Using Access Control Lists (ACLs)

HP9300(config-routemap test-route-if-no-gateway)# exit

The following command enables PBR by globally applying the route map to all interfaces.

HP9300(config)# ip policy route-map test-route-if-no-gateway

Alternatively, you can enable PBR on specific interfaces, as shown in the following example. The commands in this example configure IP addresses in the source sub-net identified in ACL 4, then apply route map test-route-if­ no-gateway to the interface.

HP9300(config)# interface ve 2 HP9300(config-vif-1)# ip address 192.168.1.34/24

HP9300(config-vif-1)# ip policy route-map test-route-if-no-gateway

Setting the Output Interface to the Null Interface

The following commands configure a PBR to send all traffic from 192.168.1.204/32 to the null interface, thus dropping the traffic instead of forwarding it.

HP9300(config)# access-list 6 permit 209.168.1.204 0.0.0.0

The following commands configure an entry in a route map called “file-13”. The first entry (permit 6) matches on the IP address information in ACL 6 above. For IP traffic from the host 209.168.1.204/32, this route map entry sends the traffic to the null interface instead of forwarding it, thus sparing the rest of the network the unwanted traffic.

HP9300(config)# route-map file-13 permit 6

HP9300(config-routemap file-13)# match ip address 6

HP9300(config-routemap file-13)# set interface null0

HP9300(config-routemap file-13)# exit

The following command enables PBR by globally applying the route map to all interfaces.

HP9300(config)# ip policy route-map file-13

Alternatively, you can enable the PBR on specific interfaces, as shown in the following example. The commands in this example configure IP addresses in the source sub-net identified in ACL 6, then apply route map file-13 to the interface.

HP9300(config)# interface ethernet 3/11

HP9300(config-if-3/11)# ip address 192.168.1.204/32

HP9300(config-if-3/11)# ip policy route-map file-13

3 - 29