Introduction to PBR Policy Routing

Pbr Policy Routing is widely used and has many problems. We may not be particularly familiar with the use of policy routing, here we will mainly explain the detailed rules for using pbr-based routing and the areas that need special attention. Layer-3 devices generally forward data packets based on the destination network address of the data packet.) What are the characteristics of pbr Policy Routing?

1. Data packets can be forwarded not only based on the destination address, but also based on the source address, data application, and data packet length. This makes forwarding data packets more flexible.

2. QoS service. Using route-map and pbr-based routing, you can modify the relevant QoS items based on the characteristics of the data packets to serve QoS.

3. load balancing. Use pbr policies to route data packets, such as the next hop and next interface. In this way, different links can be used based on the application of data packets when multiple links exist, this provides efficient load balancing capabilities.

Pbr-based routing only affects local behavior, which may cause traffic in the form of asymmetric routing. For example, if A unit has two uplinks, A and B, and the unit wants to share all HTTP traffic to link A and FTP traffic to link B, there is no problem, however, on its upstream devices, the downstream HTTP traffic cannot be shared to the link, and the FTP traffic is shared to the B link. Pbr Policy Routing is generally used for inbound interface data packets, but pbr policy routing can also be performed for locally sent data packets when related configurations are enabled.

Start configuring route-map. Use route-map-tag [permitdeny] [sequence-number] to enter the configuration mode of route-map. Use the match statement to define the traffic you are interested in. If not, all traffic is used. Match length min max and/or match ip address {access-list-number name} [... access-list-number name] use the set command to set packet behavior.

Set ip precedence [numbername]
Set ip next-hop ip-address [... ip-address]
Set interface-type interface-number [... type number]
Set ip default next-hop ip-address [... ip-address]
Set default interface-type interface-number [... type... number]

Note the differences between the set ip next-hop, set ip default next-hop, set interface, and set default interface statements, excluding the default statement, if the route table is not queried, data packets are forwarded to the next-hop IP address or interface. If the default statement is used, the route table is queried first. If the exact matching pbr policy route entry is not found, to the next hop IP address or interface specified by the default statement. Before Cisco IOS Release 12.0, pbr-based routing can only forward data packets through "process forwarding", so the data packet forwarding efficiency is very low. on different platforms, there are basically 1000 to 10,000 packets per second. With the emergence of cache forwarding technology, Cisco has implemented Fast-Switched PBR, greatly improving the data packet forwarding speed. When this function is enabled, the ip route-cache policy command is used in the interface.

If no interface-related item is specified in set in route-cache, the set interface command can be Fast-switched PBR only when point-to-point is used. In addition, during "process forwarding", the system first queries the route entry to check whether the interface is a reasonable path. During fast switching, the system does not check this.