40-5
Software Configuration Guide—Release IOS XE 3.6.0E and IOS 15.2(2)E
OL_28731-01
Chapter 40 Configuring Policy-Based Routing
About Policy-Based Routing
–
PBR is switched through next-hop 21.1.1.1.
Note ACL 101 is also matched in sequence #23, but the processing doesn't reach that point
• TCP packet from 61.1.1.1 to 133.3.3.1 with destination port 102
–
In sequence #21, the ACL 101 action denies this packet (because all ACLs have an implicit
deny). Processing advances to sequence #22.
–
In sequence #22, ACL 102 matches TCP port 102, but the ACL action is deny. Processing
advances to sequence #23.
–
In sequence #23, ACL 2102 matches TCP port 102, and the ACL action is permit.
–
Packet is switched to output interface VLAN 23.
• TCP packet from 61.1.1.1 to 133.3.3.1 with destination port 105
–
Processing moves from sequence #21 to #24, because all ACLs in these sequence numbers have
a deny action for port 105.
–
In sequence #25, ACL 105 has a permit action for TCP port 105.
–
The route-map deny takes effect, and the packet is routed using the default IP routing table.
The Catalyst 4500 series switch supports matching route-map actions with a packet by installing entries
in the TCAM that match the set of packets described by the ACLs in the match criteria of the route map.
These TCAM entries point at adjacencies that either perform the necessary output actions or forward the
packet to software if either hardware does not support the action or its resources are exhausted.
If the route-map specifies a set interface … action, packets that match the match statement are routed
in software. Similarly, if the route-map specifies a set default interface… action and there is no
matching IP route for the packet, the packet is routed in software.
Note The scale of hardware-based PBR is determined by TCAM size and the time required for the CPU to
flatten the ACL before programming into hardware. The latter will noticeably increase if a PBR policy
requires a considerable number of class-maps. For example, a PBR policy of 1,200 class-maps may
require 60-90 minutes of "flatten" time before programming into hardware. This process may repeat if
an adjacency change requires PBR reprogramming.
Using Policy-Based Routing
You can enable PBR to change the routing path of certain packets from the default path that would be
chosen by IP routing. For example, you can use PBR to provide the following functionality:
• Equal access
• Protocol-sensitive routing
• Source-sensitive routing
• Routing based on interactive versus batch traffic
• Routing based on dedicated links
Some applications or traffic can benefit from source-specific routing; for example, you can transfer stock
records to a corporate office on a higher-bandwidth, higher-cost link for a short time while sending
routine application data, such as e-mail, over a lower-bandwidth, lower-cost link.
To Next Page
Loading...
Need help?
General
