Product Documentation

Using NULL Policy Based Routes to Drop Outgoing Packets

Sep 01, 2016

Some situations might demand that the NetScaler appliance drops specific outgoing packets instead of routing them, for example, in testing cases and during deployment migration.

NULL policy based routes can be used to drop specific outgoing packets. A NULL PBR is a type of PBR that has the nexthop parameter set to NULL. The NetScaler appliance drops outgoing packets that match a NULL PBR.

Configuring NULL PBRs for IPv4 Packets

To create a NULL PBR by using the NetScaler command line

At the command prompt, type:

  • add ns pbr <name> ALLOW [-td <positive_integer>] [-srcIP

 [<operator>] <srcIPVal>] [-srcPort [<operator>] <srcPortVal>] [-destIP

 [<operator>] <destIPVal>] [-destPort [<operator>] <destPortVal>]

 (-nextHop NULL)

 [-srcMac <mac_addr> [-srcMacMask <string>]] [-protocol

<protocol> | -protocolNumber <positive_integer>] [-vlan

<positive_integer> | -vxlan <positive_integer>] [-interface

<interface_name>] [-priority <positive_integer>] [-msr ( ENABLED |

DISABLED ) [-monitor <string>]] [-state ( ENABLED | DISABLED )]

 [-ownerGroup <string>]

  • apply ns pbrs
  • show ns pbr <id>

To configure a NULL PBR by using the NetScaler GUI

Navigate to System > Network > PBRs, on the PBRs tab, add a new NULL PBR, or edit an existing NULL PBR.


In the following sample configuration, NULL PBR6 PBR6-NULL-EXAMPLE-1 is configured for dropping any outgoing IPv6 packets from interface 1/5.

Example 복사

> add ns pbr PBR6-NULL-EXAMPLE-1 ALLOW –nextHop NULL -interface 1/5

> apply ns pbr6