Static Null Route Explanation and Configuration

The null interface, also called Null0, is a black hole interface usually used to prevent routing loops. It is also a virtual interface, so it is always up. A Null0 interface does not forward or receive network traffic. Any traffic sent to this interface is discarded. Access lists (ACLs) can be used to filter unwanted traffic, but using a null route doesn’t require additional CPU overhead. It is an effective method when you have simple traffic filtering requirements.

Another reason for using a null route is to prevent your network from sending any traffic destined to a remote system, whether accidentally or incidentally.


Null Route Example Scenario

To prevent routing loops with Null0, a static null route pointing to the null interface should be created. Static null routes use a summarized IP range. Any packet destined to a specific network route will look for the most specific route first, and if it is not found, it will check the static route pointing to the null interface.

For example, we started a small office. We connected to the Internet and were allocated the IP address range. Since we are still starting, we only have two departments currently. We have the Sales and Management departments set up.

However, we are expecting to add more departments as we get established. We used the subnetwork for the point-to-point links, for the Management department, and for the Sales department. The – IP address range is unused in the network and is reserved for future use.

null route


For the routes, the ISP has a static route for the network pointing towards the MainRouter at

ISP(config)#ip route


The MainRouter has a default static route pointed towards the ISP at It also has static routes to the Sales department network at and to the Management department network at Both of the routes to the Sales and Management departments pass through the SalesRouter and MgmtRouter, respectively.

MainRouter(config)#ip route
MainRouter(config)#ip route
MainRouter(config)#ip route


If we try to send traffic to the unused IP addresses, it will create a loop. For example, if we traceroute to the unused IP address from the ISP, you will see that the packet gets stuck on a loop, and it will utilize bandwidth until the TTL expires.

The loop is created because the packet from the ISP is sent to the MainRouter via the ISP static route to the MainRouter, then we also have a default route to the ISP on the MainRouter which is the longest prefix match for The packet will then be sent back to the ISP, and then it will match the ISP static route to the MainRouter, send it back to ISP again, etc. So, there’s a routing loop there.

Type escape sequence to abort.
Tracing the route to

1 0 msec 0 msec 0 msec
2 0 msec 0 msec 0 msec
3 0 msec 0 msec 0 msec
4 0 msec 0 msec 0 msec


Static Null Route Configuration

To prevent the routing loop, we need to configure a null route. The null route is similar to a static route, but it is pointed to the Null0 interface instead.

MainRouter(config)#ip route Null0


Now, packets that match the network range with no more specific routes on the MainRouter are dropped. Therefore, aside from and networks, all other traffic to the /20 range is discarded.

If we try to traceroute from the ISP again, you will see that the null route drops the traffic.

Type escape sequence to abort.
Tracing the route to

1 * * *
2 * * *


Download our Free CCNA Study Guide PDF for complete notes on all the CCNA 200-301 exam topics in one book.

We recommend the Cisco CCNA Gold Bootcamp as your main CCNA training course. It’s the highest rated Cisco course online with an average rating of 4.8 from over 30,000 public reviews and is the gold standard in CCNA training: