PBR actions

PBR can alter a packet path through the following PBR actions:
  • interface null: equivalent to the policy drop policing action. Any packets matching the class criteria for that policy entry will be dropped and not routed any further.

  • interface tunnel: allows for specifying a GRE or 6in4 tunnel as the outbound interface for all matching packets. The tunnel must exist before configuring. Packets sent into the tunnel interface egress at the router at the endpoint of the tunnel. If the tunnel is misconfigured or down the traffic may be lost.

  • nexthop: allows for overriding the routing table's longest prefix match next-hop router for matching packets. If no such routing table entry exists for matching packets, (default or not) this action still affects matching packets.

  • default-nexthop: allows for specifying a next-hop router for matching packets when there is no longest prefix match for those packets in the routing table. Such a default-nexthop overrides a system default route if already configured and also applies if there is no system default route.

NOTE:
  • Next-hop and default-nexthop facilitate routing matching packets where they otherwise might not be, due to the absence of routing table entries.

  • Unlike next-hop, default-nexthop only applies if there is no destination lookup match in the main routing table for matching packets.