SlideShare a Scribd company logo

Policy Based Routing (PBR)

KHNOG
KHNOG

Policy-Based Routing (PBR) allows network administrators to override the default routing behavior and specify how traffic should be routed based on matching criteria. PBR uses route-maps to match packets and set the next-hop. Route-maps contain match and set clauses - match clauses define the conditions to match packets, and set clauses define the action to take for matched packets such as specifying the next-hop router. Network administrators configure PBR by defining route-maps with match and set statements, applying the route-map to an interface with the ip policy command.

Technology
1 of 17
Download to read offline
Policy-Based Routing (PBR)
Content - Before We Start - PBR Overview - How PBR Works - Route-Map Operation - PBR Configuration Procedure - PBR Configuration - Lab
Before We Start - Destination Based Routing - Routing from Net A/B to Net C/D via (R1 -> R5 -> R4)
PBR Overview - Say goodbye to Destination Based Routing - Flexible routing packet decision based on traffic flows - Overrides routing protocol next-hob decision
PBR Overview - Routing from Net A to Net C via (R1 -> R5 -> R4) - Routing from Net B to Net D via (R1 -> R2 -> R3 -> R4)
How PBR Works - All packets received on an interface are considered for policy routing - Each packet is passed through a route-map - Each entry in a route-map has “match” and “set” clauses - Match clauses are conditions to be met - Route-map is used for condition work
How PBR Works If match src NetA set next-hob -> R5 If match src NetB set next-hob -> R2
Route-Map Operation route-map DEMO permit 10 match X Y Z match A set B set C route-map DEMO permit 20 match Q set R route-map DEMO permit 30 If {(X OR Y OR Z) AND A match} Then {Set B AND C} (and exit route-map) Else If Q matches Then set R (and exit route-map) Else Set nothing (and exit route-map) OR OR
Route-Map Operation - Match criteria on the same line mean a logical OR condition - Multiple match and set criteria on separate lines indicates an AND condition - A route-map statement without any match statements will be considered matched. - Like an access list, an implicit deny any appears at the end of a route map.
PBR Configuration Procedure - Define and name the route map with the route-map command. - Define the conditions to match (the match statements). - Define access-list for packet identifying - Define the action to be taken when there is a match (the set statements). - Define which interface the route map will be attached to using the ip policy route-map interface configuration command.
PBR Configuration - Lab
PBR Configuration – Lab Configuration on R1 - Create access-list ip access-list extended Net7-Net4 permit ip 7.7.7.0 0.0.0.255 4.4.4.0 0.0.0.255 !
PBR Configuration – Lab Configuration on R1 - Configure route-map route-map DEMO permit 10 match ip address Net7-Net4 set ip next-hop 192.168.12.2 ! route-map DEMO permit 20 !
PBR Configuration – Lab Configuration on R1 - Apply route-map into interface interface FastEthernet6/0 ip policy route-map DEMO !
PBR Configuration – Lab Traceroute output from Network 7.7.7.7 - Before Apply into interface traceroute 4.4.4.4 source 7.7.7.7 Type escape sequence to abort. Tracing the route to 4.4.4.4 1 192.168.16.1 20 msec 12 msec 12 msec (R1) 2 192.168.15.5 12 msec 36 msec 28 msec (R5)
PBR Configuration – Lab Traceroute output from Network 7.7.7.7 - After Apply into interface traceroute 4.4.4.4 source 7.7.7.7 Type escape sequence to abort. Tracing the route to 4.4.4.4 1 192.168.16.1 12 msec 20 msec 20 msec (R1) 2 192.168.12.2 30 msec * 34 msec (R2) 3 192.168.23.3 32 msec * 36 msec (R3) 4 192.168.34.4 68 msec 56 msec 52 msec (R4) 5 192.168.45.5 56 msec 68 msec 60 msec
Thanks

Recommended

Policy Based Routing
Policy Based RoutingPolicy Based Routing
Policy Based RoutingNetProtocol Xpert
 
Eigrp
EigrpEigrp
Eigrpfirey
 
Ospf
Ospf Ospf
OspfDeeN Mohammad
 
MPLS & BASIC LDP
MPLS & BASIC LDPMPLS & BASIC LDP
MPLS & BASIC LDPReza Farahani
 
Multiprotocol label switching
Multiprotocol label switchingMultiprotocol label switching
Multiprotocol label switchingSumita Das
 
Cisco router configuration tutorial
Cisco router configuration tutorialCisco router configuration tutorial
Cisco router configuration tutorialIT Tech
 
Ospf area types
Ospf area typesOspf area types
Ospf area typesRoger Perkin
 
MPLS Layer 3 VPN
MPLS Layer 3 VPN MPLS Layer 3 VPN
MPLS Layer 3 VPN NetProtocol Xpert
 

Recommended

Policy Based Routing
Policy Based RoutingPolicy Based Routing
Policy Based RoutingNetProtocol Xpert
 
