0.0.0.0/8 and 0.0.0.0/32 blackhole routes

I have seen in router configuration examples following null routes:

ip route 0.0.0.0 255.0.0.0 Null0 250
ip route 0.0.0.0 255.255.255.255 Null0 250

How should one understand such routes? First one blackholes all those packets which have destination IP address most-significant byte zero? This is a security measure as such network does not exist? And second static route blackholes all those packets which have destination IP address 0.0.0.0?

Find more posts tagged with

Comments

Cucumber

theory would say 0.0.0.0 255.0.0.0 matches 1.0.0.0 2.0.0.0 and so on
whereas 0.0.0.0 255.255.255.255 matches 0.0.0.0 as you said
nothing like firing up a router and do some tests I will try labbing this!

SteveO86

0 /8

0.0.0.0/8 - Addresses in this block refer to source hosts on "this" network. Address 0.0.0.0/32 may be used as a source address for this host on this network; other addresses within 0.0.0.0/8 may be used to refer to specified hosts on this network [RFC1700, page 4].

From RFC 5735It's for security. It drops packets that the router should not forward.It's like denying RFC 1918 addresses your internet facing interfaces, since RFC 1918 addresses should not be coming from the internet. (RFC 1918 are non publicly routable IP's on internet)