SMARTNET
Home / Learn / Scrubbing Center
SMARTNET Learn

Scrubbing Center

A scrubbing center receives attack traffic, filters malicious packets, and forwards the remaining legitimate traffic to the destination.

What it is

A scrubbing center is filtering infrastructure placed between the attack traffic and the target. Its job is not just to drop packets, but to separate attack traffic from legitimate traffic under load.

That means it needs enough bandwidth, packet processing capacity and filtering logic to absorb the attack while still forwarding valid traffic.

How traffic gets there

Traffic is usually redirected to the scrubbing center either inline or through a tunnel such as GRE. Once traffic arrives, the filtering path decides which packets should be dropped, rate-limited or forwarded.

The destination server or customer edge then receives only the traffic that survived the filtering process.

Basic flow

attack + legitimate traffic → scrubbing center →
filter / classify / drop malicious packets →
forward clean traffic to destination

What a scrubbing center needs

  • Sufficient bandwidth to absorb incoming attack traffic
  • High packet processing capacity under small-packet floods
  • Fast filtering logic for early decisions
  • A forwarding path for legitimate traffic after filtering

What makes it difficult

The difficult part is not dropping everything. The difficult part is preserving legitimate traffic while the attack is still in progress.

If the filtering path is too state-heavy, too slow or too late in the pipeline, the scrubbing center becomes the bottleneck itself. That is why packet rate, lookup complexity and forwarding overhead matter just as much as bandwidth.

Inline vs tunneled deployment

Inline deployment usually gives the cleanest performance because traffic already passes through the mitigation path. Tunnel-based deployment is often easier to deploy because the customer can keep infrastructure in place and redirect traffic only when needed.

The trade-off is that tunnels add overhead and create more path dependency around MTU, encapsulation and routing.

Why scrubbing centers exist

Most customer infrastructure is not built to absorb large packet floods directly. A scrubbing center moves the fight upstream, closer to the network edge and further away from the target system.

That gives the mitigation provider more room to absorb traffic and more control over how filtering is applied.

Related topics

BGP FlowSpecHow filtering rules can be distributed across routers UDP Amplification AttacksExample of attack traffic often cleaned upstream GRE MTU OverheadWhy tunnel deployment needs MTU attention Stateful vs Stateless FilteringWhy filtering method decides how far the path scales