PBR: Policy Based Routing (Cisco)

Technology: Routing

Area: PBR

Vendor: Cisco

Title: Policy Based Routing

Software: 12.X , 15.X, IP Services

Platform: Catalyst 3560, 3750, 3850, 4500, 6500, ISR/ASR Routers

Policy based routing (PBR routing) offers the possibility to forward traffic based on defined criteria without verifying the IP routing table. The constructed policy is applied to interface. Every packet coming on this interface is verified against the policy and only traffic conforming (matching) the rule is subject to policy route. The entire local origin kind of traffic and everything that policy doesn’t match is still routed according to routing table based on normal destination rules.

To configure a basic PBR routing policy which routes whole traffic directed to a single host “192.168.155.1” and forces the packet to go via defined next hop of 10.1.1.2 in agreement with predefine policy:

R1#configure terminal
R1(config)# ip access-list extended FROM_LAN
R1(config-ext-nacl)# permit ip 192.168.1.0 0.0.0.255 host 192.168.155.1

R1(config)# route-map PBR-grandmetric permit 10
R1(config-route-map)# match ip address FROM_LAN
R1(config-route-map)# set ip next-hop 10.1.1.2

R1(config)# interface FastEthernet0/0.13
R1(config-subif)# ip policy route-map PBR-grandmetric

To check if the policy is attached to specific interface: 

R1# show ip policy
Interface      Route map
Fa0/0.13       PBR-grandmetric

R1# show ip interface fastEthernet 0/0.13 | i Policy
Policy routing is enabled, using route map PBR-grandmetric
Input features: Policy Routing, MCI Check

Once the policy is applied we can check the route-map status to observe how many packets match configured patterns.

R1# show route-map PBR-grandmetric
route-map PBR-grandmetric, permit, sequence 10
Match clauses:
ip address (access-lists): FROM_LAN
Set clauses:
ip next-hop 10.1.1.2
Policy routing matches: 12 packets, 552 bytes