Null interface question

Answered Question

Hi,

I'm currently prepared my BCMSN certification Exam.

I would like to know what is the difference between forwarding paquet to the Null Interface (silently absorb paquets, whitout farwording them) and simply drop the paquet without sending ICMP paquet to the sender....

I have this problem too.
0 votes
Correct Answer by Jon Marshall about 8 years 8 months ago

Christian

They are generally doing 2 different things. When a packet is dropped but no ICMP packet sent back this is usually for security reasons to not give away any more information than is needed.

Routing to Null0 is usually used to

1) Stop routing loops - IGP's

2) Place a route into the IGP routing table so that BGP can then advertise it out.

Is there a specific context you were thinking of ?

Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Jon Marshall Wed, 04/02/2008 - 09:53

Christian

They are generally doing 2 different things. When a packet is dropped but no ICMP packet sent back this is usually for security reasons to not give away any more information than is needed.

Routing to Null0 is usually used to

1) Stop routing loops - IGP's

2) Place a route into the IGP routing table so that BGP can then advertise it out.

Is there a specific context you were thinking of ?

Jon

mirco.orlandi Wed, 04/02/2008 - 14:41

My points are finalized to exam pass.

1) No difference from sender point of view (packet is silently discarded)

2) Match criteria:

- with acl you have Layer3 (src ip address also) + Layer4 match criteria

- with Null0 you can discard based on destination IP address only

3) Because you are preparing BCMSN, remember that exist L2 ACL (mac based filter). Null0 work only at L3

4) Using ACL can produce more CPU usage than Null0 static route. If you use "log", the packet is process-switched, not fast-switched.

From "best practise" point of view, I agree with Jon.

Regards,

Mirco.

Actions

This Discussion