Null route
From Wikipedia, the free encyclopedia
It has been suggested that this article or section be merged with Black hole (networking). (Discuss) |
In computer networking, a null route (blackhole route) is a network route (routing table entry) that goes nowhere. Matching packets are dropped (ignored) rather than forwarded, acting as a kind of very limited firewall. The act of using null routes is often called blackhole filtering. The rest of this article deals with null routing in the Internet Protocol (IP).
Null routes are typically configured with a special route flag, but can also be implemented by forwarding packets to an illegal IP address such as 0.0.0.0, or the loopback address.
Null routing has an advantage over classical firewalls since it is available on every potential network router (including all modern operating systems), and adds virtually no performance impact. Due to the nature of high-bandwidth routers, null routing can often sustain higher throughput than conventional firewalls. For this reason, null routes are often used on high-performance core routers to mitigate large-scale denial-of-service attacks before the packets reach a bottleneck, thus avoiding collateral damage from DDoS attacks — although the target of the attack will be inaccessible to anyone. Blackhole filtering can also be abused by malicious attackers on compromised routers to filter out traffic destined to a certain address.
However, routing typically only works on the Internet Protocol layer and is very limited in packet classification. It is bound to be stateless due to the nature of IP routers. Typically, classification is limited to the destination IP address prefix, source IP address and incoming network interface.
[edit] Specific examples
Nullrouting with 'route' on Linux:
$ route add -host 192.168.32.128 reject
Nullrouting with 'iproute' on Linux:
$ ip route add blackhole 192.168.32.128/32[1]
Routing to the Null0 interface on Cisco IOS:
ip route 192.168.0.0 255.255.0.0 Null0[2]
[edit] References
This article does not cite any references or sources. (May 2007) Please help improve this article by adding citations to reliable sources. Unverifiable material may be challenged and removed. |
- ^ Brown, Martin A. (2007-03-01). Guide to IP Layer Network Administration with Linux. Retrieved on 2008-03-15.
- ^ Use a Static Route to the Null0 Interface for Loop Prevention. Cisco Document ID: 14956. Retrieved on 2008-03-15.