In terms of network equipment maintenance, many maintenance documents now refer to the terms "routing policy" and "Policy Routing, however, many maintenance technicians do not have a thorough understanding of these two terms and cannot grasp the relationship and difference between them accurately. This article briefly analyzes the concepts between the two and introduces some examples. I hope you can get a deeper understanding from the examples.
I. Routing Policy
A routing policy is a route publishing and receiving policy. In fact, selecting a routing protocol is also a routing policy, because the same network structure, different routing protocols may generate different route tables because of different implementation mechanisms, different overhead calculation rules, and different priority definitions. These are the most basic. Generally, what we call a routing policy is that, based on the normal routing protocol, we change the route generation, release, and selection results based on a rule, by changing certain parameters, or by setting a certain control mode. Note that the result is the route table.) The rules are not changed, instead, these rules are applied.
The following are some examples.
Example of changing parameters: for example, vro A and vrob B have the same bandwidth and are running the OSPF routing protocol, but the stability of the two links is different, the company wants to set up AB1 as the main circuit. When the main circuit AB1) fails, the standby circuit AB2 is used. If the default setting is adopted, the two circuits are Server Load balancer, in this case, you can set the COST overhead of the AB1 and AB2 circuits respectively, and change the COST value of the AB1 circuit to a smaller value or set the COST value of the AB2 circuit to a greater value, OSPF generates two routes with different overhead and the COST overhead). The smaller the COST, the lower the routing COST. Therefore, the higher the priority, the router will use the AB1 circuit first. You can also set the BandWidth of the two circuits to be different without changing the COST value. The BandWidth of AB1 is larger than that of AB2. According to the OSPF route generation and discovery rules, AB1 overhead COST) will be lower than AB2, And the router will also use the AB1 circuit first.
An example of changing the control mode is to use a routing filter policy to perform some operations on a route that complies with a certain rule, for example, deny is deny and Permit is allowed ), the second is to adjust some routing parameters, such as the COST value, based on the allowable conditions. The common policy is ACLAcess Control List Access Control List), ip-prefix, AS-PATH, and route-policy. Most of the routing policies are used in combination with the BGP protocol. They are routing receiving and notification principles.
For example, if AS1 does not publish the 19.1.1.1/32 CIDR block to AS2, you can set the ACL list and set it on RTB (for example, a router in China ):
[RTB] acl number 1 match-order auto
[RTB-acl-basic-1] rule deny source 19.1.1.1 0
[RTB-acl-basic-1] rule permit source any
[RTB] bgp 1
[RTB-bgp] peer 2.2.2.2 as-number 2
[RTB-bgp] import-route ospf
[RTB-bgp] peer 2.2.2.2 filter-policy 1 export
If B publishes this route to C, but C does not want to accept this route, C can set:
[RTC] acl number 1 match-order auto
[RTC-acl-basic-1] rule deny source 19.1.1.1 0
[RTC-acl-basic-1] rule permit source any
[RTC] bgp 2
[RTC-bgp] peer 2.2.2.1 as-number 1
[RTC-bgp] peer 2.2.2.1 filter-policy 1 import
Here is an example of ip-prefix:
For example, if RTB does not publish a route entry 19.1.1.0/24 to RTC, you can set
[RTB] ip-prefix test index 10 deny 19.1.1.0 24
[RTB] ip-prefix test index 20 permit any
[RTB] bgp 1
[RTB-bgp] peer 2.2.2.2 as-number 2
[RTB-bgp] import-route ospf
[RTB-bgp] import-route direct
[RTB-bgp] peer 2.2.2.2 ip-prefix test export
Ip-prefix is precisely matched. To implement fuzzy match, you can use the following parameters: less-equal or greater-equal, for example, if the ip address-prefix test index 10 deny 19.1.1.0 24 less-equal 31 indicates that all entries from 19.1.1.0/24, 19.1.1.0/25, 19.1.1.0/26 to 19.1.1.0/31 match, otherwise, this indicates that only the route 19.1.1.0/24 for the target network is matched, and 19.1.1.0/25 does not meet this condition. For more information, see the command manual.
The preceding sections describe the operation and prohibition of routes. The following describes more flexible routing policy settings: if-match and apply match in route-policy, in this example, you can not only allow or disable certain routes, but also set their attributes for allowed routes.
