Table of Contents
Advertisement
Configuring PBR
Overview
Policy-based routing (PBR) uses user-defined policies to route packets. A policy can specify the next
hop and default next hop for packets that match specific criteria such as ACLs.
A device forwards received packets using the following process:
1.
The device uses PBR to forward matching packets.
2.
If the packets do not match the PBR policy or the PBR-based forwarding fails, the device uses
the routing table, excluding the default route, to forward the packets.
3.
If the routing table-based forwarding fails, the device uses the default next hop defined in PBR
to forward packets.
4.
If the default next hop-based forwarding fails, the device uses the default route to forward
packets.
PBR includes local PBR and interface PBR.
•
Local PBR guides the forwarding of locally generated packets, such as the ICMP packets
generated by using the ping command.
•
Interface PBR guides the forwarding of packets received on an interface only.
Policy
A policy includes match criteria and actions to be taken on the matching packets. A policy can have
one or multiple nodes as follows:
•
Each node is identified by a node number. A smaller node number has a higher priority.
•
A node contains if-match and apply clauses. An if-match clause specifies a match criterion,
and an apply clause specifies an action.
•
A node has a match mode of permit or deny.
A policy compares packets with nodes in priority order. If a packet matches the criteria on a node, it is
processed by the action on the node. Otherwise, it goes to the next node for a match. If the packet
does not match the criteria on any node, it is forwarded according to the routing table.
if-match clause
PBR supports the following types of if-match clauses:
•
if-match acl—Sets an ACL match criterion.
•
if-match service-chain—Sets a service chain match criterion. For more information about
service chain, see Service Chain Configuration Guide.
On a node, you can specify multiple types of if-match clauses, but only one if-match clause for each
type.
To match a node, a packet must match all types of the if-match clauses for the node but only one
if-match clause for each type.
apply clause
PBR supports the types of apply clauses shown in
for a node, but some of them might not be executed. The following apply clauses determine the
packet forwarding paths in a descending order:
•
apply next-hop
•
apply output-interface
Table
23. You can specify multiple apply clauses
380
Advertisement
Table of Contents
Troubleshooting
