What is null interface and how to configure
What is Null Interface and How to Configure Null Interface on Cisco Router
Like loopback interface, Null interface or bit bucket is also a virtual or software interface present in the Cisco routers. It is not physically present like physical interfaces like Ethernet, Serial interface, Gigabit interface.
The null interface is can also be called as “bit bucket or black hole” interface. The null interface will drop all the packets that are routed to it and hence help to filter the traffic. All the unwanted traffic can be easily routed to null interface and this interface will drop the packets that are received without forwarding them.
The null interface will not receive or forward the packets or traffic that is received by it. The null interface by default is up. Access Control Lists (ACL’s) can also filter the packets and drop them. The main disadvantage of using Access Control List (ACL) is that Access Control Lists use more CPU resources.
Configuring a Null interface for simple filter requirements and routing the packets to the Null interface would consume fewer CPU resources than configuring Access Control List (ACL).
Let us consider a scenario where there are three networks 192.168.2.0, 192.168.25.0, and 192.168.26.0. And all the users in the network 192.168.25.0 should not communicate with the users in the network 192.168.26.0.
This can be achieved either by writing an Access Control List (ACL) or by configuring a null interface. Configuring Access Control List will consume more CPU resources. Hence to make this task simpler, a static route is added to the router in which the network 192.168.25.0 is connected.
The static route diverts the traffic that has to be sent to the network 192.168.26.0 to a null interface. The null interface simply drops all the packets that are received by it. This restricts the users in the network 192.168.25.0 to communicate with the users or resources present in the network 192.168.26.0.
The command that is used in null interface configuration is “ip unreachable”. If the virtual interface (null interface) receives a packet , it drops the packet and sends Internet Control Message Protocol (ICMP) packet to the source stating that the destination is unreachable. The ICMP message is sent only when a static route is configured to the null interface.
ICMP message is also not sent to the source if the static route is not configured. By default, the null interface 0 is created by the router at the bootup. When EIGRP summarizes a group of routes, it always creates a route to the null interface.
Configuring a null interface:
CISCO-ROUTER> Enable
CISCO-ROUTER# configure terminal
CISCO-ROUTER(config)# interface null0
CISCO-ROUTER(config-if)# ip unreachable
CISCO-ROUTER(config-if)# end
To configure a static route to null interface use the following commands
CISCO-ROUTER> Enable
CISCO-ROUTER# configure terminal
CISCO-ROUTER(config)# ip route 192.168.26.0 null0
CISCO-ROUTER(config)# end.
Read more
- How to Configure Ethernet and Serial Interface on Cisco Router
- What is Fast Ethernet Interface, Gigabit Ethernet Interface, and Serial Interface in Cisco Router
- What is Subinterface in Cisco Router
- What is Loopback Interface in Cisco Router and How to Configure