Saturday, 24 November 2018

Policy Based Routing (PBR)


Policy based routing is use to path manipulation. It is used for implementing policy that causes the packet to take a different direction. Policy based routing allows source based routing. Routing table is destination base.


In short: PBR is a technique used to make routing decisions based on policies implemented by the network administrator.

Here’s the list of some Advantages of policy based routing:-
  • Different users can reach the destination from different direction
  • Load sharing
  • PBR will be implemented on the incoming direction of the source in interface
  • If the packet is match in the route map and it is permit it will be send according to the policy
  • If the packet is match in the route map and route map deny packet will be forwarded according to normal routing table



Lets configure policy based routing.

 Topology:-

 Goal:-
  • configure the topology as per our diagram
  • configure EIGRP 100 all the routers, advertise all the interfaces as per the topology make sure the rechibility between all the routers.
  • configure the bandwidth on serial 3/3 to 1000kbps and serial 3/0 remain the default bandwidth 1544 kbps.
  • configure Policy Based Routing  on router 2 according to our given conditions 
  1. traffic sourced from 13.0.0.0/24, 13.0.1.0/24  should be forwarded on serial 3/0 interface
  2. traffic sourced from 13.0.2.0/24, 13.0.3.0/24 should be forwarded on serial 3/3 interface
  3. all the remaining traffic should use the default routing path 

R1(config)#router eigrp 100

R1(config-router)#network 11.0.0.0
R1(config-router)#network 1.0.0.0
R1(config-router)#network 3.0.0.0
R1(config-router)#network 10.0.0.0

R1(config-router)#no auto-summary
R1(config-router)#end


R2(config)#router eigrp 100

R2(config-router)#network 1.0.0.0
R2(config-router)#network 3.0.0.0
R2(config-router)#network 3.0.0.0
R2(config-router)#network 20.0.0.0
R2(config-router)#no auto-summary


R3(config)#router eigrp 100
R3(config-router)#network 20.0.0.0
R3(config-router)#network 20.0.0.0
R3(config-router)#network 13.0.0.0
R3(config-router)#no auto-summary
R3(config-router)#end

R2#show ip eigrp 100 neighbors
EIGRP-IPv4 Neighbors for AS(100)
H   Address                 Interface              Hold Uptime   SRTT   RTO  Q  Seq
                                                   (sec)         (ms)       Cnt Num
2   20.1.1.3                Fa0/0                    13 00:06:27   16   100  0  4
1   3.1.1.1                 Se3/3                    11 00:07:02   16   100  0  8
0   1.1.1.1                 Se3/0                    13 00:07:05  669  4014  0  7

R2#show ip route eigrp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

D     10.0.0.0/8 [90/2172416] via 3.1.1.1, 00:10:32, Serial3/3
                 [90/2172416] via 1.1.1.1, 00:10:32, Serial3/0
      11.0.0.0/24 is subnetted, 4 subnets
D        11.0.0.0 [90/2297856] via 3.1.1.1, 00:10:32, Serial3/3
                  [90/2297856] via 1.1.1.1, 00:10:32, Serial3/0
D        11.0.1.0 [90/2297856] via 3.1.1.1, 00:10:32, Serial3/3
                  [90/2297856] via 1.1.1.1, 00:10:32, Serial3/0
D        11.0.2.0 [90/2297856] via 3.1.1.1, 00:10:32, Serial3/3
                  [90/2297856] via 1.1.1.1, 00:10:32, Serial3/0
D        11.0.3.0 [90/2297856] via 3.1.1.1, 00:10:32, Serial3/3
                  [90/2297856] via 1.1.1.1, 00:10:32, Serial3/0
      13.0.0.0/24 is subnetted, 4 subnets
D        13.0.0.0 [90/156160] via 20.1.1.3, 00:09:48, FastEthernet0/0
D        13.0.1.0 [90/156160] via 20.1.1.3, 00:09:48, FastEthernet0/0
D        13.0.2.0 [90/156160] via 20.1.1.3, 00:09:48, FastEthernet0/0
D        13.0.3.0 [90/156160] via 20.1.1.3, 00:09:48, FastEthernet0/0

R2(config)#int serial 3/3
R2(config-if)#bandwidth 1000
R2(config-if)#exit

R2#show ip route eigrp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

D     10.0.0.0/8 [90/2172416] via 1.1.1.1, 00:00:48, Serial3/0
      11.0.0.0/24 is subnetted, 4 subnets
D        11.0.0.0 [90/2297856] via 1.1.1.1, 00:00:48, Serial3/0
D        11.0.1.0 [90/2297856] via 1.1.1.1, 00:00:48, Serial3/0
D        11.0.2.0 [90/2297856] via 1.1.1.1, 00:00:48, Serial3/0
D        11.0.3.0 [90/2297856] via 1.1.1.1, 00:00:48, Serial3/0
      13.0.0.0/24 is subnetted, 4 subnets
D        13.0.0.0 [90/156160] via 20.1.1.3, 00:12:19, FastEthernet0/0
D        13.0.1.0 [90/156160] via 20.1.1.3, 00:12:19, FastEthernet0/0
D        13.0.2.0 [90/156160] via 20.1.1.3, 00:12:19, FastEthernet0/0
D        13.0.3.0 [90/156160] via 20.1.1.3, 00:12:19, FastEthernet0/0

