11-18-2008 04:15 AM - edited 03-06-2019 02:32 AM
Hi,
Is it possible to do PBR based on route tags or other attributes related to prefix?
My understanding is that we can do PBR only with attributes related to packet like IP precedence, packet length etc as for doing PBR device will check packet fields and not fields associated with a route.
Regards
Sourabh
11-18-2008 05:17 AM
PBR can be done by using route tags
route-map tag permit 10
match tag 10
set ip next-hop
But i cannot think of a scenario where you would be required to do this
PBR is applied at the input interface and if you are receiving the tags for some routes on the same interface, then traffic for these destinations would be directed away from that interface.
However you can test this via a simple topology
R1 -- R2 --- R3
R1 send a route 1.1.1.1 with tag 10 to R2 which is also sent to R3
You can have a PBR at the R2 interface connecting to R3 to match the tag and send to some other router
R1
interface Loopback1
ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
ip address 10.10.10.1 255.255.255.0
ip ospf network point-to-point
router ospf 1
log-adjacency-changes
redistribute connected subnets tag 10
network 10.10.10.0 0.0.0.255 area 0
R2
interface Loopback1
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 10.10.10.2 255.255.255.0
interface FastEthernet0/1
ip address 20.20.20.1 255.255.255.0
ip policy route-map tag
ip ospf network point-to-point
router ospf 1
log-adjacency-changes
redistribute static subnets
network 10.10.10.0 0.0.0.255 area 0
network 20.20.20.0 0.0.0.255 area 0
route-map tag permit 10
match tag 10
set ip next-hop 4.4.4.4
R3
interface Loopback1
ip address 3.3.3.3 255.255.255.255
ip route 0.0.0.0 0.0.0.0 20.20.20.1
Debug policy at R2 when a ping is done from R1 to 3.3.3.3
licy match
*Mar 1 00:15:33.943: IP: route map tag, item 10, permit
*Mar 1 00:15:33.943: IP: s=10.10.10.1 (FastEthernet0/0), d=3.3.3.3 (Loopback10)
, len 100, policy routed
*Mar 1 00:15:33.947: IP: FastEthernet0/0 to Loopback10 4.4.4.4
*Mar 1 00:15:35.863: IP: s=10.10.10.1 (FastEthernet0/0), d=3.3.3.3, len 100, FI
B policy match
*Mar 1 00:15:35.863: IP: s=10.10.10.1 (FastEthernet0/0), d=3.3.3.3, len 100, po
licy match
*Mar 1 00:15:35.867: IP: route map tag, item 10, permit
*Mar 1 00:15:35.867: IP: s=10.10.10.1 (FastEthernet0/0), d=3.3.3.3 (Loopback10)
, len 100, policy routed
HTH
Narayan
11-18-2008 05:41 AM
Hello Narayan,
informative and complete post including tests.
Best Regards
Giuseppe
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide