Policy-Based Routing Concept
- Normal routing process for ip packet is only care about DESTINATION!!
- PBR overrides the routers natural destination-based forwarding logic
- PBR intercept the packet before regular/normal routing
PBR feature is tied to use of route-map
Define match criteria for PBR packets
Define forwarding action for those packets
Packet forward in route-map define as -> config ‘set interface/set ip ’
->Outgoing interface (should be point to point) for ex; HDLC,PPP
->IP-NextHop, if non point to point -> broadcast network
PBR Configuration Steps;
- Configure ACL for matching src IP, dst IP, or both
- Configure Route-Map
- Match ACLs in route-map
- Apply set parameter for forwarding action
- Apply PBR to incoming interface -> ip policy route-map name
Route-map -> Packet can be match using two criteria
Match ip -> standard & extended ACLs
Match length -> allow specification of a range of length in bytes -> for ex ;IP telephony packet
- In route-map -> set ip ‘default’ next-hop-ip-address / set ‘default’ interface interface-type interface-number -> try normally route packet in routing table first, if failed go to PBR
- If you want to process packet locally generated by router, use command -> ip local policy route-map name (global command)
Configuration
(config)# access-list 101 permit ip host 4.4.4.4 host 20.20.20.2
(config)#route-map PBR permit 10
(config-route-map)#match ip address 1
(config-route-map)#set interface serial3/0 -> out interface (because p2p, can use interface)
(config)#int s3/1 -> in interface
(config-if)# ip policy route-map PBR
Verify :
- show ip policy
- show route-map
- traceroute
- debug ip policy
Source : INE - CCNP R&S v2 (2015)