CCIE RS – Routing Concepts – Implement, optimize and troubleshoot policy‐based routing

Implement, Optimize and Troubleshoot Policy-Based Routing

Policy based routing is being able to manipulate the path of traffic from what is being directed from the RIB.

Typically this is implemented using route maps and match a source of traffic and changing the destination path.

All packets received on an interface with PBR enabled are passed through enhanced packet filters known as route maps. The route maps used by PBR dictate the policy, determining to where the packets are forwarded.

  • Route maps are composed of statements. The route map statements can be marked as permit or deny, and they are interpreted in the following ways
  • If the packets do not match any route map statements, then all the set clauses are applied.
  • If a statement is marked as deny, the packets meeting the match criteria are sent back through the normal forwarding channels and destination-based routing is performed.
  • If the statement is marked as permit and the packets do not match any route map statements, the packets are sent back through the normal forwarding channels and destination-based routing is performed.

For traffic originated outside of the router

interface GigabitEthernet0/1
 ip policy route-map PBR

!
route-map PBR permit 10
 match ip address prefix-list LOOPBACK
 set ip next-hop 2.2.2.2
!

For traffic originated from the router

ip local policy route-map LOCAL_PBR

https://www.cisco.com/c/en/us/td/docs/ios/12_2/qos/configuration/guide/fqos_c/qcfpbr.html

https://www.cisco.com/c/en/us/td/docs/ios/12_2/qos/configuration/guide/fqos_c/qcfclass.html#wpxref35843


Identify and troubleshoot sub-optimal routing

Sub-optimal routing can occur when using PBR as it may be asymetric due to not capturing traffic in both directions. Asymetric routing is when traffic goes out one interface and is recieved back on a different interface. This may not cause a problem in normal cases, but if a firewall which requires state information, this will cause traffic to be dropped.

You can identify this by checking the routing table, cef table and using traceroute to follow the traffic path.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.