Policy-Based Routing - Cisco Catalyst 4500 series Administration Manual

Layer 3 Software Features

Policy-Based Routing

Traditional IP forwarding decisions are based purely on the destination IP address of the packet being
forwarded. Policy-Based Routing (PBR) enables forwarding based upon other information associated
with a packet, such as the source interface, IP source address, Layer 4 ports, and so on. This feature
allows network managers more flexibility in how they configure and design their networks.
Starting with Release IOS XE 3.4.0SG and IOS 15.1(2)SG, the PBR Recursive Next Hop feature
enhances route maps to enable configuration of a recursive next-hop IP address. The recursive next-hop
IP address can be a subnet that is not directly connected. The routing table will be looked up to find the
directly connected next-hop to which to send the packet so that it is routed via the recursive next-hop
that has been configured.
For more information on policy-based routing, see
Unicast Reverse Path Forwarding
The Unicast Reverse Path Forwarding (Unicast RPF) feature helps to mitigate problems that are caused
by the introduction of malformed or forged (spoofed) IP source addresses into a network by discarding
IP packets that lack a verifiable IP source address.
For information on URPF, see
Unidirectional Link Routing
Unidirectional link routing (UDLR) provides a way to forward multicast packets over a physical
unidirectional interface (such as a satellite link of high bandwidth) to stub networks that have a back
channel.
For information on configuring unidirectional link routing, refer to the URL
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/15.1SY/config_guide/sup720/ude_udl
r.html
VRF-lite
VPN routing and forwarding (VRF-lite) is an extension of IP routing that provides multiple routing
instances. Along with BGP, it enables the creation of a Layer 3 VPN service by keeping separate IP
routing and forwarding tables for each VPN customer. VRF-lite uses input interfaces to distinguish
routes for different VPNs. It forms virtual packet-forwarding tables by associating one or more Layer 3
interfaces with each VRF, allowing the creation of multiple Layer 3 VPNs on a single switch. Interfaces
in a VRF could be either physical, such as an Ethernet port, or logical, such as a VLAN switch virtual
interface (SVI). However, interfaces cannot belong to more than one VRF at any time.
Prior to Release IOS XE 3.5.0E and IOS 15.2(1)E, only IPv4 was available. With Release IOS XE 3.5.0E
and IOS 15.2(1)E, VRF-lite support has been extended to IPv6.
For information on VRF-lite, see
Software Configuration Guide—Release IOS XE 3.6.0E and IOS 15.2(2)E
1-22
Chapter 40, "Configuring Policy-Based Routing."
Chapter 36, "Configuring Unicast Reverse Path Forwarding."
Chapter 41, "Configuring VRF-lite."
Chapter 1 Product Overview
OL-30933-01