PBR rules
Each PBR list can have up to 1,500 rules. The first rule that matches the packet specifies the
next hop list for the packet. If no rule matches the packet, the packet is routed according to the
default rule.
This section provides information on how to configure rules in a PBR list and contains the
following topics:
Overview of rule criteria
●
rules
Modifying rules
●
Rule criteria
●
Overview of rule criteria
You can configure policy rules to match packets based on one or more of the following criteria:
Source IP address, or a range of addresses
●
Destination IP address or a range of addresses
●
IP protocol, such as TCP, UDP, ICMP, IGMP
●
Source TCP or UDP port or a range of ports
●
Destination TCP or UDP port or a range of ports
●
ICMP type and code
●
Fragments
●
DSCP field
●
Note:
The fragment criteria is used for non-initial fragments only.
Note:
Use IP wildcards to specify a range of source or destination IP addresses. The zero bits in the
wildcard correspond to bits in the IP address that remain fixed. The one bits in the wildcard
correspond to bits in the IP address that can vary. Note that this is the opposite of how bits are
used in a subnet mask.
Note:
When you use destination and source ports in a PBR rule, policy-based routing
Note:
does not catch fragments.
— an overview of the criteria that can be used in configuring PBR
— instructions on how to create and edit a PBR rule
— instructions on how to configure a PBR rule's criteria
PBR rules
Issue 1.1 June 2005
471