Eigrp
EigrpEigrp
Eigrpfirey
 
Ospf
Ospf Ospf
OspfDeeN Mohammad
 
MPLS & BASIC LDP
MPLS & BASIC LDPMPLS & BASIC LDP
MPLS & BASIC LDPReza Farahani
 
Multiprotocol label switching
Multiprotocol label switchingMultiprotocol label switching
Multiprotocol label switchingSumita Das
 
Cisco router configuration tutorial
Cisco router configuration tutorialCisco router configuration tutorial
Cisco router configuration tutorialIT Tech
 
Ospf area types
Ospf area typesOspf area types
Ospf area typesRoger Perkin
 
MPLS Layer 3 VPN
MPLS Layer 3 VPN MPLS Layer 3 VPN
MPLS Layer 3 VPN NetProtocol Xpert
 
CCNA CheatSheet
CCNA CheatSheetCCNA CheatSheet
CCNA CheatSheetEng. Emad Al-Atoum
 
Vpc notes
Vpc notesVpc notes
Vpc notesKrunal Shah
 
MPLS Concepts and Fundamentals
MPLS Concepts and FundamentalsMPLS Concepts and Fundamentals
MPLS Concepts and FundamentalsShawn Zandi
 
Deploying Carrier Ethernet features on ASR 9000
Deploying Carrier Ethernet features on ASR 9000Deploying Carrier Ethernet features on ASR 9000
Deploying Carrier Ethernet features on ASR 9000Vinod Kumar Balasubramanyam
 
GRE Tunnel Configuration
GRE Tunnel ConfigurationGRE Tunnel Configuration
GRE Tunnel ConfigurationNetProtocol Xpert
 
Ccna command
Ccna commandCcna command
Ccna commandSiddhartha Rajbhatt
 
MPLS (Multiprotocol Label Switching)
MPLS (Multiprotocol Label Switching)MPLS (Multiprotocol Label Switching)
MPLS (Multiprotocol Label Switching)Netwax Lab
 
Segment Routing Technology Deep Dive and Advanced Use Cases
Segment Routing Technology Deep Dive and Advanced Use CasesSegment Routing Technology Deep Dive and Advanced Use Cases
Segment Routing Technology Deep Dive and Advanced Use CasesCisco Canada
 
IS-IS vs OSPF
IS-IS vs OSPFIS-IS vs OSPF
IS-IS vs OSPFNetProtocol Xpert
 
Segment Routing Lab
Segment Routing Lab Segment Routing Lab
Segment Routing Lab Cisco Canada
 
Mpls L3_vpn
Mpls L3_vpnMpls L3_vpn
Mpls L3_vpnReza Farahani
 
MPLS - Multiprotocol Label Switching
MPLS - Multiprotocol Label SwitchingMPLS - Multiprotocol Label Switching
MPLS - Multiprotocol Label SwitchingPeter R. Egli
 
BGP Advance Technique by Steven & James
BGP Advance Technique by Steven & JamesBGP Advance Technique by Steven & James
BGP Advance Technique by Steven & JamesFebrian ‎
 
Segment Routing
Segment RoutingSegment Routing
Segment RoutingAPNIC
 
Segment Routing Advanced Use Cases - Cisco Live 2016 USA
Segment Routing Advanced Use Cases - Cisco Live 2016 USASegment Routing Advanced Use Cases - Cisco Live 2016 USA
Segment Routing Advanced Use Cases - Cisco Live 2016 USAJose Liste
 
VRF Configuration
VRF ConfigurationVRF Configuration
VRF ConfigurationNetwax Lab
 
OTV PPT by NETWORKERS HOME
OTV PPT by NETWORKERS HOMEOTV PPT by NETWORKERS HOME
OTV PPT by NETWORKERS HOMEnetworkershome
 
Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) KHNOG
 
Juniper mpls best practice part 1
Juniper mpls best practice part 1Juniper mpls best practice part 1
Juniper mpls best practice part 1Febrian ‎
 
CCNA Advanced Routing Protocols
CCNA Advanced Routing ProtocolsCCNA Advanced Routing Protocols
CCNA Advanced Routing ProtocolsDsunte Wilson
 
Routing Implementation - Cisco vs. Mikrotik
Routing Implementation - Cisco vs. MikrotikRouting Implementation - Cisco vs. Mikrotik
Routing Implementation - Cisco vs. MikrotikKHNOG
 
SIP (Session Initiation Protocol)
SIP (Session Initiation Protocol)SIP (Session Initiation Protocol)
SIP (Session Initiation Protocol)KHNOG
 

More Related Content

What's hot

MPLS Concepts and Fundamentals
MPLS Concepts and FundamentalsMPLS Concepts and Fundamentals
MPLS Concepts and FundamentalsShawn Zandi
 
MPLS (Multiprotocol Label Switching)
MPLS (Multiprotocol Label Switching)MPLS (Multiprotocol Label Switching)
MPLS (Multiprotocol Label Switching)Netwax Lab
 
