The Null Interface

The null interface is the "bit bucket " or "black hole" interface. All traffic sent to this interface is discarded. It is most useful for filtering unwanted traffic, because you can discard traffic simply by routing it to the null interface . You could achieve the same goal using access lists, but access lists require more CPU overhead. If you have fairly simple filtering requirements, it may be more effective to route the offending traffic to the null interface.

There can be only one null interface (null0), and it is always configured. This interface accepts only one configuration command, no ip unreachables. All other commands for this interface are ignored.

interface null 0 no ip unreachables

In Figure 5-2, we have networks 10.10.1.0, 10.10.2.0, and 10.10.3.0 (networks 1, 2, and 3). To keep users on network 2 (10.10.2.0) from reaching network 3 (10.10.3.0), we can add a static route on Router 2 that sends all traffic destined for 10.10.3.0 to the null interface. With this route, any traffic destined for the 10.10.3.0 network from the 10.10.2.0 network is automatically discarded.

Figure 5-2. Filtering with a null interface

Here's the configuration command that creates the static route:

ip route 10.10.3.0 255.255.255.0 null0

The null0 interface is often used as part of a security strategy. Pointing unwanted routes to the null0 interface is a good way of stopping undesirable traffic. You can also use null0 to prevent routing loops when using summarized addresses.