Policy based routing is a method for defining path selection due to rules. It is known as the “programming language” of the routers. Policy based routing works based on if / then statements. Check to configuration example above for more information.
POLICY BASED ROUTING CONFIGURATION
– PC-1 is surfing on internet all day, route that device to ISP-2 which is slower.If ISP-2 is down, PC-1 can’t access to internet.
– Route PC-2’s Telnet and Https traffic to ISP-1 and route the rest of the traffic to ISP-2.
– Route all the other PCs’ traffics to ISP-2.
– Traffic created from policy router should prefer ISP-1 but if ISP-1 is down, traffic must be delivered to ISP-2.
– You can use just 2 route maps and 3 access lists to complete these tasks.
R1(config)# ip access-list extended CLIENT 1 R1(config-acl)#permit ip host 192.168.1.20 any R1(config-acl)#exit R1(config)#route-map POLICY 10 R1(config-route-map)#match ip add CLIENT 1 R1(config-route-map)#set ip next-hop 201.1.1.2 R1(config-route-map)#exit
Match client-1 with access list above and set the next-hop to 201.1.1.2
R1(config)#ip access-list ext CLIENT 2 R1(config-acl)#permit tcp host 192.168.1.21 any eq 23 // Telnet access // R1(config-acl)#permit tcp host 192.168.1.21 any eq 443 // https access //
R1(config)#route –map POLICY 20 R1(config-route-map)#match ip add CLIENT2 R1(config-route-map)#set ip next-hop 200.1.1.2
Match with client-2 acc list above and set the next-hop to 200.1.1.2 . Pay attention that Telnet and Https are permitted by ACL
R1(config)#route-map POLICY permit 30 R1(config-route-map)#set ip next-hop 201.1.1.2 // Rest of the traffic was routed to ISP-2, no "match" command used" because of this.// R1(config)#int f 0/0 R1(config-if)#ip policy route-map POLICY // Route map is implemented by this command. You can check the packets via "show route-map" command //
*** Route map is examined with sequence like access-lists.
