Cisco CCNP ROUTE Requirements for PBR
PBR is implemented by using the route maps, for which match commands are used to match the traffic and set commands are used to set desired action to control path selection. On the slide above, a configuration is required to match packets that are going to the destination network 1.1.1.0 and forward them to the next-hop address 2.2.2.2 to avoid suboptimal routing. At the same time, packets between 3 and 150 bytes in size must be matched and forwarded to the FastEthernet 0/1 interface. Route map are applied to the incoming interfaces. Finally, the configuration must be verified.
Cisco CCNP ROUTE Steps to Configure and Verify PBR
PBR utilizes match and set commands to managed path control. PBR utilizes route maps which are applied to incoming interfaces.
Cisco CCNP ROUTE Matching the Traffic
The route-map command is used to enable policy routing on the router. It supports match and set commands that are required. IP standard or extended ACLs are used to establish the PBR match criteria using the match ip address command. The match ip address 20 command in the example matches traffic that is based on standard IP ACL 20.
The match length command matches packets that are based on packet length, and can be configured with a minimum and maximum value. For example, the match length command can be used to distinguish between interactive traffic and file transfer (bulk) traffic, because file transfer traffic typically has larger packet sizes. The match length 3 150 command matches packets between 3 and 150 bytes long.
Cisco CCNP ROUTE Policy Routing set Commands
The set ip next-hop command is used to define the next hop ip address. Similarly, the set interface
Cisco CCNP ROUTE Policy Routing set Commands (Cont.)
The set ip default next-hop and set default interface
Cisco CCNP ROUTE Applying Route Maps for PBR
The ip policy route-map interface configuration command is used to define a route map used for PBR. In the example on the above slide, the ip policy route-map PBRmap command applies the route map named “PBRmap” to the incoming traffic on the interface. The ip local policy route-map PBRmap command is used to apply the PBR to the incoming interface.
Cisco CCNP ROUTE Enabling Fast-Switched PBR or PBR Switched by Cisco Express Forwarding
PBR can be fast switched as of IOS released 12.0. Fast switching of PBR supports all match commands and most of the set commands except for the following:
- • set ip default next-hop
- • set interface
Cisco CCNP ROUTE Verifying PBR
Use the show ip policy command to display route maps that are used for PBR on the interfaces of the router.
Use the show route-map command to display configured route maps.
Cisco CCNP ROUTE Verifying PBR
Use the debug ip policy command to display IP PBR packet activity. The command shows the activities that PBR is performing. It also displays information that indicates whether a packet matches the criteria. If the criteria match, the resulting routing information for the packet is displayed as well.
The traceroute command is used to discover the routes a packet follows when traveling to their destination from the router. Entering the traceroute command with no parameters invokes an extended traceroute test where you will be guided through a dialog to select the required parameters.
The ping command is used to check host reachability and network connectivity. You can use the extended command mode of the ping command by not entering any parameters. You will be guided through a dialog to enter required parameters.
Cisco CCNP ROUTE Example: PBR Equal Access
The slide above depicts a common scenario where an organization is attached to more than one ISP and must build a traffic policy using PBR.
In the example, PBR is sit such that all traffic sourced from 1.1.1.0 is forwarded to ISP-1 and all traffic sourced from 1.2.2.0 is forwarded to ISP-2.
Cisco CCNP ROUTE Example: PBR Equal Access
Example config to match equal access based on the figure on the previous slide.
Cisco CCNP ROUTE Verifying PBR: Examples
The show ip policy and show route-map commands a common commands utilized to verify PBR functionality.
Cisco CCNP ROUTE Verifying PBR: Examples (Cont.)
The debug ip policy command can be used to troubleshoot PBR and determine exactly what is going on. The show logging command allows viewing of buffered log output. If you are remotely accessing the router, the terminal monitor command is needed in order to view debug output in real-time.
Cisco CCNP ROUTE Key Knowledge
Key knowledge needed when implementing Policy Based Routing (PBR).