BGP- Difficulty with NULL0 Route

Unanswered Question
Jul 29th, 2009


We are a small ISP with links from two larger upstreams.

Take for example , I am advertising / 22 IP Block through ISP1. For this I am putting a Null0 route " ip route Null0 " . One of the router's interface is assigned with the IP address /22 - whole customer network is running through that interface.So far so good.

Now I want to introduce ISP2 & advertise only IP Block through ISP2. This I cant - the Block is not getting advertised unless and until I add the route " ip route Null0 " & as soon as I add this route the interface on which the IP address /22 is assigned stops pinging- and it is turning to a mess.

Any suggestion to how to advertise only the block through ISP2 .

Please revert if any clarification is needed.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jon Marshall Wed, 07/29/2009 - 08:13


The problem you have is that is more specific than so you are blackholing the traffic as the more specific route is always chosen.


1) add the Null0 route on another device and redistribute


2) add the route but point it in the next-hop direction eg.

L3 switch -> Router -> ISP

so for option 1

on the L3 switch add "ip route Null0" and then redistribute into your IGP.

Note that this assumes

i) you are running an IGP between the L3 switch and the router

ii) the L3 switch knows about the 192.168.52.x networks

For option 2

add to the router - "ip route

again this assumes that the L3 switch knows about the 192.168.52.x networks.

If you are unclear can you post a topology diagram ?


doraemonheng Thu, 07/30/2009 - 01:52


You should already have the route for as configured at the interface GigabitEthernet0/12.

Thus, please try to remove the "ip route Null0"

Thanks & Regards,

Richard Burts Thu, 07/30/2009 - 04:35


There is a reason why you might want to keep the null 0 route for even when it duplicates a local route in the routing table. To promote stability in the BGP routing table (and to avoid possible dampening by your upstream provider) you might want to continue to advertise the network/subnet even when it is not locally reachable. Keeping the null 0 route accomplishes this.

Jon as correctly identified the problem as the fact that your new null0 route is more specific than the connected route, and more specific routes are always preferred over less specific routes. Even though I normally advocate that you should not configure static routes specifying the outbound interface rather than the next hop when the outbound interface is Ethernet, I believe that this is a case where that could be useful. The reasons why we usually want to avoid static routes specifying the interface do not apply here - it will cause the router to ARP for any address falling in the range of the static route (but the router already must ARP for all these addresses since they are really on the connected interfce). So I would suggest that this might be a good solution for your issue:

ip route gig0/12



yagnesh_tel Thu, 07/30/2009 - 05:24

Here alternate approach of using static route is to use BGP inject-map. As aggregate prefix( is already present in routing table you can use this feature to import specific subnet( of this aggregate into BGP table. Then use filtering method to control your advertisement to ISPs.

alliancebroadba... Thu, 07/30/2009 - 05:53


Thanks for your suggestion.I have done exactly what you have pointed- but could not be sure what will be the possible consequence ,since it is in our production, thats why I reverted back.Please suggest if everything will be alright .

What I have done -

1] removed the route " ip route Null0 "

2] added the route " ip route gig0/12"

Apparently , everything was working fine . But when I issued " sh ip bgp neighbors < Peer IP - Upstream2 > advertised-routes " it showed -

Network *>


unlike in normal circumstances which shows as the next-hop.

I dont know what may be the result, since the block is getting advertised towards

Please suggest.


Jon Marshall Thu, 07/30/2009 - 06:02


Where does the network come into things. I can't see it in your diagram anywhere ?


alliancebroadba... Thu, 07/30/2009 - 06:17


Its like that , I would like to take instead of

However the configuration for IP Block or will be same isnt it ?

Please refer to the "sh run" output of the router specified below in the network diagram.

Waiting for your reply.


alliancebroadba... Thu, 07/30/2009 - 06:26

Please read Point# 2 as -

2] added the route " ip route gig0/12"

Sorry for mistyping.


Wilson Samuel Thu, 07/30/2009 - 06:55

Hi Abhishek,

Have you got the solution now? Just wondering if its solved.


alliancebroadba... Thu, 07/30/2009 - 07:05

I am stuck at the point , if it is normal to show in the next hop instead of when I am issuing " sh ip bgp neighbor < IP > advertised-routes " command.

If it is yes then the issue is solved .

Any suggestion is most welcome.


Richard Burts Thu, 07/30/2009 - 07:32


I have not used this particular implementation and can not say authoritatively that it is normal. But I believe that this is in fact the expected behavior. Most of the time when a router originates a route advertisement in BGP it is the next hop and it represents it in the BGP table as In this case the static route is indicating that the next hop is somewhere in the connected subnet but does not know exactly where. So it is using the highest available address in the subnet.

As long as you are advertising the /22 subnet, then this next hop address would be reachable. And I believe that it would not have any negative effect on your network.



Rick Morris Thu, 07/30/2009 - 09:31

Perhaps I am missing something but is this just an announcement issue?

Couldn't you create a prefix-list for this specific IP range

ip prefix-list ISP-A-Announce-OUT seq 5 permit le 24

obviously you would need route-map and applied to the bgp neigh statement.

Again, maybe I am missing something.

Jon Marshall Thu, 07/30/2009 - 09:42


The problem is EBGP cannot advertise a route unless it finds it in the IGP routing table. It's not in the IGP routing table so the only way to get it in there is to add a static route.

Problem is if the next-hop is Null0 all the traffic is blackholed because it's the more specific route.


Rick Morris Thu, 07/30/2009 - 09:44

I understand that part but if there is already a ip route in there for the /22 would not the prefix list then use the /24 because of the le 24 at the end of it?

Jon Marshall Thu, 07/30/2009 - 09:46


I may be misunderstanding what you are getting at but it must be an exact match ie. the network and the subnet mask before it can be advertised.


Richard Burts Thu, 07/30/2009 - 09:47


And that is why I suggested that he not use a null 0 static route but use a static route specifying the outbound interface with the specific prefix and subnet mask that he wants.

Something like this:

ip route gig0/12



Jon Marshall Thu, 07/30/2009 - 11:24

Rick Burts

"And that is why I suggested that he not use a null 0 static route but use a static route specifying the outbound interface with the specific prefix and subnet mask that he wants."

Yes i realise that. I totally agree with you.

Think you mistook my last post to Rick ie the other Rick (engagerocks), as addressed to you :-).


Richard Burts Fri, 07/31/2009 - 03:55


My apologies. You are correct that I did not realize that there were 2 Rick active in the thread. Thanks for helping me realize this. Your comment to the other Rick now makes sense.



Rick Morris Thu, 07/30/2009 - 09:58

I stand corrected.

I was thinking in reference to permitting and or denying incoming traffic on specific announcements using the le command.

Sorry to muddy up the water

yagnesh_tel Thu, 07/30/2009 - 16:08

Jon/Rick B.

Perhaps my understanding of BGP inject map is wrong but isn't that can be used in this case as you already have aggregate route and you want to inject more specific route?

alliancebroadba... Thu, 07/30/2009 - 23:25

Yagnesh -

I have checked BGP Inject Maps with cisco docs- it may be possible by inject-maps , but the feature is available only with some specific hardaware/software platforms.I need to depend upon traditional methods available.


Lets do it & monitor it for sometime. I will update you with feedbacks.


Jon Marshall Fri, 07/31/2009 - 03:54


I've never used this feature but from the looks of it your understanding is perfectly correct, this would indeed be another solution to the same problem.


alliancebroadba... Tue, 08/04/2009 - 07:22


The settings are working ok , it is running for the last 3-4 days I have not registered any problems.

Thanks to all.



This Discussion