Policy Based Routing

General information on “Policy Based Routing”:

• By default, routing is a destination-based logic
• With policy-based routing, the default behavior of a router can be influenced/changed
• Policy-based routing is done using route maps
• It examines the traffic after de-encapsulation and then decides, based on matching prefix/length, how to route it
• The outgoing interface or the next-hop address can be changed dynamically
• The PBR rule needs to be applied on the incoming interface of the interesting traffic
• Without the match keyword, everything(!) will be matched
• The verify-availability command can be used to check the up-state of a next-hop address
• The verification is either done via CDP or via object tracking using the additional keyword track and a configured tracking object
• If the interface is up, the policy will be used, if it is down, the policy will be rejected and normal routing will be used
• Important: With the default keyword normal routing is tried first and if it doesn’t work, then PBR is used!

“Policy Based Routing” CLI configuration commands:

## Configuring an ACL to match traffic
Router(config)# ip access-list [standard | extended] [word | number]

## Configuring a route map to modify the routing behavior
Router(config)# route-map <name>
Router(config-route-map)# match ip address [ACL]

Router(config-route-map)# set ip next-hop <ip>
Router(config-route-map)# set interface <if>

Router(config-route-map)# set default default next-hop <ip>
Router(config-route-map)# set default interface <if>

## Configuring policy based routing on an interface
Router(config)# interface <if>
Router(config-if)# ip policy route-map [ROUTE-MAP-NAME]

“Policy Based Routing” CLI show commands:

## Showing configured route-maps in detail
Router# show route-map

## Showing interfaces which use policy based routing
Router# show ip policy