Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1120
Views
5
Helpful
1
Replies

what is static null0 with BGP implementation

Kim Nguyen
Level 1
Level 1

‎08-13-2015 02:45 PM - edited ‎03-05-2019 02:03 AM

I see this command " ip route 10.10.0.0 255.255.0.0 Null0" after the BGP config with "network 10.10.0.0 mask 255.255.0.0". I googled around for the static Null0 and I am getting more confused. Can somebody explain with an example why we need the static null0 with BGP? What if I don't use it? Thanks

Labels:
0 Helpful
1 Reply 1

Peter Paluch
Cisco Employee
Cisco Employee

‎08-13-2015 03:17 PM

Hi Kim,

Forget about BGP for a moment, as the Null0 is not related to BGP, rather, it is an independent concept.

Null0 is a special virtual interface on Cisco routers that works as a data sink: Whatever is routed out the Null0 interface is lost (the packets are simply dropped). This interface has no IP address, is always up, mostly is not even visible in the configuration or in the interface outputs, and this is its only purpose: To act as a blackhole for all packets that are routed out through it.

A static route such as ip route 10.10.0.0 255.255.0.0 Null0 will always be present in the routing table as long as it is configured, as the Null0 interface never goes down. At the same time, this route causes all packets going to 10.10.0.0/16 to be dropped if there is no more specific route in the routing table that would match their destination in a longer prefix. This is actually the reason why it is configured: This route is most probably a summary route covering a set of prefixes all falling under 10.10.0.0/16. If there is a known subnet of this summary (for example, 10.0.1.0/24), it will be found during a routing lookup before the static Null0 route, so the packets will be routed properly. Remember, the lookups in the routing table are performed as longest-prefix-match lookups. Only for those destinations under 10.10.0.0/16 for which there is no better match in the routing table, this Null0 route will cause the packets to be dropped. This is usually done to make sure that if a specific subnet of a larger summary network is not known, then it does not exist, and it is better to drop the packets rather then routing them out elsewhere, possibly causing a routing loop.

So by configuring the static 10.10.0.0/16 Null0 route, your admin has most probably defined a summary route covering more specific prefixes for which this router is responsible. Next, by entering the network 10.10.0.0 mask 255.255.0.0 in BGP, the admin has injected this route into BGP and made sure it is advertised to other BGP peers. This is effectively the same as redistributing all subnets into BGP and summarizing them afterwards with the aggregate-address 10.10.0.0 255.255.0.0 summary-only BGP command. The approach with the single static Null0 route helps to conserve BGP resources because instead of all prefixes that would need to be present in the BGP database and summarized afterwards, only a single - already summarized - prefix is injected. At the same time, this route serves as a "placeholder" in the routing table, claiming that this router knows something about subnets of 10.10.0.0/16, but if there are no known subnets in reality, packets will be dropped - but at least, they will not be misrouted.

Feel welcome to ask further!

Best regards,
Peter

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card