Topology I use for this lab is simple..
All network segments are /24 subnets.. IP addresses are specified as following.
Ex:- R2-R4 Link
R2's IP = 10.1.24.2
R4's IP = 10.1.24.4
R4's IP = 10.1.24.4
this format will continue for every link..
R5 has a Loopback interface with an IP of 192.168.5.1/24 which represents a connected subnet.
All the routers are EIGRP enabled & currently R2 routes to 192.168.5.0/24 network through R2-R5 link.
Let's assume that the traffic flow requirement is like the following..
(1) Primary path for the traffic from R1 to 192.168.5.0/24 must go through R3
(2) If the primary path fails, the traffic should route through R2-R5 link.
(3) All other traffic should route through R4.
Policy based routing should be configured in R2 because it is the point where the traffic can select different paths. This has 3 steps..
STEP-01: Capture the Traffic
Most preferred way to capture a traffic is to use an ACL
R2(config)#ip access-list extended 101
R2(config-ext-nacl)#permit ip any 192.168.5.0 0.0.0.255
STEP-02: Create a Route Map
Route Map is the core of the PBR. It's like the "If & Else" statements in programming. Here we have "Match & Set". The route-map for this requirement will be like the following..
Create a Route Map named "PBR" to permit set operations with a sequence number 10. Sequence number is just to identify the order in which the map should be read by the router.
R2(config)#route-map PBR permit 10
Configure the sequence 10 of the Route Map to match the ACL 101 and set the next-hop to 10.1.23.3 & 10.1.25.5 in order..
R2(config-route-map)#match ip address 101
R2(config-route-map)#set ip next-hop 10.1.23.3 10.1.25.5
Create the sequence 20 of the Route Map "PBR" to match any other traffic which has not captured by the sequence 10 to route to the next hop. Don't use a match statement here as it should match all the traffic. Because the sequence number is higher than the sequence number of the 1st statement, this will be applied to all the traffic which has filtered by the sequence 10.
If we don't use this statement, it will route the traffic which has filtered by the sequence 10 by using the regular routing table
R2(config)#route-map PBR permit 20
R2(config-route-map)#set ip next-hop 10.1.24.4
Let's see the full map we have configured..
STEP-03: Apply the Policy
The best place to apply a Policy is the incoming interface. In this case you will apply it in the e0/3 interface using the following command.
R2(config)#int e0/3
R2(config-if)#ip policy route-map PBR
Now let's hit a traceroute from R1 to 192.168.5.1 and see the path..
It goes through R3..
Now let's see what happens when the e0/0 interface of R2 is down. I manually shut the interface and hit a traceroute from R1.
It goes through R2-R5 link..
Now let's see how the other traffic destined to the ip addresses of R5 be routed..
It goes through R4 link..
Now we can see that the policy is working as intended.
But if you see the routing table of R2, you cannot see a difference.. Routing table is overwritten..
This example shows the most common type of policy based routing which is used for the traffic which goes through router R2. This is not working for the traffic which is originated from R2. If you want to apply a policy for the traffic which is originated from R2, you must apply it in the global configuration mode using the following command.
R2(config)#ip local policy route-map PBR
In route maps; if you use use 2 or more parameters in line in a match statement, it will trigger logical 'OR' operator and if you use 2 or more parameters line after line in match statements, it will trigger logical 'AND' operator in programming.
Ex:- 'OR' - Either ACL 101 or ACL 102 must match to trigger the set operator
R(config)#route-map PBR permit 10
R(config-route-map)#match ip address 101 102
R(config-route-map)#set ip next-hop 10.1.1.1
Ex:-'AND' - ACL 101 & Interface e0/1 must match to trigger the set operator
R(config)#route-map PBR permit 10
R(config-route-map)#match ip address 101
R(config-route-map)#match interface e0/0
R(config-route-map)#set ip next-hop 10.1.1.1
In route maps; if you use use 2 or more parameters in line in a match statement, it will trigger logical 'OR' operator and if you use 2 or more parameters line after line in match statements, it will trigger logical 'AND' operator in programming.
Ex:- 'OR' - Either ACL 101 or ACL 102 must match to trigger the set operator
R(config)#route-map PBR permit 10
R(config-route-map)#match ip address 101 102
R(config-route-map)#set ip next-hop 10.1.1.1
Ex:-'AND' - ACL 101 & Interface e0/1 must match to trigger the set operator
R(config)#route-map PBR permit 10
R(config-route-map)#match ip address 101
R(config-route-map)#match interface e0/0
R(config-route-map)#set ip next-hop 10.1.1.1
You cannot do 'AND' operator with same kind of command in the above manner. It will fall to 'OR' always..
Ex:-
R(config)#route-map PBR permit 10
R(config-route-map)#match ip address 101
R(config-route-map)#match ip address 102
will result;
This is true for set commands too.
There are a lot of parameters which can be configured with match & set statements of route maps.
You can see them below.
R(config)#route-map PBR permit 10
R(config-route-map)#match ip address 101
R(config-route-map)#match ip address 102
will result;
There are a lot of parameters which can be configured with match & set statements of route maps.
You can see them below.
No comments:
Post a Comment