Today I am
going to talk about the concept of PBR- Policy Based Routing. Many of you
already knew the concept where we used the PBR. As it is asked by many of you
guys to write on the PBR, so we are going to talk about PBR ( so called Policy
Based routing ) in this article.
What is PBR- Policy Based Routing ?
PBR is an another
approach to routing protocols and permits you to design a policy for unicast
traffic flows, which delivers more power over routing than a routing protocol
does and evades the necessity to design interface-level traffic categorization.
PBR can route unicast traffic along a alternate path than a routing protocol
would use.
With the
help of PBR, you can get equal access, Protocol sensitive routing, source sensitive
routing, Routing based on interactive rather than batch traffic and routing
based on the dedicated links.
To make use
of PBR, you need to configure the PBR route maps which can permit or block
paths based on the identity of a particular end system, an application
protocol, or the size of packets or a combination of these values. It can also categorize
traffic based on extended access list criteria. You can set IP precedence bits
and provides route packets to specific paths.
Below is the topology showing the example of using PBR in the network. The IP address is used only for the demo purposes and has no relevance with any of the live network.
 |
Fig 1.1-PBR-Policy Based Routing
|
PBR operates
a route map to all incoming unicast traffic received on a PBR-enabled
interface. PBR cannot be useful for external traffic or to multicast traffic.
If the incoming
unicast traffic does not equivalent any route map statements, the route map
applies all the configured set clauses.
Routing
protocols forward traffic that equivalents a route-map block or deny statement
and traffic that does not match any route-map allow or permit statements.
Examples showing PBR configuration
Example 1: Equal Access Example:
This
example clarifies two sources with equal access to two dissimilar service
providers. Packets incoming on asynchronous interface 1 from the source
209.210.110.225 are sent to the router at 209.210.110.228 if the router has no
explicit route for the destination of the packet.
Packets incoming
from the source 209.210.110.226 are directed to the router at 209.210.110.229
if the router has no explicit route for the target of the packet. All other
packets for which the router has no explicit route to the destination are discarded.
!
access-list
1 permit 209.210.110.225
access-list
2 permit 209.210.110.226
!
interface
async 1
ip policy
route-map equal-access
!
route-map
equal-access permit 10
match ip
address 1
set ip
default next-hop 209.210.110.228
route-map
equal-access permit 20
match ip
address 2
set ip
default next-hop 209.210.110.229
route-map
equal-access permit 30
set default
interface null0
!
Example 2: Different next Hops:
This
example clarifies how to route traffic from different sources to different
places (next hops), and how to set the Precedence bit in the IP header. Packets
coming from source 209.210.110.225 are deliver to the next hop at
209.210.110.227 with the Precedence bit set to priority while packets coming
from source 209.210.110.226 are deliver to the next hop at 209.210.110.228 with
the Precedence bit set to critical.
!
access-list
1 permit 209.210.110.225
access-list
2 permit 209.210.110.226
!
interface
ethernet 1
ip policy
route-map Texas
!
route-map
Texas permit 10
match ip
address 1
set ip
precedence priority
set ip
next-hop 209.210.110.227
!
route-map
Texas permit 20
match ip
address 2
set ip
precedence critical
set ip
next-hop 209.210.110.228
!
Example 3: Recursive Next-Hop IP Address:
This
example clarifies the configuration of IP address 20.30.3.3 as the recursive
next-hop router:
!
route-map RouteXP
set ip
next-hop 20.10.1.1
set ip
next-hop 20.20.2.2
set ip
next-hop recursive 20.30.3.3
set ip
next-hop 20.40.4.4
!