Re: Null 0 - Page 2

saimbt · ‎10-29-2007

My question might sound too naive.

When would the Null0 interface act as a black hole and when for prevention of loops.

Eg:- I know in case of Enhanced Interior Gateway Routing Protocol (EIGRP), for instance, always creates a route to the Null0 interface when it summarizes a group of routes. This is basically for prevention of loop.

Similarly if I want to deny access to a particular IP or Network i can poing it to a null 0 to discard the packet.

-Sai.

Richard Burts · ‎10-30-2007

Kevin

This is an interesting question that I have not previously investigated. I am not able to test it on routers right now (perhaps I can later) but have a couple of comments to offer.

- relative to your comment about Shouldn't the discard route get put into the routing table with a very high AD for this reason?

the summary/discard route is put into the routing table with an AD of 5 (very low).

- so I suspect that if you did configure a summary that duplicated a learned prefix and mask that it would displace them in the route table with a route to null 0.

- if you do careless or stupid things in the configuration sometimes there are consequences. Cisco can do only so much to protect us from poor choices in doing configuration.

HTH

Rick

HTH

Rick

Jon Marshall · ‎10-30-2007

Rick

You beat me to it !!. I suspect the same as far as the AD goes so as i have a bit of spare time on my hands and i have access to a lab i'll have a quick look and see what happens.

Jon

Kevin Dorrell · ‎10-30-2007

Rick,

Doesn't it go into this routing table as a normal static route (AD=1), and into the neighbors' routing tables at AD=5?

Kevin

Richard Burts · ‎10-30-2007

Kevin

When you configure a summary address in EIGRP it creates a route in the local routing table with AD = 5. The summary is advertised to the neighbor on the configured interface and in the routing table of the neighbor it has the normal AD = 90.

Or have I missed something in the context of the question? If we are talking about EIGRP summary there is no static route entry created. Are you asking about configuring a static route to null 0? If so the answer is quite clear that if you configure a static route to null 0 that duplicates a route learned via EIGRP the static route will certainly displace the EIGRP learned route.

HTH

Rick

HTH

Rick

Jon Marshall · ‎10-30-2007

Rick

This is where i was getting confused myself because as far as i know and i have just tested you cannot use the "ip summary-address eigrp.." command under the interface to direct traffic to Null0 because you can't specify the next hop with the above command.

Jon

Richard Burts · ‎10-30-2007

Jon

I had overlooked this post - sorry. And I am puzzled about what you are saying. When you create the EIGRP summary you do not worry about null 0 because EIGRP will do that for us automatically.

If we create a manual static route then we must specify the next hop (in this discussion null 0). When we configure a summary-address in EIGRP then the null 0 is automatic.

From your description of the test I am assuming that you got this sorted out. Correct? Or does it need any more discussion?

HTH

Rick

HTH

Rick

Jon Marshall · ‎10-30-2007

Rick

No problem, thanks for following up on this. I got my wires a bit crossed on this one but i think we have covered it all off with our other posts.

Jon

saimbt · ‎10-31-2007

Hi Cisco Gurus,

I think I am puzzled u all, have I?

Please check it in ur labs and please get back to me..

I am dont have any labs and I have to rely on u guys.

-sai.

Jon Marshall · ‎10-30-2007

Kevin / Rick

Bit of confusion here, maybe due to my understanding of what we are testing.

If we are talking about adding a summary route pointing to Null0 ie.

ip route 172.16.0.0 255.255.248.0 Null0

then it goes into the routing table on that router as directly connected. Unless you have a redistribute static statement under your EIGRP config then it won't be distributed to any other router. If you did it would be distributed as EIGRP 170 (external EIGRP).

If you use the "ip summary-address eigrp..." under the interface then it gets entered as AD 5 into the local routing table. I'll have a look in lab what happens in other routers.

The test i ran

(172.16.1.1/21) R2 (192.168.10.57/24) -> (192.168.10.56/24) R1 (192.168.12.1/24) -> (192.168.12.2/24) R3 (192.168.22.1/24)

All networks were added under the EIGRP config on relevant routers and "no auto-summary" also configured.

From R3 i could ping 172.16.1.1.

Added route to R1

ip route 172.16.0.0 255.255.248.0 Null0

This replaced the existing route on R1 for 172.16.0.0/21 received from R2 and the ping failed.

If i have misunderstood the testing while i have lab setup is there anything else i could test.

Jon

Richard Burts · ‎10-30-2007

Jon

I do not want to put words into Kevin's mouth, so if what I am saying is different from what he meant then he should clarify. I thought the question was what if you configured an EIGRP summary on an interface that happened to duplicate a route learned by EIGRP. So in your test I would be interested in what happens if R1 does not have the static to null 0 but were to configure an EIGRP summary for 172.16.0.0 255.255.248.0.

I thought it was clear - and your test confirms it - that if you configure a static route to null 0 that duplicates an existing EIGRP route it clearly will displace the EIGRP route. It is not as clear what happens if you configure an EIGRP summary, so that EIGRP creates the null 0 route. I am guessing that it will also displace the learned route. I would be interested in the results if you can test that.

HTH

Rick

HTH

Rick

Jon Marshall · ‎10-30-2007

Rick

Yes i think you intepreted question correctly but as you say I don't want to put words in anybody's mouth either.

Interestingly i added the following under the fa0/1 interface on R1

ip summary-address eigrp 172.16.0.0 255.255.248.0

It did not displace the route received from R2 and the AD for the route remained at 90.

Jon

Kevin Dorrell · ‎10-30-2007

Jon,

So you are saying that the summary generates a discard route that goes into the table at AD=5. But if a real EIGRP route for the prefix comes along in the meantime, the summary discard route is no longer generated.

Is that right? That's cool: we have an AD=90 displacing an AD=5 route. So I guess it is done in the EIGRP process before it is even presented for arbitration by the AD arbitrator. A bit like the discussion we had the other day about arbitration between intra-area, inter-area, and external routes in OSPF.

Kevin Dorrell

Luxembourg

Jon Marshall · ‎10-30-2007

Kevin

From the tests it does seem this way. It could be IOS dependant i guess. What we need now is for one of the Cisco guys who has access to the code to confirm or deny this is expected behaviour.

Where are they when you need them :)

Jon

Richard Burts · ‎10-30-2007

Jon

Interesting result. I can not tell from your description of the test which interface is fa0/1 on R1. Does it face R2, R3, or does it point somewhere else?

In your test did the summary get into the routing table at all? (I am guessing from what you said that it did not).

HTH

Rick

HTH

Rick

Jon Marshall · ‎10-30-2007

Rick

Apologies for that i forgot to say which interface.

The fa0/1 interface on R1 faces R3 from where i did all the pings.

The summary route did get entered into the routing table but it was the route being advertised from R3 as it has an AD of 90. It's a bit confusing talking about summary routes here i guess ie.

On R1 under fa0/1

"ip summary-address eigrp 172.16.0.0 255.255.248.0"

On R2

int fa0/1

ip address 172.16.1.1 255.255.248.0

router eigrp 1

network 172.16.0.0

no auto-summary

So i guess if we are being precise the route in the routing table on R1 for 172.16.0.0/21 is not a summary route as such.

Jon