This is for our UK Datacenter, other places have their own automated systems which often will automatically null when an attack is detected
Nulling an IP means that any traffic is sent nowhere, a 'null route' (dead end), the IP effectively goes offline, and traffic is dropped. No connections can now be made on it.
Depending on the size, type, and length of attack, we may decide that the best course of action is to null the IP, this will be to protect us and you from unwanted costs, and to help prevent disruption to our network.
An IP can be nulled at several locations, the closest place we null is on our core router, this allows the traffic in, but it will not get beyond our router to our racks, nulls beyond this we can request, but can take longer to action to both null, and unnull.
Length of Null
The length of a null is done entirely on a case by case basis, for very large attacks, network admins will often enforce a 24 hour null, sometimes extending to 48 hours, however, for nulls we carry out ourself, these can be anywhere from a 2-48 hours, in extreme cases we may be forced to null for longer, but these are extremely rare.