Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

What's the prupose of "ip route null0"?

We often saw configuration of putting the summary address of an internal private network in "ip route .... null0". What's the purpose of it? Why the traffic to the internal network doesn't get dropped on the router it is configured?

Would the null0 statis route show up in the "sh ip route?

Thanks

Gary

28 REPLIES
Cisco Employee

Re: What's the prupose of "ip route null0"?

The purpose of configuring a static summary route to null0 is to make sure that traffic will be dropped on the local router if a more specific route doesn't exist.

Hope this helps,

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México 
Paseo de la Reforma 222 Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
Cisco Employee

Re: What's the prupose of "ip route null0"?

Oh, and yes it would show up in the output of the show ip route.

Hope this helps,

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México 
Paseo de la Reforma 222 Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
Hall of Fame Super Silver

Re: What's the prupose of "ip route null0"?

Gary

There are several reasons why some routers are configured with ip route ... null 0. One of those reasons has to do with route summarization. Essentially configuring the null 0 route is to provide protection from "black hole" developing. An example might help. Lets assume that a network is using subnets of 172.17.0.0. Lets assume that subnets 172.17.2.0, 172.17.4.0, 172.17.6.0, 172.17.8.0, and 172.17.10.0 are in the routing table. Lets assume that the router is going to advertise a summary route to some of its neighbors advertising 172.17.0.0/16. So the router is telling its neighbors "if you want to reach anything in 172.17.0.0, then send it to me". So what happens if a neighbor sends a packet with destination address 172.17.5.5. What should the router do? We do not know where that subnet is, so what should we do? Should we forward it to the default route? What if the router that is the next hop for the default route received our summary advertisement for 172.17.0.0 and forwards the packet back to us? As you can see this can get messy !

So configuring ip route 172.17.0.0 255.255.0.0 null 0 is a way to assure that if the packet can not be routed it will be dropped.

There are some other situations where a route may be configured to null 0. One of those is on routers that run BGP. The router may be configured with a BGP network statement, so if the route is in the routing table that BGP will advertise it. And we want to be sure that the route is in the routing table. So we configure a route to null 0 as a way to be sure that the route remains in the table and will be advertised by BGP.

HTH

Rick

New Member

Re: What's the prupose of "ip route null0"?

Thanks all for your help

New Member

What's the prupose of "ip route null0"?

Dear Richard,

Can you explain the how we can use null0 for the following senario .

If my internal DNS is getting lots of requests from outside unknown DNS servers,in such a situation ,can I use this "null 0" command to stop unknown requests??

Thanks

Hall of Fame Super Silver

What's the prupose of "ip route null0"?

In the scenario that you describe where you are receiving lots of requests from outside and you want to block them then I would suggest that you could do something like this. Configure Policy Based Routing (probably on the router at the edge of your network - we want to catch this traffic as early as we can) to identify these DNS requests. In the PBR route map use an access list to identify the traffic and then set interface null0. This will discard all of the DNS requests.

I would suggest that you consider the implications of doing this before you actually implement it. If you do discard all incoming DNS requests then you have prevented anyone outside your network from being able to resolve names to addresses for resources inside your network. Perhaps some kind of shaping or policing on the DNS requests would be a better way to handle them.

HTH

Rick

New Member

Hello Richard,

Hello Richard,

good Morning, How are you .

1. what is the difference between IBGP vs IGP.

2. How does the IBGP Router chooses the best path to a Specific Destination especially when multiple paths are available. In other IGPs there are metrics available, like hop count, cost etc to choose the optimal path, but in IBGP is there any specific attribute available to carry the metric which helps in dynamic path selection.

Please can you clear in simple language with some examples...

thanks

Manish

Hall of Fame Super Silver

Manish

Manish

While the initials look very similar there is quite a difference between IBGP and IGP. To clarify this let me start from the fact that we can differentiate routing protocols based on whether they are designed primarily to route between enterprise networks (this would be an exterior protocol and BGP is the best known example of exterior protocol) or designed primarily to route within an enterprise network (this would be an interior protocol, and EIGRP and OSPF are well known examples of Interior protocols). When we talk about Interior routing protocols in general we sometimes refer to them as IGP (Interior Gateway Protocols).

When running the exterior protocol BGP there are some differences depending on whether the peer router is within the same Autonomous System (which is IBGP) or the peer is in a different Autonomous System (which is EBGP).

So IBGP is the exterior routing protocol where both peer routers are in the same autonomous system and IGP is the general way to talk about Interior routing protocols.

