Leading Cisco networking products distributor-3network.com

1. How to Configure PBR (Policy-Based Routing)?
PBR provides a method to forward packets by overriding the information available in the
IP routing table. By using PBR, customers can implement policies that selectively cause
packets to take different paths. Traditional IP routing forwards packets based only on the
destination IP address in the packet. PBR can be configured to forward packets based on
other criteria, such as source address, application and the length of the packet.
PBR provides advantages like Source-Based Transit Provider Selection when
multihomed to different providers. This provides cost savings by distributing interactive
traffic among low bandwidth, low cost paths and batch traffic over high bandwidth, high
cost paths. PBR can be used to implement QoS by classifying and marking packets with
IP precedence values in the Type of Service (ToS) field of the IP header. The routers in
the core can then implement queuing techniques to prioritize the already marked traffic.
PBR can also be used to route the packets over specific traffic engineered paths, which
provide the desired QoS through the network.
Configuration Overview:
PBR on Cisco router can configure using following steps:
Step1: Configure ACLs.
Permit statement in ACL is what will be matched. You don’t want to permit everything,by
default the implicit deny at the bottom of the ACL and just create an ACL that permits
what you going to take action on in the route-map.
Example:
Router(config)# access-list 101 permit ip any host 10.1.1.1(This ACL permits only traffic
with a destination IP of 10.1.1.1)
Step2: Configure route map instances.
Route maps are similar to Access Control Lists (ACLs), but have these enhanced
capabilities:
->Modifying certain fields in the packet.
->Forwarding packets in a specified manner.
->Filtering and modifying the attributes of a route.
Route maps can have a sequence of statements. Each entry in a route map statement
contains a combination of match and set commands. The route map statements also
have a permit or deny action. For PBR, the match command defines the criteria for
matching the packets based on the defined policy. The set command defines the action
to be taken on the matched packets. The action could either be modifying or forwarding
the packet, bypassing the normal routing based on the IP routing table. Packets that are
denied by a route map statement, or those that are not matched by any statement, are
forwarded normally based on the IP routing table.
1

2. Route map can configured by issuing the route-map map-tag [permit | deny] [sequence-
number] command in global configuration mode.
Example:
Router(config)# route-map 101traffic permit 10
Step3: Configure match commands.
PBR allows the user to match packets based on the length and characteristics of a
packet, using a standard or extended ACL.
To define the matching criteria based on the policy, issue these commands from route
map configuration mode:
match length minimum-length maximum-length
match ip address {access-list-number | access-list-name}
Step4: Configure set commands.
Define the action to be taken on the packets that match the criteria using set command.
For PBR, this can be done by one of these options:
->A list of interfaces through which the packets should be routed.
->A list of specified next-hop IP addresses to which the packets have to be routed.
->A list of default interfaces.
->A list of default next-hop IP addresses.
->IP precedence or ToS values in the packet.
Issue these commands in route map configuration mode:
->set interface interface-type interface-number
->set ip next-hop ip-address
->set default interface interface-type interface-number
->set ip default next-hop ip-address
->set ip precedence [number | name]
->set ip tos [number]
Step5: Configure PBR on the interface.
You need to apply this policy/route-map to the interface where the traffic is coming in.
Example:
Router(config)# interface Fast Ethernet 0/0
Router(config-if)#ip policy route-map reroute10traffic
Step6: (Optional) Configure local PBR.
Packets that are generated by the router are not normally policy routed. To enable PBR
for packets generated by the router, issue the
ip local policy route-map <Route map name> command.
Example:
Router(config)#ip local policy route-map 101traffic
2

3. Verification Command:
->To test the policy, issue show route-map command on router.You will able to determine
whether packets are being policy routed.
->To check policy,issue Show ip policy command.
Reference:
Configuring Policy-Based Routing:
Policy-Based Routing
Understanding Policy Routing
IPv6 Policy Based Routing (PBR)
Original Doc from: https://supportforums.cisco.com/docs/DOC-1634
3Anetwork.com is a world leading Cisco networking products wholesaler, we wholesale
original new Cisco networking equipments, including Cisco Catalyst switches, Cisco
routers, Cisco firewalls, Cisco wireless products, Cisco modules and interface cards
products at competitive price and ship to worldwide.
Our website: http://www.3anetwork.com
Telephone: +852-3069-7733
Email: info@3Anetwork.com
Address: 23/F Lucky Plaza, 315-321 Lockhart Road, Wanchai, Hongkong
3