RTB and RTC run the IBGP protocol, while RTA, RTB, and RTC run the EBGP protocol. Router_ID is sorted in ascending order by A, B, C, and D. Under normal circumstances, the communication between RTA and RTD will select RTB for transit, and the communication between RTD and RTA will also select RTB. By default, all parameters are the same, BGP selects a path with a smaller router_ID. Now we want to make the communication between RTD and RTA go through RTB, while the communication between RTA and RTD goes through RTC, that is, the RTB of the two routers is responsible for the egress communication between the vrouters in the autonomous region and the vrouters outside the region, while the RTC is dedicated for the communication between the vrouters outside the autonomous region and the vrouters in the region, we can use the as-path in route-policy to implement it, and do the following on RTB:
[Rtb] route-policy test permit node 10
[Rtb-route-policy] apply as-path 300 400 // Add a false path to increase the as-path
[Rtb-bgp] use the policy when peer 1.1.1.1 route-policy test export // publishes route information to RTA
In this way, when B releases A BGP Route to A, it increases the AS-Path value of the route and selects A shorter AS-Path route based on the BGP Route Selection rules, in this way, when RTA communicates with RTD, the RTC route with the short AS-Path is preferred, while the RTD still chooses RTB when selecting the RTA route, because for RTD, the parameters that affect the routing have not changed. You can also change the Med value. Here we use a routing policy for example.
This method is particularly flexible in setting multiple parameters in the apply statement, in addition to as-path, as well as setting the next hop for ip next hop), local-preference local exit priority), and cost overhead) origin, from igp, egp or incomplete), tag ).
Ii. Policy Routing
2.2.2.2/30
2.2.2.1/30
1.1.1.2/30
RTB
1.1.1.1/30
10.10.10.0/24
When a route table has been generated, a policy route is not forwarded according to the existing route table. Instead, a policy route is selected based on certain communication traffic.
PC2
PC1
Vswitch
RTA
There are two links for communication between RTA and RTB. The above circuit is active and the bandwidth is M. The circuit below is standby and the bandwidth is 10 m, at present, 10 m is basically idle, and most of the communication goes through the main use, PC110.10.10.10/24) is a particularly important customer. The information sent by him must be transmitted immediately. Based on this situation, we can separate the sending traffic using the following backup circuit method.
Rule-map intervlan permitpc1 ip 10.10.10.10 0.0.0.0 any
Flow-action next2 redirect ip 2.2.2.2
Eacl abc permitpc1 next2
Then, use the access-group eacl abc command on the port directly connected to 10.10.0/24 to issue the application.
This is a typical application of policy routing. This application selects the forwarding path based on the source address. It can also run different circuits separately based on protocol types such as UDP and TCP. applications such as some video applications require real-time transmission, you can use a single circuit to run the rstp stream), the packet size, or their combination to set forwarding conditions. In fact, acl rules are applied to data forwarding. The rules of rule-map are the same as those of ACL. Here we will not give more examples. All the technical staff familiar with ACL know this.
Here, the flow-action redirect is to set the next one. The flow-action can also perform QoS-related operations, such as queue matching for data packets using cos or car actions, perform operations according to the configured traffic model rules. For more information, see the command reference manual.
Iii. Connection and Difference
Contact:
Both parties select the path for packet forwarding, and change certain parameters or control methods according to certain rules to set different forwarding paths.
Differences:
A routing policy uses a policy to change the routing discovery result based on the rules that affect the route Publishing, receiving, or routing parameters. The route table content is eventually changed. It is used in route discovery.
A policy route exists in the current optimal route, but it is applicable to some special hosts, applications, and Protocols. Other forwarding paths are used independently instead of the forwarding paths in the current route table. When the data packet is forwarded, it does not change any content in the routing table.
The priority of a policy route is higher than that of a route policy. When the router receives and forwards data packets, it first matches the rule of the policy route, the forwarding is based on the route policy. Otherwise, the forwarding is based on the forwarding path in the route table.
In summary, a routing policy is a routing discovery rule, and a policy route is a packet forwarding rule. In fact, "Policy Routing" is understood as "forwarding policy", which makes it easier to understand and distinguish. Because the forwarding is at the bottom layer and the routing is at the top layer, the forwarding priority is higher than the routing priority, which is understandable. In fact, there are two types and layers of tables in the vro, one is the routing-table, and the other is the forwarding table ). The forwarding table is mapped from the route table. A policy route directly acts on the forwarding table, and a routing policy acts on the route table.
Iv. Advantages and Disadvantages
The network communication rule is to have a route before forwarding. The routing policy only works when a route is detected. After the route table is generated and stable, if the network does not change, the route table usually does not change. At this time, without an application, the routing policy does not occupy resources. Policy Routing acts upon forwarding. After a router initially generates a route table, the basic workload is on packet forwarding. If there is no policy routing, the router only needs to analyze the destination address of each data packet, the next hop can be determined by matching the route table. However, if there is a policy route, the policy route is always in the application state. If the policy route is particularly complex, the router should judge the source address, protocol, and application of the data packet according to the rules, so that it will always occupy a large amount of resources. Therefore, unless you have to, try to use the routing policy as much as possible, instead of using policy routing. This should be taken into consideration during network optimization. If the policy routing is particularly complex, you can simply break down the network to eliminate the Policy Routing as much as possible. Otherwise, the router will be heavily burdened.
Related Articles]
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
