PBR provides advantages like Source-Based Transit Provider Selection when multihomed to different providers. This provides cost savings by distributing interactive traffic among low bandwidth, low cost paths and batch traffic over high bandwidth, high cost paths. PBR can be used to implement QoS by classifying and marking packets with IP precedence values in the Type of Service (ToS) field of the IP header. The routers in the core can then implement queuing techniques to prioritize the already marked traffic. PBR can also be used to route the packets over specific traffic engineered paths, which provide the desired QoS through the network.

• Modifying certain fields in the packet

   

• Forwarding packets in a specified manner

   

• Filtering and modifying the attributes of a route

Route maps can have a sequence of statements. Each entry in a route map statement contains a combination of match and set commands. The route map statements also have a permit or deny action. For PBR, the match command defines the criteria for matching the packets based on the defined policy. The set command defines the action to be taken on the matched packets. The action could either be modifying or forwarding the packet, bypassing the normal routing based on the IP routing table. Packets that are denied by a route map statement, or those that are not matched by any statement, are forwarded normally based on the IP routing table.

To configure PBR, create a route map by issuing the route-map map-tag [permit | deny] [sequence-number] command in global configuration mode.

PBR allows the user to match packets based on the length and characteristics of a packet, using a standard or extended ACL.

To define the matching criteria based on the policy, issue these commands from route map configuration mode:

• match length minimum-length maximum-length

   

• match ip address {access-list-number | access-list-name}

Define a standard or extended ACL by issuing the access-list command. A single match statement may contain multiple conditions. At least one condition in the match statement must be true for that statement to be considered as a match. A route map statement may also contain multiple match statements. All match statements in the route map statement must be considered true for the route map statement to be considered matched.

Define the action to be taken on the packets that match the criteria.

For PBR, this can be done by one of these options:

• A list of interfaces through which the packets should be routed

   

• A list of specified next-hop IP addresses to which the packets have to be routed

   

• A list of default interfaces

   

• A list of default next-hop IP addresses

Issue these commands in route map configuration mode:

• set interface interface-type interface-number

   

• set ip next-hop ip-address

   

• set default interface interface-type interface-number

   

• set ip default next-hop ip-address

This command can also be used to set the IP precedence or ToS values in the packet, as shown in this example:

• set ip precedence [number | name]

   

• set ip tos [number]

A single set statement may contain multiple arguments. In that case, if the interface or IP address associated with the first next-hop is down, the subsequent interfaces or IP addresses are tried. The set clauses can also be used in conjunction with one another under the same route map statement, in which case they are evaluated in a specific order.

PBR is effective only for the packets that arrive on a specific interface from the network. Enable PBR on the desired interface by issuing the ip policy route-map map-tag command in interface configuration mode.

Packets that are generated by the router are not normally policy routed. To enable PBR for packets generated by the router, issue the ip local policy route-map map-tag command in global configuration mode.

For a PBR overview and configuration with an example, refer to these documents:

• White Paper: Policy-Based Routing

   

• Configuring Policy-Based Routing

   

• Understanding Policy Routing