The Null0 interface does not forward packets. All packets sent to this interface are discarded. The Null0 interface is applied in two situations:
The Null0 interface is typically used to prevent routing loops. For example, during route aggregation, a route to the Null0 interface is always created.
In the example network shown in Figure 1, DeviceA provides access services for multiple remote nodes.
DeviceA is the gateway of the local network that uses the Class B network segment address 172.16.0.0/16. DeviceA connects to three subnets through DeviceB, DeviceC, and DeviceD, respectively.
Normally, the routing table of DeviceA contains the following routes:
Routes to three subnets: 172.16.2.0/24, 172.16.3.0/24, and 172.16.4.0/24
Network segment routes to DeviceB, DeviceC, and DeviceD
Default route to the ISP network
If routerDeviceE on the ISP network receives a packet with the destination address on the network segment 172.16.10.0/24, it forwards the packet to DeviceA.
If the destination address of the packet does not belong to the network segment to which DeviceB, DeviceC, or DeviceD is connected, DeviceA searches the routing table for the default route, and then sends the packet to DeviceE.
In this situation, the packets whose destination addresses belong to the network segment 172.16.10.0/24 but not the network segment to which DeviceB, DeviceC, or DeviceD is connected are repeatedly transmitted between DeviceA and DeviceE. As a result, a routing loop occurs.
To address this issue, a static route to the Null0 interface is configured on DeviceA. Then, after receiving the packet whose destination network segment does not belong to any of the three subnets, DeviceA finds the route whose outbound interface is the Null0 interface according to exact matching rules, and then discards the packet.
Therefore, configuring a static route on DeviceA whose outbound interface is the Null0 interface can prevent routing loops.
The Null0 interface provides an optional method for filtering traffic. Unnecessary packets are sent to the Null0 interface to avoid using an Access Control List (ACL).
Both the Null0 interface and ACL can be used to filter traffic as follows.
Before the ACL can be used, ACL rules must be configured and then applied to an interface. When a router receives a packet, it searches the ACL.
If the action is permit, the router searches the forwarding table and then determines whether to forward or discard the packet.
If the action is deny, the router discards the packet.
The Null0 interface must be specified as the outbound interface of unnecessary packets. When a router receives a packet, it searches the forwarding table. If the router finds that the outbound interface of the packet is the Null0 interface, it discards the packet.
Using a Null0 interface to filter traffic is more efficient and faster than using an ACL. For example, if you do not want a router to accept packets with a specified destination address, use the Null0 interface for packet filtering. This only requires a route to be configured. Using an ACL for packet filtering requires an ACL rule to be configured and then applied to the corresponding interface on a router. However, the Null0 interface can filter only router-based traffic, whereas an ACL can filter both router-based and interface-based traffic.