Configuring an IPv4 PBR with NULL0 interface as the next hop

The following steps configure an IPv4 PBR by setting NULL0 interface as the next hop in the route map.

1. Enter the configure terminal command to enter global configuration mode.
   

   device# configure terminal

2. Define the required IPv4 ACLs to be added to the route map.
   

   device(config)# ip access-list standard 99
   device(conf-ipacl-std)# permit 192.168.0.0 255.255.255.0

3. Enter the exit command to return to global configuration mode.
   

   device(conf-ipacl-std)# exit

4. Enter the route-map command to define the route and specify the match criteria and the resulting action if all the match clauses are met.
   

   device(config)# route-map test-route permit 99

5. Add IPv4 ACLs to match the IP address that is permitted by the ACL.
   

   device(config-route-map-test-route/permit/99)# match ip address acl 99
6. Set the next hop as NULL0 interface to send the traffic to the null interface, thus dropping the packet instead of forwarding it.
   

   device(config-route-map-test-route/permit/99)# set ip interface null0

7. Enter the exit command to return to the global configuration mode.
   

   device(config-routemap-test-route/permit/99)# exit

8. Enter configuration mode on the interface where you want to enable PBR by applying the route map.
   

   device(config)# interface ethernet 1/1

9. Enable policy-based routing on the interface and specify the route map to be used.
   

   device(conf-if-eth-1/1)# ip policy route-map test-route

Example

The following example shows the configuration steps to configure an IPv4 PBR to send all traffic from 10.157.23.0 0.0.0.255 to the null interface, thus dropping the traffic instead of forwarding it.

device# configure terminal
device(config)# evice(config)# ip access-list standard 99
device(conf-ipacl-std)# permit 10.157.23.0 0.0.0.255
device(conf-ipacl-std)# exit
device(config)# route-map test-route permit 99
device(config-route-map-test-route/permit/99)# match ip address acl 99
device(config-route-map-test-route/permit/99)# set ip interface null0 
device(config-route-map-test-route/permit/99)# exit
device(config)# interface ethernet 1/1
device(conf-if-eth-1/1)# ip policy route-map test-route
device(conf-if-eth-1/1)# end