We are actually using many of the networks in the 10/8 and 192.168/16 networks. I would therefore only like packets sent to unused networks to be dropped (sent to the null interface) in order to avoid routing loops. Do I have to change the administrative distance in order to accomplish that?
Extract from "sh ip route 10.0.0.0 longer" (no route to null inteface appears in the list):
10.0.0.0/8 is variably subnetted, 26 subnets, 5 masks
O IA 10.11.0.0/16 [110/51] via 192.168.130.6, 4d06h, Vlan10
O IA 10.9.0.0/16 [110/51] via 192.168.130.6, 4d06h, Vlan10
O IA 10.2.0.0/16 [110/51] via 192.168.130.6, 4d06h, Vlan10
O IA 10.3.0.0/16 [110/51] via 192.168.130.6, 4d06h, Vlan10
O IA 10.4.0.0/16 [110/49] via 192.168.130.9, 4d06h, Vlan10
I'd just leave the administrative distance as is (less confusing) and take advantage of the "more specific routes win" rule on Cisco devices. Assuming there are already routes in the routing table for each 10/8 and 192.168/16 subnetwork that you're using, these routes will be preferred over null routes for 10/8 and 192.168/16. So the null routes will only be used when there's not a more specific route in the table; i.e., when the packet is destined to a network that you're not using.
That being said, it sounds like this is pretty much what you already tried other than the administrative distance (which I don't think would make a difference in this case). Was the 'show ip route' command above run with the static route to 10/8 in the config? If so, I'm at a loss as to why the route apparently isn't in the routing table.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...