Filtering Undesired Traffic Using the Null Interface

You can use access control lists to filter undesired traffic. Another way to handle undesired traffic is to send it to the null interface. The router automatically creates the null interface, which is always up, cannot be deleted, and acts as a data sink. In other words, the null interface cannot forward or receive traffic. However, the CLI does allow you to access the null interface.

The E Series router creates the null interface by default; you do not have to manually create it. You can direct traffic to the null interface by specifying the null 0 keywords instead of a next-hop or destination address when you configure routes.

To route undesired traffic to the null interface:

  1. Access the null interface.
    host1(config)#interface null 0 host1(config-if)#
  2. Configure a static route and redirect traffic from it to the null interface.
    host1(config-if)#ip route 10.10.20.5 null 0

    Use the no version to remove the static route.

Related Documentation