A carrier reported a problem that the traffic from NE40 to USG5300 is more than the traffic from user to USG5300 about 400M.
Configure the black-hole route to address group.
1. USG5300 and NE40 are connected by using 30-bits-mask network segment. There are 3 28-bits-mask network segments in address group.
2. Internal network user is set “nat outbound” by USG5300. If a external user accessed to address group, the traffic like this would be forwarded to gateway by USG5300, so the traffic of outbound interface increase.