Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Null interface question

Hi,

I'm currently prepared my BCMSN certification Exam.

I would like to know what is the difference between forwarding paquet to the Null Interface (silently absorb paquets, whitout farwording them) and simply drop the paquet without sending ICMP paquet to the sender....

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Blue

Re: Null interface question

Christian

They are generally doing 2 different things. When a packet is dropped but no ICMP packet sent back this is usually for security reasons to not give away any more information than is needed.

Routing to Null0 is usually used to

1) Stop routing loops - IGP's

2) Place a route into the IGP routing table so that BGP can then advertise it out.

Is there a specific context you were thinking of ?

Jon

3 REPLIES
Hall of Fame Super Blue

Re: Null interface question

Christian

They are generally doing 2 different things. When a packet is dropped but no ICMP packet sent back this is usually for security reasons to not give away any more information than is needed.

Routing to Null0 is usually used to

1) Stop routing loops - IGP's

2) Place a route into the IGP routing table so that BGP can then advertise it out.

Is there a specific context you were thinking of ?

Jon

New Member

Re: Null interface question

thanks a lot !!

New Member

Re: Null interface question

My points are finalized to exam pass.

1) No difference from sender point of view (packet is silently discarded)

2) Match criteria:

- with acl you have Layer3 (src ip address also) + Layer4 match criteria

- with Null0 you can discard based on destination IP address only

3) Because you are preparing BCMSN, remember that exist L2 ACL (mac based filter). Null0 work only at L3

4) Using ACL can produce more CPU usage than Null0 static route. If you use "log", the packet is process-switched, not fast-switched.

From "best practise" point of view, I agree with Jon.

Regards,

Mirco.

113
Views
0
Helpful
3
Replies