Solved: Re: next-hop null with default route

JRU · ‎12-28-2021

Hi,

I have a router where i need to do some sumarization. I will have some of the sumarized routes in route table but some of them are pointing via default roue towards some firewall. I will need to advertized those routes but not the default route via BGP.

I was thinking abiut creating static summaryu route with "next hop" null but i wonder if the traffic that should go with default rout wont get dropped because of the null interface. Do i need to have all routes inside the routing table or it will go via default?
Device i have is ASR 9k with IOS-XR

Thank you for all answers.

paul driver · ‎12-28-2021

Hello

Yes - correct any traffic for 10.10.12/0/24 will get dropped.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

Kasun Bandara · ‎12-28-2021

Hi

null routes using as a black holes for traffic. all traffic you are pointing to null interface will dropped. so if you adding null route, make sure you are adding correct subnet towards null0. do not add default route to null0. select specific subnet you want to drop and add only that.

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB

JRU · ‎12-28-2021

Thank you for the answer. I know not to use default route null.

For example i will summary 10.10.0.0/16 pointing null0 as I need to advertised 10.10.1.0/24, 10.10.2.0/24 etc. SOme of them I will have installed from other device but i wont have entry for 10.10.20.0/24 and wanted it to go via default route.

I just wonder if its crucial that i need to have smaller chunks of /16 in th erouting table or it will also use default route to reach 10.10.20.0/24.

Giuseppe Larosa · ‎12-28-2021

Hello @JRU ,

in IOS XR you have RPL Route Policy Language RPL that is the right tool to use.

A statci to null0 is a blackhole your concerns are correct.

RPL is more advanced then route maps that aare in IOS XE.

see

https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2020/pdf/BRKSPG-2069.pdf

Hope to help

Giuseppe

JRU · ‎12-28-2021

Hi @Giuseppe Larosa ,

I used RPL before but not sure if there is a possibility to redistribute routes to bgp neighbour if i dont have them in my routing table. That's why i was thinking about "next-hop" null so they would show in RIB and the redistribute them with RPL.

In the worst scenario I will just create a bunch of static routes on the nexus peer so the routes will show on ASR and it will be possible to advertise it to external peer, but it will be time consuming and tought that there ia an easier way

MHM Cisco World · ‎12-28-2021

...

paul driver · ‎12-28-2021

Hello
Null statics dont drop ALL traffic, and they can be usefull in negating loops.

Example:
Let say you have a network of 192.168.10.0/24 residing on a rtr and this rtr also has a default route.

At present you only have 192.168.10.0/24 active but this subnet is part of a larger summary route being advertised into your wan that’s pointing to your rtr.

Now lets say a ping is initiated for a host in 192.168.10/0/24 , The packet will be routed to your rtr and your rtr will forward it onwards towards this host because it’s a valid host in an active network on your rtr.

Now lets say a ping is initiated to a host that at present doesn’t reside on your rtr but is part of a summary route being advertised as originating from your rtr, (192.168.20/0/24) then the packet will be to routed to your rtr, the rtr will perform a lookup and see the only valid path it has to this host/ network is via its own default route so it forwards it back out via it default next hop, now you have loop between your rtr and its upstream rtrs which will continue until the "ttl" of that ping timesout

The negate this you would use a null static route so if the rtr cannot find any valid route for a prefix which relates to that summary route it will send it the packet to the null0 interface and drop it thus negating any loop.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

JRU · ‎12-28-2021

Hi @paul driver

Correct me if im wrong.

I will advertise bgp summary route 10.10.0.0/16 based on my static route 10.10.0.0/16 null0. If i will have 10.10.10.0/24 10.10.11.0/24 in my RIB traffic will be forwarded normaly. But if i dont have entry for ie. 10.10.12.0/24 and want to use default route the packets will be dropped correct?

paul driver · ‎12-28-2021

Hello

Yes - correct any traffic for 10.10.12/0/24 will get dropped.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

JRU · ‎12-28-2021

Thank you.