Question:
Can some one Cisco 2921-SEC explain about "BLACKHOLE" in ip routing and when do we use this option
For Ex : ip route
Pls explain like above command...
Answer:
You DO NOT want to use this for the 99,999999% of the situaions you will find. A blackhole is a dark way to bring an attack in the BGP world for example and you can have very bad consequences also from a legal point of view.
Instead, using a null interface can
be useful to create an entry in the BGP routing table if no synchronization is used.
BGP, as you know, will work only with the networks present in the routing table
therefore, if i want to advertise
i can write a static route for this network pointing to "nothing" so that i will have my network in the routing table and i will not forward my subnet in anywhere by static routing.
indeed you can use a null interface as defence as well. Not common but if you have no firewalls on your network and you notice a lot of attacks on your log from a subnet or a set of subnet you can write a static route stating that all the traffic coming from those bad boys subnets are poining to null...
this becomes a kind of "bin" and the souspicious network will never reach the target because they will be routed to "nothing" on your Cisco 2951-SEC ISP facing router...
Original comes from http://lilirouter12.blog.com/