Implement, Optimize and Troubleshoot Policy-Based Routing
Policy based routing is being able to manipulate the path of traffic from what is being directed from the RIB.
Typically this is implemented using route maps and match a source of traffic and changing the destination path.
All packets received on an interface with PBR enabled are passed through enhanced packet filters known as route maps. The route maps used by PBR dictate the policy, determining to where the packets are forwarded.
- Route maps are composed of statements. The route map statements can be marked as permit or deny, and they are interpreted in the following ways
- If the packets do not match any route map statements, then all the set clauses are applied.
- If a statement is marked as deny, the packets meeting the match criteria are sent back through the normal forwarding channels and destination-based routing is performed.
- If the statement is marked as permit and the packets do not match any route map statements, the packets are sent back through the normal forwarding channels and destination-based routing is performed.
For traffic originated outside of the router
interface GigabitEthernet0/1 ip policy route-map PBR ! route-map PBR permit 10 match ip address prefix-list LOOPBACK set ip next-hop 220.127.116.11 !
For traffic originated from the router
ip local policy route-map LOCAL_PBR
Identify and troubleshoot sub-optimal routing
Sub-optimal routing can occur when using PBR as it may be asymetric due to not capturing traffic in both directions. Asymetric routing is when traffic goes out one interface and is recieved back on a different interface. This may not cause a problem in normal cases, but if a firewall which requires state information, this will cause traffic to be dropped.
You can identify this by checking the routing table, cef table and using traceroute to follow the traffic path.