The null interface, also called Null0, is a black hole interface usually used to prevent routing loops. It is also a virtual interface, so it is always up. A Null0 interface does not forward or receive network traffic. Any traffic sent to this interface is discarded. Access lists (ACLs) can be used to filter unwanted traffic, but using a null route doesn’t require additional CPU overhead. It is an effective method when you have simple traffic filtering requirements.
Another reason for using a null route is to prevent your network from sending any traffic destined to a remote system, whether accidentally or incidentally.
Null Route Example Scenario
To prevent routing loops with Null0, a static null route pointing to the null interface should be created. Static null routes use a summarized IP range. Any packet destined to a specific network route will look for the most specific route first, and if it is not found, it will check the static route pointing to the null interface.
For example, we started a small office. We connected to the Internet and were allocated the 192.168.0.0/20 IP address range. Since we are still starting, we only have two departments currently. We have the Sales and Management departments set up.
However, we are expecting to add more departments as we get established. We used the 192.168.0.0 subnetwork for the point-to-point links, 192.168.1.0/24 for the Management department, and 192.168.2.0/24 for the Sales department. The 192.168.3.0 – 191.168.15.255 IP address range is unused in the network and is reserved for future use.
For the routes, the ISP has a static route for the 192.168.0.0/20 network pointing towards the MainRouter at 172.16.1.2.
ISP(config)#ip route 192.168.0.0 255.255.240.0 172.16.1.2
The MainRouter has a default static route pointed towards the ISP at 172.16.1.1. It also has static routes to the Sales department network at 192.168.1.0/24 and to the Management department network at 192.168.2.0/24. Both of the routes to the Sales and Management departments pass through the SalesRouter and MgmtRouter, respectively.
MainRouter(config)#ip route 0.0.0.0 0.0.0.0 172.16.1.1 MainRouter(config)#ip route 192.168.1.0 255.255.255.0 192.168.0.250 MainRouter(config)#ip route 192.168.2.0 255.255.255.0 192.168.0.254
If we try to send traffic to the unused IP addresses, it will create a loop. For example, if we traceroute to the unused IP address 192.168.10.1 from the ISP, you will see that the packet gets stuck on a loop, and it will utilize bandwidth until the TTL expires.
The loop is created because the packet from the ISP is sent to the MainRouter via the ISP static route to the MainRouter, then we also have a default route to the ISP on the MainRouter which is the longest prefix match for 192.158.10.1. The packet will then be sent back to the ISP, and then it will match the ISP static route to the MainRouter, send it back to ISP again, etc. So, there’s a routing loop there.
ISP#trace 192.168.10.1 Type escape sequence to abort. Tracing the route to 192.168.10.1 1 172.16.1.2 0 msec 0 msec 0 msec 2 172.16.1.1 0 msec 0 msec 0 msec 3 172.16.1.2 0 msec 0 msec 0 msec 4 172.16.1.1 0 msec 0 msec 0 msec ...etc.
Static Null Route Configuration
To prevent the routing loop, we need to configure a null route. The null route is similar to a static route, but it is pointed to the Null0 interface instead.
MainRouter(config)#ip route 192.168.0.0 255.255.240.0 Null0
Now, packets that match the 192.168.0.0/20 network range with no more specific routes on the MainRouter are dropped. Therefore, aside from 192.168.1.0/24 and 192.168.2.0/24 networks, all other traffic to the 192.168.0.0 /20 range is discarded.
If we try to traceroute from the ISP again, you will see that the null route drops the traffic.
ISP#trace 192.168.10.1 Type escape sequence to abort. Tracing the route to 192.168.10.1 1 172.16.1.2 * * * 2 172.16.1.2 * * *
Download our Free CCNA Study Guide PDF for complete notes on all the CCNA 200-301 exam topics in one book.
We recommend the Cisco CCNA Gold Bootcamp as your main CCNA training course. It’s the highest rated Cisco course online with an average rating of 4.8 from over 30,000 public reviews and is the gold standard in CCNA training:
