Introduction to Policy Based Routing
Introduction to Policy Based Routing (PBR).
Slides
Policy Based Routing-Introduction
Labs
These topologies are not representing real scenarios.
Client VM: Ubuntu
Server VM: TurnKey Linux OrangeHRM
Cisco Routers: 3725 adventreprise 12.4(18)
Case #1 – PBR based on destination port
Configs: pbrcase1
Case #2 – PBR based on source addresses
Configs: pbrcase2
Case #3 – Load sharing based on traffic type with redundant gateways
Case #4 – PBR with NBAR
Be careful with NBAR in production environments !
Configs: pbrcase4
http://blog.ine.com/2008/11/04/using-nbar-for-http-url-filtering/
http://www.cisco.com/en/US/docs/ios/12_2/qos/configuration/guide/qcfpbr.html
Case #5 – PBR on JunOS
Topology: same as Case #1
Config:
Interfaces
{
em0 {
unit 0 {
family inet {
address 10.10.10.1/24;
}
}
}
em1 {
unit 0 {
family inet {
address 10.10.20.1/24;
}
}
}
}
routing-instances {
ISP1 {
instance-type forwarding;
routing-options {
static {
route 0.0.0.0/0 next-hop 1.1.1.2;
}
}
}
ISP2 {
instance-type forwarding;
routing-options {
static {
route 0.0.0.0/0 next-hop 2.2.2.2;
}
}
}
}
protocols {
ospf {
rib-group MERGE-CONNECTED;
area 0.0.0.0 {
interface em0;
}
}
}
routing-options {
interface-routes {
rib-group inet MERGE-CONNECTED;
}
rib-groups {
MERGE-CONNECTED {
import-rib [ inet.0 ISP1.inet.0 ISP2.inet.0 ];
}
}
}
policy-options {
prefix-list LAN-A {
10.10.10.0/24;
}
prefix-list LAN-B {
10.10.20.0/24;
}
prefix-list NET {
0.0.0.0/0;
}
}
firewall {
family inet {
filter SOURCE-ROUTING-SELECTION {
term FROM-LAN-1 {
from {
source-prefix-list {
LAN-A;
}
destination-prefix-list {
NET;
}
}
then {
routing-instance ISP1;
}
}
term FROM-LAN-B {
from {
prefix-list {
LAN-B;
}
}
then {
routing-instance ISP2;
}
}
term DEFAULT {
then accept;
}
}
}
}
http://blog.inetsix.net/2012/06/policy-based-routing-with-junos/
http://jncie.files.wordpress.com/2008/09/350136_filter-based-forwarding.pdf