M
M
Mix02019-01-07 14:59:37
Computer networks
Mix0, 2019-01-07 14:59:37

What is the essence of Null0 pseudo-interface on Cisco IOS?

What exactly is it for?
How is NAT related to it?
Thank you.

Answer the question

In order to leave comments, you need to log in

2 answer(s)
A
athacker, 2019-01-07
@Mix0

This is /dev/null for routing. Packets that are routed to Null0 are, in fact, simply dropped.
This approach is used for various purposes. For example, you need to block a heavy flow of traffic to a specific subnet for which you are a transit. Such a flow can be, for example, a DDoS. Blocking this on the firewall can be quite expensive in terms of system resources used. Therefore, the grid is simply blackholed. In different systems, this is called differently - in IOS it is Null0 (and then, perhaps, not in all modifications), in fra - that's what it is called, blackhole.
For NAT itself, this interface does not play a big role, but it can be used. For example, you have nat on your device for some grid. The grid is announced to you via some kind of dynamic routing protocol. Let's say the dynamic routing session is broken and the user's network is no longer available. But the firewall still has NAT rules for it. Accordingly, if a packet arrives outside for a DST IP from a client network (which has fallen off), the gateway will look in the routing table, find no specific entries for this network there, and send the packet to the default gateway. And on the default gateway it is indicated that this client network is available to him through your gateway. And he will again send the packet to your gateway. Your gateway -- will return it to default gateway again. And so it will be until the TTL of the packet expires and the packet is killed. Therefore, such networks are sometimes blackholed. If a dynamic routing session is up and the client network is available, the packet will go there. If the session drops, then the packet will immediately be blackholed, i.e. killed, and will not spin around the ring between your gateway and its default gateway until the TTL expires.

M
Mikhail Khorev, 2019-01-10
@KhoreffMikhail

I'll add 5 cents.
When summarized in some EIGRP, the tsiska cannot propagate a route that it does not have. Therefore, a route to the summary network in NULL0 appears on it. And it goes into the routing protocol.
The fact that the route goes to Null0 is known only by the router that generates it. The others see that the route points to the summation router.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question