04-02-2008 09:49 AM - edited 03-05-2019 10:08 PM
Hi,
I'm currently prepared my BCMSN certification Exam.
I would like to know what is the difference between forwarding paquet to the Null Interface (silently absorb paquets, whitout farwording them) and simply drop the paquet without sending ICMP paquet to the sender....
Solved! Go to Solution.
04-02-2008 09:53 AM
Christian
They are generally doing 2 different things. When a packet is dropped but no ICMP packet sent back this is usually for security reasons to not give away any more information than is needed.
Routing to Null0 is usually used to
1) Stop routing loops - IGP's
2) Place a route into the IGP routing table so that BGP can then advertise it out.
Is there a specific context you were thinking of ?
Jon
04-02-2008 09:53 AM
Christian
They are generally doing 2 different things. When a packet is dropped but no ICMP packet sent back this is usually for security reasons to not give away any more information than is needed.
Routing to Null0 is usually used to
1) Stop routing loops - IGP's
2) Place a route into the IGP routing table so that BGP can then advertise it out.
Is there a specific context you were thinking of ?
Jon
04-02-2008 03:02 PM
thanks a lot !!
04-02-2008 02:41 PM
My points are finalized to exam pass.
1) No difference from sender point of view (packet is silently discarded)
2) Match criteria:
- with acl you have Layer3 (src ip address also) + Layer4 match criteria
- with Null0 you can discard based on destination IP address only
3) Because you are preparing BCMSN, remember that exist L2 ACL (mac based filter). Null0 work only at L3
4) Using ACL can produce more CPU usage than Null0 static route. If you use "log", the packet is process-switched, not fast-switched.
From "best practise" point of view, I agree with Jon.
Regards,
Mirco.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide