O Policy Based routing permite ao router tomar decisões de routing com base no IP destino/porto/protocolo, em suma tudo o que seja possível através do match no route-map.
As ações possíveis aquando do match:
- precedence: Sets precedence value in the IP header. You can specify either the precedence number or name.
- df: Sets the `Don’t Fragment’ (DF) bit in the ip header.
- vrf: Sets the VPN Routing and Forwarding (VRF) instance.
- next-hop: Sets next hop to which to route the packet.
- next-hop recursive: Sets next hop to which to route the packet if the hop is to a router which is not adjacent.
- interface: Sets output interface for the packet.
- default next-hop: Sets next hop to which to route the packet if there is no explicit route for this destination.
- default interface: Sets output interface for the packet if there is no explicit route for this destination.
Exemplo:
Ligações:
Rx——–|
————| R2-f0/1—–f0/0-R3
Ry——–|
Nota:O Rx/Ry tem uma rota default a apontar para o R2
R2#
route-map PBR permit 10
match ip address 10
set ip default next-hop 192.168.2.1
!
route-map PBR permit 20
interface FastEthernet0/1
ip address 192.168.20.2 255.255.255.0
ip policy route-map PBR
!Para que o router onde o PBR é aplicado tambem seja abrangido quando origina tráfego !localmente deve ser usado o ip local policy
ip local policy route-map PBR
R3#
interface FastEthernet0/0
ip address 192.168.20.1 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 192.168.20.2
R3#ping 192.168.10.1 re 1
Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to 192.168.10.1, timeout is 2 seconds:
!
Success rate is 100 percent (1/1), round-trip min/avg/max = 52/52/52 ms
!Trafego iniciado localmente no router com PBR
R2#ping 192.168.10.1 re 1
Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to 192.168.10.1, timeout is 2 seconds:
!
Success rate is 100 percent (1/1), round-trip min/avg/max = 32/32/32 ms
R2#
*Mar 1 10:39:28.497: IP: s=192.168.20.2 (local), d=192.168.10.1, len 100, policy match
*Mar 1 10:39:28.501: IP: route map PBR, item 10, permit
*Mar 1 10:39:28.501: IP: s=192.168.20.2 (local), d=192.168.10.1 (Multilink1), len 100, policy routed
R2#
*Mar 1 10:31:49.669: IP: s=192.168.20.1 (FastEthernet0/1), d=192.168.10.1, len 100, FIB policy match
*Mar 1 10:31:49.673: IP: s=192.168.20.1 (FastEthernet0/1), d=192.168.10.1, g=192.168.2.1, len 100, FIB policy routed
!Definindo uma rota especifica
R2(config)#ip route 192.168.10.0 255.255.255.0 192.168.2.1
! Apos efetuar novamente o Ping no R3
R2(config)#
*Mar 1 10:33:22.405: IP: s=192.168.20.1 (FastEthernet0/1), d=192.168.10.1, len 100, FIB policy match
*Mar 1 10:33:22.409: IP: s=192.168.20.1 (FastEthernet0/1), d=192.168.10.1, len 100, FIB policy rejected(explicit route) – normal forwarding
Neste caso o tráfego segue o encaminhamento de acordo com a tabela de routing, devido a rota estática configurada
R2#sh ip policy
Interface Route map
local PBR
Fa0/1 PBR