What is Null Interface in router ? | Blackhole

Null interface in the Router is a virtual interface that always remains up. A virtual interface is a logical interface and is not visible like other physical interfaces such as ethernet or Gigabit ethernet interface. All traffic that is routed towards the null interface is dropped. Routes towards this interface are called as null routes which discards the packet without forwarding it further towards another interface or destination address.

For example: if we configure a static route & specify a null interface as the next hop, the packet for that destination network segment will get dropped.

A null interface is also referred to as “bit bucket” or “blackhole” interface as it drops the packet immediately after it is received.

Why Null interface is used & what are its benefits?

1. Avoiding routing loops – Null interface is used for preventing routing loops. EIGRP also uses routes towards null interface when summarization of routes is being used.

2. Discarding traffic for unwanted network segments – Null interface is also used for filtering unwanted traffic as it will discard traffic directly which is being routed towards the null interface.

3. Reducing CPU overhead at the Firewall level  – Although filtering and blocking the traffic can be achieved using an access control list as well but by using an access control list there will be more CPU overhead. It is often used to block the traffic or blacklist the subnet at the perimeter level itself before it reaches Firewall.

But through the null interface, we can’t block any specific protocol traffic, it will completely block the traffic for that particular network address/subnet.

Configuring routes towards a null interface

Router#config terminal
Router(config)#ip route 10.1.10.0 255.255.255.0 null0

This will route all the traffic for destination 10.1.10.0 towards the null interface & will get dropped.

Frequently Asked Questions :

Q: Can we configure multiple null interfaces in router ?

A: No, one router can have only one null interface which will be Null0

Q: When we can block the traffic using access control list then why Null interface is being used?

A: EIGRP uses null interface for routes towards null interface when summarization of routes is being used to avoid routing loops.

Route towards null interface is easiest & fastest way to block the traffic as it will drops the packets & existing session immediately.

Q: What is the purpose of null route or ” ip route null0″ ?

A:  To drop the packet for respective destination.

Q: Why null interface is also called as blackhole ?

A:  Since the packets gets dropped immediately whichever is being forwarded to null interface, it it being called as blackhole.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.