Policy-Based Routing; Overview; Policy-Based Routing Tables; Policy-Based Routing Rules - D-Link NetDefend DFL-210 User Manual

4.3. Policy-based Routing

4.3. Policy-based Routing

4.3.1. Overview

Policy-based Routing is an extension to the standard approach to routing described previously. It of-
fers administrators significant flexibility in implementing routing decision policies by be able to
define Policy-based Routing Rules.
Normal routing forwards packets according to destination IP address information derived from static
routes or from a dynamic routing protocol. For example, using OSPF, the route chosen for packets
will be the least-cost (shortest) path derived from an SPF calculation. Policy-based Routing means
that the routes chosen for traffic can be based on various parameters, such as the source address or
service type.
NetDefendOS implements routing by not only looking at packets one by one, but by implementing
it on a state or connection basis so that routing policy provides control on both the forward and re-
turn routing directions.
Policy-based Routing can also be applied on an application basis by allowing:
Source based routing
Service-based routing
Creating provider-independent
metropolitan area networks
Policy-based Routing implementation in NetDefendOS consists of two elements:
• One or more user-defined alternate Policy-based routing tables in addition to the standard de-
fault main routing table.
• Policy-based routing rules, which determines which routing table to use depending on the
traffic.

4.3.2. Policy-based Routing Tables

NetDefendOS, as standard, has one default routing table called main. In addition to the main table,
it is possible to define one or more, additional alternate routing tables (this section will sometimes
refer to Policy-based Routing Tables as alternate routing tables).
Alternate routing tables contain the same information for describing routes as main, except that
there is an extra parameter ordering defined for each of them. This parameter decides how route
lookup is done with the alternate table in conjunction with the main table. This is described further
in Section 4.3.5, "The Ordering parameter" below.

4.3.3. Policy-based Routing Rules

A rule in the Policy-based Routing rule-set can decide which routing table is selected. A Policy-
When more than one ISP is used to provide Internet services,
Policy-based Routing can route traffic originating from differ-
ent sets of users through different routes. For example, traffic
from one address range might be routed through one ISP,
whilst traffic from another address range might be through a
second ISP.
Policy-based Routing can route a given protocols such as HT-
TP, through transparent proxies such as Web caches.
All users share a common active backbone, but each can use
different ISPs, subscribing to different providers.
76
Chapter 4. Routing