2811 PBR Int Null0 Problem

Answered Question
Mar 3rd, 2010
User Badges:

Hi,

c2800nm-advipservicesk9-mz.124-18b.bin on a 2811 doesn't allow me to set Interface Null0 in a route-map to bin packets when PBR next hops are not avaliable. It says I have to use P2P interfaces for the "set interface".

Does ayone know a workaround that doesn't involve an IOS upgrade as the router is 5 hours away and I can't risk it not coming back after the reload


Regards

Chris

Correct Answer by Jon Marshall about 7 years 2 months ago

Chris


This works on my router without any warnings but it may not on yours -


ip route 1.1.1.1 255.255.255.255 null0


route-map PBR permit 10

match ip address 101

set ip next-hop 1.1.1.1


if that doesn't work then the only thing i can think of is to set a next-hop of another router that will not have a route to the destination network and doesn't have a default-route so it just drops the packets. Not ideal i know


Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Jon Marshall Wed, 03/03/2010 - 02:41
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Chris


Just a quick check. Is it a warning or will it just not accept the command. On my router (3745) running 12.4 it warns about it but still allows you to use it.


Jon

Correct Answer
Jon Marshall Wed, 03/03/2010 - 03:16
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Chris


This works on my router without any warnings but it may not on yours -


ip route 1.1.1.1 255.255.255.255 null0


route-map PBR permit 10

match ip address 101

set ip next-hop 1.1.1.1


if that doesn't work then the only thing i can think of is to set a next-hop of another router that will not have a route to the destination network and doesn't have a default-route so it just drops the packets. Not ideal i know


Jon

chrisayres Wed, 03/03/2010 - 03:35
User Badges:

Jon

Thanks, I am currently using a P2P int that as an ACL blocking the traffic but I think your sloution is better for others looking at the config later.

Actions

This Discussion