R2(config)#access-list 10 per
R2(config)#access-list 10 permit 13.0.0.0 0.0.0.255
R2(config)#access-list 10 permit 13.0.1.0 0.0.0.255
R2(config)#access-list 12 permit 13.0.2.0 0.0.0.255
R2(config)#access-list 12 permit 13.0.3.0 0.0.0.255


R2(config)#route-map PBR permit 10
R2(config-route-map)#match ip address 10
R2(config-route-map)#set ip next-hop 1.1.1.1
R2(config-route-map)#exit

R2(config)#route-map PBR permit 12
R2(config-route-map)#match ip address 12
R2(config-route-map)#set ip next-hop 3.1.1.1
R2(config-route-map)#exit

R2(config)#interface fastEthernet 0/0
R2(config-if)#ip policy route-map PBR
R2(config-if)#exit

R3#traceroute 11.0.0.1 source 13.0.0.1
Type escape sequence to abort.
Tracing the route to 11.0.0.1
VRF info: (vrf in name/id, vrf out name/id)
  1 20.1.1.1 16 msec 20 msec 20 msec
  2 1.1.1.1 88 msec 28 msec 32 msec

R3#traceroute 11.0.0.1 source 13.0.1.1
Type escape sequence to abort.
Tracing the route to 11.0.0.1
VRF info: (vrf in name/id, vrf out name/id)
  1 20.1.1.1 16 msec 16 msec 24 msec
  2 1.1.1.1 40 msec 32 msec 20 msec

R3#traceroute 11.0.0.1 source 13.0.2.1
Type escape sequence to abort.
Tracing the route to 11.0.0.1
VRF info: (vrf in name/id, vrf out name/id)
  1 20.1.1.1 16 msec 20 msec 28 msec
  2 3.1.1.1 52 msec 44 msec 40 msec

R3#traceroute 11.0.0.1 source 13.0.3.1
Type escape sequence to abort.
Tracing the route to 11.0.0.1
VRF info: (vrf in name/id, vrf out name/id)
  1 20.1.1.1 24 msec 8 msec 24 msec
  2 3.1.1.1 32 msec 44 msec 44 msec

R2#debug ip policy
Policy routing debugging is on

*Nov 23 15:57:46.706: IP: s=13.0.0.1 (FastEthernet0/0), d=11.0.0.1, len 28, policy match
*Nov 23 15:57:46.706: IP: route map PBR, item 10, permit
*Nov 23 15:57:46.710: IP: s=13.0.0.1 (FastEthernet0/0), d=11.0.0.1 (Serial3/0), len 28, policy r                                                                        outed
*Nov 23 15:57:46.710: IP: FastEthernet0/0 to Serial3/0 1.1.1.2
*Nov 23 15:57:46.726: IP: s=13.0.0.1 (FastEthernet0/0), d=11.0.0.1, len 28, policy match
*Nov 23 15:57:46.730: IP: route map PBR, item 10, permit
*Nov 23 15:57:46.730: IP: s=13.0.0.1 (FastEthernet0/0), d=11.0.0.1 (Serial3/0), len 28, policy r                                                                        outed
*Nov 23 15:57:46.730: IP: FastEthernet0/0 to Serial3/0 1.1.1.2
*Nov 23 15:57:46.758: IP: s=13.0.0.1 (FastEthernet0/0), d=11.0.0.1, len 28, policy match
*Nov 23 15:57:46.758: IP: route map PBR, item 10, permit
*Nov 23 15:57:46.758: IP: s=13.0.0.1 (FastEthernet0/0), d=11.0.0.1 (Serial3/0), len 28, policy r                                                                        outed
*Nov 23 15:57:46.758: IP: FastEthernet0/0 to Serial3/0 1.1.1.2
*Nov 23 15:57:46.778: IP: s=13.0.0.1 (FastEthernet0/
R2#0), d=11.0.0.1, len 28, FIB policy match




at
Labels:

No comments:

Post a comment

Subscribe to: Post Comments (Atom)

What is PIM Spare-Dense Mode ? How to configure Multicasting PIM Spare-Dense Mode?

   PIM Spare-Dense Mode  PIM (Protocol Independent Multicast) is a family of multicast routing protocols. The word independent comes fr...

  • Introduction of BGP
    Introduction of BGP Border Gateway Protocol (BGP) advertises, learn, and choose the best paths inside the wide internet. Wh...
  • BGP Attributes
    BGP Attributes   BGP support a wide variety of path attribute, BGP chooses a route to a network based on the attributes of its pa...
  • Route Redistribution configuration
                      we have already learned what is route redistribution and why we need, if you don't then click  here  . I...