Configure and verify policy-based routing

Exam: Cisco 300-101 - CCNP Implementing Cisco IP Routing (ROUTE v2.0)

If you are preparing for the CCNP exam then you will find this chapter on how to configure and verify policy-based routing extremely useful. You will get questions on this topic under the exam number 300-101 route. It is a 120 minute exam and you can expect anything between 45 to 65 questions. There will definitely be some questions from this topic under the main topic of layer three technologies.

Policy based routing is also called PBR. First let us explain how PBR must be enabled. You must create a route map and specify the match criteria. It will happen if all the match clauses are met. The PBR must be enabled on the route map for the particular interface only. All the packets that are specifically mentioned in the interface must match the clauses as per the PBR. The steps in details are as follows:

  1. You must put the router in the route map configuration mode. Then you will have to define the route maps that control the output of the packets.
  2. Now you will have to match the criteria. This can be done by ensuring that the ip address length matches the level 3 length of the packet. You must also ensure that the ip address match the destination or the source IP address. This is allowed only by one or more of the access lists. If the match command is not specified the route map will be applied to all the packets by default.
  3. As the third step you will have to specify the actions that you need to take packets that particularly meet the criteria. The things that you can specify are as follows:
    • Next hop recursive – this will set the next hop to which the packet will be routed if there is no adjacent router.
    • Default next hop – this will set the next hop to which the packet will be routed if there is no specific route or destination mentioned.
    • Default interface – this will set the default interface if there is no destination specifically mentioned.
    • Vrf  - this will set the vrf (vpn routing and forwarding) instance.
    • Df – it will set the don’t fragment bit in the ip header.
    • Precedence - with this you can set the precedence value in the IP header. You can specifically mention the precedence name or the number.
    • Next hop – it will set the next hop that will be used to route the packet.
  4. Now lets move to the fourth step - in this step you will have to specify the interface and also put the interface in the configuration mode.
  5. The fifth step in this process is to identify the route map that you will need to use for the PBR. You must know one thing here that one interface can have only one route map tag. However, you can have many entries for the route map. Each of the entry will have its own sequence number. The entries will be evaluated based on these sequence numbers itself. This will go on till the first match is made. If there is no match found the packets will be routed as usual.

You must also keep one point in mind as a network administrator that the set commands must be used in conjunction with each other. The usable nest hop will always represent an interface. As soon as the local router will find a next hop and a interface that is usable it will automatically route the packets.

You can also make the PBR fast switched. This can be done with the IP PBR. Initially the switching rate of the PBR was not good enough. Now there is option of increasing the switching rate of the PBR without reducing the speed of the router. There are some restrictions that you must keep in mind as you do this.

The set default interface and set ip default next hop commands are not supported in this case. Moreover the set interface command is also supported only for the point to point links. At the process level the routing table must be consulted to determine if the interface has selected a reasonable path or not. There is a problem with fast switching as it will not check this. If the packet matches the software will automatically forward the packet to the interface that has been mentioned specifically.

One point to keep in mind is that the PBR but me set before you go for setting the fast switched PBR. The fast switching will not be active by default. You will have to first take the interface configuration mode. The command that is used for enabling the fast switching is router (config –if) # ip route cache policy. You can also display the cache entries in the policy route cache.

We will now discuss how you can enable the local PBR. The packets that you will get will be policy routed. If you want these to enable the local PBR then you will have to use the enclosed command in the global configuration mode. Router (config) # ip local policy route map map tag. When this command is used it will ensure that all the packets in the router are subjected to the local PBR.

Now let’s move on to discuss how to enable the CEF – switched PBR. The CEF-switched PBR will always have a better performance when compared to the fast-switched PBR. This is why it is the best way to perform the PBR on a router. You must know that there is no need for any special configuration in order to enable this. It will automatically get activated as soon as the CEF and PBR are enabled on the router.

Some common examples of PBR are:

  1. Differing next hops example
  2. Equal access example.;

We hope that this discussion on how to configure and verify policy based routing will help you to get a better idea of the topic and get a good score in the exam.

Related IT Guides

  1. Configure and verify device management
  2. Configure and Verify eBGP (IPv4 and IPv6 address families)
  3. Configure and Verify OSPF for IPv6
  4. Configure and verify switch administration
  5. Configure and verify tracking objects
  6. Explain Frame Relay
  7. Explain TCP operations
  8. Identify Cisco Express Forwarding concepts
  9. Identify IPv6 addressing and subnetting
  10. Identify, configure, and verify IPv4 addressing and subnetting