The Null Interface
The null interface is the “bit bucket” or “black hole” interface. All traffic sent to this interface is discarded. It is most useful for filtering unwanted traffic, because you can discard traffic simply by routing it to the null interface. You could achieve the same goal using access lists, but access lists require more CPU overhead. If you have fairly simple filtering requirements, it may be more effective to route the offending traffic to the null interface.
There can be only one null interface (null0), and
it is always configured. This interface accepts only one
configuration command, no
ip
unreachables. All other commands for this
interface are ignored.
interface null 0 no ip unreachables
In Figure 5-2, we have networks 10.10.1.0, 10.10.2.0, and 10.10.3.0 (networks 1, 2, and 3). If we do not want users on network 2 (10.10.2.0) to reach network 3 (10.10.3.0), we can add a static route on Router 2 that sends all traffic destined for 10.10.3.0 to the null interface. With this route, any traffic destined for the 10.10.30 network from the 10.10.2.0 network will be automatically discarded. Here’s the configuration command that creates the static route:
ip route 10.10.3.0 255.255.255.0 null0

Figure 5-2. Filtering with a null interface
The null0 interface is often used as part of a
security strategy. Pointing unwanted
routes to the null0 interface is a good way of stopping ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access