Question on NUL Routing

sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
I'm not sure this is a CCIE topic, but I know a slew of smart and experienced folks read this forum so I wanted to ask something I've always been curious about. About 5 years ago I sat in some network refresher training at an army base and there were a couple of the TNOSC guys there (Theatre Network Operations Security Center) that manage the Army's security routers. They made a claim that I have never been able to substantiate or find out how true (if at all) it was. They said that on some of the border routers that handle oodles of traffic, they experimented with setting up the ACL so that rather than deny or drop traffic they route it to a nul interface on the router. They explained that the router is better at routing than at being a firewall, and by doing this they saw tremendous resourse savings on the hot and heavy routers.

Has anyone heard of this? Fact, fiction, somewhere in between? Thanks!
All things are possible, only believe.

Comments

  • EdTheLadEdTheLad Member Posts: 2,111 ■■■■□□□□□□
    Yes fact, i've seen this.On an Alcatel router i worked on, by default all the private address space was configured to route to Null0 interface.
    Networking, sometimes i love it, mostly i hate it.Its all about the $$$$
  • DW [banned]DW [banned] Inactive Imported Users Posts: 240
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    I've actually wondered the same thing because I've heard of Null Routing before. I know that sometimes when a server is getting DDoS attacked, Cisco Admins will null route the interface that is getting hit. I really need to take my CCNA so I can have a better understanding of routing and networking. No time though. icon_sad.gif
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    Thank you for the replies gentlemen!
    Darby, if you get a few minutes can you elaborate for a CCNA level guy? Actually, make that a rusty CCNA level guy....
    All things are possible, only believe.
Sign In or Register to comment.