It is common in the Interior routing protocols to have a metric which is used to select the best path. In the Exterior routing protocol of BGP there is not the same concept of a simple metric but there are a set of attributes which BGP evaluates to select the best path. You can use this link to see additional information about the attributes and how BGP evaluates them.

http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13753-25.html

HTH

Rick

New Member

Thanks to reply but how ibgp

Thanks to reply but how ibgp take to decision to reach destination..

Hall of Fame Super Silver

Perhaps I am not

Perhaps I am not understanding your question correctly. I thought that you were asking how IBGP selects the best path to a destination. That process beginning with evaluate the weight assigned to the advertised path is clearly described in the link that I posted. If that is not what you are asking then please clarify the question.

HTH

Rick

New Member

Yes you are right , i was

Yes you are right , i was asking how IBGP selects the best path to a destination after full mesh , because IBGP works on full mesh topology..

Hall of Fame Super Silver

Joseph makes a good point

Joseph makes a good point that in terms of route selection that there is a single BGP process running on the router and making the selection of best route. IBGP will impose some restrictions that are different from EBGP in terms of what it will advertise to a neighbor. But for selecting the best route to a destination there is a single process making that selection.

HTH

Rick

Super Bronze

Disclaimer

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

I believe basically iBGP uses the same path selection logic as eBGP.  Within the same AS, though, iBGP generally sees its iBGP as adjacent.  Interior routing logic will determine actual path taken (unseen by iBGP).

New Member

Hello Richard,

Hello Richard,

Please can you tell me. why i am getting this error and how to solve it.

software install file tftp://172.19.211.47/cat3k_caa-universalk9.SSA.03.12.02.EZP.150-12.02.EZP.150-12.02.EZP.bin
Preparing install operation ...
[1]: Downloading file tftp://172.19.211.47/cat3k_caa-universalk9.SSA.03.12.02.EZP.150-12.02.EZP.150-12.02.EZP.bin to active switch 1
[1]: Finished downloading file tftp://172.19.211.47/cat3k_caa-universalk9.SSA.03.12.02.EZP.150-12.02.EZP.150-12.02.EZP.bin to active switch 1
[1]: Starting install operation
[1]: Expanding bundle cat3k_caa-universalk9.SSA.03.12.02.EZP.150-12.02.EZP.150-12.02.EZP.bin
[1]: Copying package files
[1]: Package files copied
[1]: Finished expanding bundle cat3k_caa-universalk9.SSA.03.12.02.EZP.150-12.02.EZP.150-12.02.EZP.bin
[1]: Verifying and copying expanded package files to flash:
[1]: Verified and copied expanded package files to flash:
[1]: Starting compatibility checks
[1]: compatibility checks failed...

Here getting this error how to solve it and why i am getting this please can you clear it.
New Member

but here

but here 172.17.5.5 it should be between 172.17.4.0 to 172.17.6.0 i did not get your point please can you clear more about it.
Hall of Fame Super Silver

The point is that the router

The point is that the router does not know where 172.17.5.5 is. It certainly is not in 172.17.4.0/24 and it certainly is not in 172.17.6.0/24. You are correct that numerically 172.17.5.5 is between those two subnets. But that does not tell us anything about how to route so that we reach 172.17.5.5. If we assume that 172.17.4.0 is reached on FastEth0/0 and that 172.17.6.0 is reached on FastEth0/2, how would you suggest that we get to 172.17.5.0?

HTH

Rick

New Member

Thanks to reply and clear it.

Thanks to reply and clear it...

i have one question please can you clear it.

suppose i have two network ..

1. 192.168.10.0/30

2. 192.168.10.8/30

Now i just create one summary address for both of them that is

192.168.10.0/28 is a summary

now my question is that if in interview someone tell me that

192.168.10.0/28 is a summary .. ok

now how to know that in this summary only two network comes that are

192.168.10.0/30

192.168.10.8/30

because i created one summary address only for those two netwrok..

Please share your ans...

Hall of Fame Super Silver

I am not sure that I fully

I am not sure that I fully understand your question. In particular it is not clear where in the network you are looking at this summary route. And it is not clear how the summary is created and how the summary is advertised. Let us think of a simple example where router A is connected to router B which is connected to router C. Let us assume that 192.168.10.0/30 and 192.168.8.0/30 are on router A. And let us assume that you create the summary on router B using the EIGRP summary-address and advertise the summary in EIGRP to router C.

So on router A if you do show ip route you would see the two /30 subnets. On router B if you do show ip route you would see the two /30 subnets and the summary and so you could tell which subnets in the summary actually exist. But on router C you would see only the /28. And on router C there is not any way to know which subnets actually exist.

