -p port numbers ^53 0.0.1 Impact outgoing and incoming traffic to and from these remote ports. Also accepts port ranges (e.g. 8080-8085 ).
Local Ports -n port numbers 0.0.1 Impact outgoing and incoming traffic to and from these local ports. Also accepts port ranges (e.g. 8080-8085 ).
Protocol -P {TCP, UDP, ICMP} all 1.5.3 Only impact a specific protocol.
Providers WebUI and API Only 0.0.1 External service providers to affect.
Tags WebUI and API Only 0.0.1 Only impact traffic to hosts running Gremlin clients associated with these tags.
Don't Derive Exclusion Rules -E 2.51.1

Alternatively: --no-derived-exclusion-rules.

When this flag is not supplied, Gremlin will exclude its connection to api.gremlin.com, including intermediate proxies. This option disables that behavior.
Length -l int 60 0.0.1 The length of the experiment ().

Platform-specific notes

Linux

On Linux, Gremlin uses traffic policing features built into the Linux kernel to drop matching IP packets. This experiment requires the NET_ADMIN capability, which is enabled by default at installation time. See capabilities(7).

Windows

On Windows, Gremlin uses the Windows Filtering Platform to drop targeted IP packets.

Privileges required

Privilege Description
FAULT_BLACKHOLEAllows performing blackhole experiments
Process Killer Experiment
Previous
Previous
Certificate Expiry Experiment
Next
Next
On this page
Back to top