Home / Cisco R&S / Introduction to PBR- Policy Based Routing

Introduction to PBR- Policy Based Routing

Today I am going to talk about the concept of PBR- Policy Based Routing. Many of you already knew the concept where we used the PBR. As it is asked by many of you guys to write on the PBR, so we are going to talk about PBR ( so called Policy Based routing ) in this article.

What is PBR- Policy Based Routing ?
PBR is an another approach to routing protocols and permits you to design a policy for unicast traffic flows, which delivers more power over routing than a routing protocol does and evades the necessity to design interface-level traffic categorization. PBR can route unicast traffic along a alternate path than a routing protocol would use.

With the help of PBR, you can get equal access, Protocol sensitive routing, source sensitive routing, Routing based on interactive rather than batch traffic and routing based on the dedicated links.

To make use of PBR, you need to configure the PBR route maps which can permit or block paths based on the identity of a particular end system, an application protocol, or the size of packets or a combination of these values. It can also categorize traffic based on extended access list criteria. You can set IP precedence bits and provides route packets to specific paths.

Below is the topology showing the example of using PBR in the network. The IP address is used only for the demo purposes and has no relevance with any of the live network.

Fig 1.1-PBR-Policy Based Routing
PBR operates a route map to all incoming unicast traffic received on a PBR-enabled interface. PBR cannot be useful for external traffic or to multicast traffic.
If the incoming unicast traffic does not equivalent any route map statements, the route map applies all the configured set clauses.

Routing protocols forward traffic that equivalents a route-map block or deny statement and traffic that does not match any route-map allow or permit statements.

Examples showing PBR configuration
Example 1: Equal Access Example:
This example clarifies two sources with equal access to two dissimilar service providers. Packets incoming on asynchronous interface 1 from the source 209.210.110.225 are sent to the router at 209.210.110.228 if the router has no explicit route for the destination of the packet.

Packets incoming from the source 209.210.110.226 are directed to the router at 209.210.110.229 if the router has no explicit route for the target of the packet. All other packets for which the router has no explicit route to the destination are discarded.

!
access-list 1 permit 209.210.110.225
access-list 2 permit 209.210.110.226
!
interface async 1
ip policy route-map equal-access
!
route-map equal-access permit 10
match ip address 1
set ip default next-hop 209.210.110.228
route-map equal-access permit 20
match ip address 2
set ip default next-hop 209.210.110.229
route-map equal-access permit 30
set default interface null0
!

Example 2: Different next Hops:
This example clarifies how to route traffic from different sources to different places (next hops), and how to set the Precedence bit in the IP header. Packets coming from source 209.210.110.225 are deliver to the next hop at 209.210.110.227 with the Precedence bit set to priority while packets coming from source 209.210.110.226 are deliver to the next hop at 209.210.110.228 with the Precedence bit set to critical.

!
access-list 1 permit 209.210.110.225
access-list 2 permit 209.210.110.226
!
interface ethernet 1
ip policy route-map Texas
!
route-map Texas permit 10
match ip address 1
set ip precedence priority
set ip next-hop 209.210.110.227
!
route-map Texas permit 20
match ip address 2
set ip precedence critical
set ip next-hop 209.210.110.228
!

Example 3: Recursive Next-Hop IP Address:
This example clarifies the configuration of IP address 20.30.3.3 as the recursive next-hop router:

!
route-map RouteXP
set ip next-hop 20.10.1.1
set ip next-hop 20.20.2.2
set ip next-hop recursive 20.30.3.3
set ip next-hop 20.40.4.4
!