HTH

Rick

Super Bronze

Disclaimer

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Yes, you could summarize those two networks using 192.168.10.0/28, but that summary actually also covers

1. 192.168.10.4/30

2. 192.168.10.12/30

As described by Rick, without knowing what else is being advertised, and where's its being advertised, we don't actually know what networks will actually arrive to the router advertising that summary.

All we know is any destination that falls within 192.168.10.0/28 might come to that router.  Remember, for example, the "undefined" address blocks might have traffic even more specific.  For example, 192.168.10.4/31 or 192.168.10.4/32.

PK
New Member

Hey Guys,

Hey Guys,

 

Even I have a question on the null0 statement.

Do I have to use the ip route... null0 if I have an exact subnet static route mentioned?

 

eg.

So I am advertising a subnet in bgp

network 172.16.16.0 mask 255.255.252.0

and then I have static route

ip route 172.16.16.0 255.255.252.0 172.16.19.228

ip route 172.16.16.0 255.255.252.0 Null0 200

 

So now here do I still have to use the null0 statement as due to the static route it will inject that subnet into the routing table, correct? And FYI.. I am receiving entire bgp table from the internet.

Hall of Fame Super Silver

One of the principles of

One of the principles of configuring BGP is that when a BGP network statement supplies a mask then there must be a prefix in the ip routing table that is an exact match (subnet and mask) for BGP to advertise the route.

So if you have this network statement

network 172.16.16.0 mask 255.255.252.0

then you must be sure that your routing table has 172.16.16.0 255.255.252.0

are you sure that your static route of ip route 172.16.16.0 255.255.252.0 172.16.19.228 will insert that prefix into the routing table? If so then you do not need the static route using null0.

Let me suggest a few things to think about as you answer the question I just asked:

- does your router know how to reach 172.16.19.228? That address is inside the block of addresses being routed

- if the router does know how to reach 172.16.19.228 but the interface used to reach that address goes down do you want BGP to still advertise that address? Because if the interface used to reach the next hop goes down then the router will withdraw the prefix from the routing table.

HTH

Rick

New Member

Fantastic explanation!

Fantastic explanation!

Hall of Fame Super Silver

Thank you. I am glad that you

Thank you. I am glad that you found my explanation helpful.

HTH

Rick

Super Bronze

One of the principles of

One of the principles of configuring BGP is that when a BGP network statement supplies a mask then there must be a prefix in the ip routing table that is an exact match (subnet and mask) for BGP to advertise the route.

Just a footnote to Rick's comment, I recall (?) BGP can also aggregate based on what it sees in the route table.  So, you don't always need an exact 1 for 1 match, but you would need something subordinate to the aggregate to get the aggregate advertised.

Hall of Fame Super Silver

Joseph seems to be conflating

Joseph seems to be conflating two different functions in BGP. The original discussion has been about the BGP network statement including a mask. Now Joseph brings up the BGP aggregate address function.

The network statement might be used to advertise a summary (or supernet) address and could potentially use the route to null 0 to achieve the advertisement. The aggregate address can advertise a summary (or supernet) address but I do not see how the null 0 route is a factor in that function.

HTH

Rick

Super Bronze

Ah, I may have indeed

Ah, I may have indeed conflated.

Only now, I noticed the difference in time stamps between the OP and then posts and PK's and later postings.

My "footnote" was based on the OP context, not just the recent discussion postings.  If you read it in that context, it might seem less conflated.

New Member

can someone help me to

can someone help me to configure bgp failover in Gns3 . PLEASE find attachment , i am using this diagram

1. using two loopback address 8.8.8.8 as a internet ip

2. R1 to R3 ---- EBGP

3. R2 to R4 ---- EBGP

4. on R3 and R4 ---- OSPF

5. 8.8.8.8 is showing on router R3 , but i am not able to ping 8.8.8.8 from my PC .

i did

R3#

ip prefix-list out permit 0.0.0.0/0

route-map dataout permit 10

match ip address prefix-list out

set local-preference 600

router bgp 3

nei 192.168.1.1 route-map dataout out

same on router R4

Please share , where i am wrong and what to do to ping 192.168.1.1 from my pc

New Member

Re: What's the prupose of "ip route null0"?

i've also used ip route null0 before to route RFC reserved ip address blocks to the null interface to be dropped. it's much more efficient on the CPU then having an ACL check each packet.

30676
Views
51
Helpful
28
Replies