The Null Interface

The null interface is the "bit bucket " or "black hole" interface. All traffic sent to this interface is discarded. It is most useful for filtering unwanted traffic, because you can discard traffic simply by routing it to the null interface . You could achieve the same goal using access lists, but access lists require more CPU overhead. If you have fairly simple filtering requirements, it may be more effective to route the offending traffic to the null interface.

There can be only one null interface (null0), and it is always configured. This interface accepts only one configuration command, no ip unreachables. All other commands for this interface are ignored.

interface null 0
 no ip unreachables

In Figure 5-2, we have networks,, and (networks 1, 2, and 3). To keep users on network 2 ( from reaching network 3 (, we can add a static route on Router 2 that sends all traffic destined for to the null interface. With this route, any traffic destined for the network from the network is automatically discarded.

Figure 5-2. Filtering with a null interface

Here's the configuration command that creates the static route:

ip route null0

The null0 interface is often used as part of a security strategy. Pointing unwanted routes to the null0 interface is a good way of stopping undesirable traffic. You can also use null0 to prevent routing loops when using summarized addresses.

Getting Started

IOS Images and Configuration Files

Basic Router Configuration

Line Commands

Interface Commands

Networking Technologies

Access Lists

IP Routing Topics

Interior Routing Protocols

Border Gateway Protocol

Quality of Service

Dial-on-Demand Routing

Specialized Networking Topics

Switches and VLANs

Router Security

Troubleshooting and Logging

Quick Reference

Appendix A Network Basics


Cisco IOS in a Nutshell
Cisco IOS in a Nutshell (In a Nutshell (OReilly))
ISBN: 0596008694
EAN: 2147483647
Year: 2006
Pages: 1031
Authors: James Boney © 2008-2020.
If you may any questions please contact us: