40-2
Software Configuration Guide—Release IOS XE 3.6.0E and IOS 15.2(2)E
OL_28731-01
Chapter 40 Configuring Policy-Based Routing
About Policy-Based Routing
PBR allows you to perform the following tasks:
• Classify traffic based on extended access list criteria. Access lists, and then establish the match
criteria.
• Route packets to specific traffic-engineered paths.
Policies can be based on IP address, port numbers, or protocols. For a simple policy, use any one of these
descriptors; for a complicated policy, all of them.
About PBR
All packets received on an interface with PBR enabled (except those sent directly to the switch IP) are
handled by enhanced packet filters known as route maps. The route maps used by PBR dictate the policy,
determining to where the packets are forwarded.
Route maps are composed of statements, which can be marked as permit or deny. They are interpreted
in the following ways:
• If a statement is marked as deny, the packets meeting the match criteria are sent back using the
normal forwarding channels and destination-based routing is performed.
• If the statement is marked as permit and a packet matches the access-lists, then the first valid set
clause is applied to that packet.
This is explained in more detail in the section Understanding Route-Maps, page 40-2.
You specify PBR on the incoming interface (the interface on which packets are received), not outgoing
interface.
Understanding Route-Maps
PBR is implemented by applying a route-map on an incoming interface. A given interface can have only
one route-map configured.
A route-map is configured at the global configuration parser mode. You can then apply this route-map
on one or more interfaces (in the interface configuration parser sub-mode).
A route-map is comprised of one or more route-map statements. Each statement has a sequence number,
as well as a permit or deny clause.
Each route-map statement contains match and set commands. The match command denotes the match
criteria to be applied on the packet data. The set command denote the PBR action to be taken on the
packet.
The following example shows a single route-map called rm-test and six route-map statements:
route-map rm-test permit 21
match ip address 101
set ip next-hop 21.1.1.1
!
route-map rm-test permit 22
match ip address 102
set ip next-hop 22.2.2.1
!
route-map rm-test permit 23
match ip address 101 2102
set interface vlan23
!
route-map rm-test deny 24
match ip address 104
To Next Page
Loading...
Need help?
General