Segment Routing Technology Deep Dive and Advanced Use Cases
Segment Routing Technology Deep Dive and Advanced Use CasesSegment Routing Technology Deep Dive and Advanced Use Cases
Segment Routing Technology Deep Dive and Advanced Use CasesCisco Canada
 
Segment Routing Lab
Segment Routing Lab Segment Routing Lab
Segment Routing Lab Cisco Canada
 
MPLS - Multiprotocol Label Switching
MPLS - Multiprotocol Label SwitchingMPLS - Multiprotocol Label Switching
MPLS - Multiprotocol Label SwitchingPeter R. Egli
 
BGP Advance Technique by Steven & James
BGP Advance Technique by Steven & JamesBGP Advance Technique by Steven & James
BGP Advance Technique by Steven & JamesFebrian ‎
 
Segment Routing
Segment RoutingSegment Routing
Segment RoutingAPNIC
 
Segment Routing Advanced Use Cases - Cisco Live 2016 USA
Segment Routing Advanced Use Cases - Cisco Live 2016 USASegment Routing Advanced Use Cases - Cisco Live 2016 USA
Segment Routing Advanced Use Cases - Cisco Live 2016 USAJose Liste
 
VRF Configuration
VRF ConfigurationVRF Configuration
VRF ConfigurationNetwax Lab
 
OTV PPT by NETWORKERS HOME
OTV PPT by NETWORKERS HOMEOTV PPT by NETWORKERS HOME
OTV PPT by NETWORKERS HOMEnetworkershome
 
Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) KHNOG
 
Juniper mpls best practice part 1
Juniper mpls best practice part 1Juniper mpls best practice part 1
Juniper mpls best practice part 1Febrian ‎
 
CCNA Advanced Routing Protocols
CCNA Advanced Routing ProtocolsCCNA Advanced Routing Protocols
CCNA Advanced Routing ProtocolsDsunte Wilson
 

What's hot (20)

CCNA CheatSheet
CCNA CheatSheetCCNA CheatSheet
CCNA CheatSheet
 
Vpc notes
Vpc notesVpc notes
Vpc notes
 
MPLS Concepts and Fundamentals
MPLS Concepts and FundamentalsMPLS Concepts and Fundamentals
MPLS Concepts and Fundamentals
 
Deploying Carrier Ethernet features on ASR 9000
Deploying Carrier Ethernet features on ASR 9000Deploying Carrier Ethernet features on ASR 9000
Deploying Carrier Ethernet features on ASR 9000
 
GRE Tunnel Configuration
GRE Tunnel ConfigurationGRE Tunnel Configuration
GRE Tunnel Configuration
 
Ccna command
Ccna commandCcna command
Ccna command
 
MPLS (Multiprotocol Label Switching)
MPLS (Multiprotocol Label Switching)MPLS (Multiprotocol Label Switching)
MPLS (Multiprotocol Label Switching)
 
Segment Routing Technology Deep Dive and Advanced Use Cases
Segment Routing Technology Deep Dive and Advanced Use CasesSegment Routing Technology Deep Dive and Advanced Use Cases
Segment Routing Technology Deep Dive and Advanced Use Cases
 
IS-IS vs OSPF
IS-IS vs OSPFIS-IS vs OSPF
IS-IS vs OSPF
 
Segment Routing Lab
Segment Routing Lab Segment Routing Lab
Segment Routing Lab
 
Mpls L3_vpn
Mpls L3_vpnMpls L3_vpn
Mpls L3_vpn
 
MPLS - Multiprotocol Label Switching
MPLS - Multiprotocol Label SwitchingMPLS - Multiprotocol Label Switching
MPLS - Multiprotocol Label Switching
 
BGP Advance Technique by Steven & James
BGP Advance Technique by Steven & JamesBGP Advance Technique by Steven & James
BGP Advance Technique by Steven & James
 
Segment Routing
Segment RoutingSegment Routing
Segment Routing
 
Segment Routing Advanced Use Cases - Cisco Live 2016 USA
Segment Routing Advanced Use Cases - Cisco Live 2016 USASegment Routing Advanced Use Cases - Cisco Live 2016 USA
Segment Routing Advanced Use Cases - Cisco Live 2016 USA
 
VRF Configuration
VRF ConfigurationVRF Configuration
VRF Configuration
 
OTV PPT by NETWORKERS HOME
OTV PPT by NETWORKERS HOMEOTV PPT by NETWORKERS HOME
OTV PPT by NETWORKERS HOME
 
Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD)
 
Juniper mpls best practice part 1
Juniper mpls best practice part 1Juniper mpls best practice part 1
Juniper mpls best practice part 1
 
CCNA Advanced Routing Protocols
CCNA Advanced Routing ProtocolsCCNA Advanced Routing Protocols
CCNA Advanced Routing Protocols
 

Viewers also liked

Routing Implementation - Cisco vs. Mikrotik
Routing Implementation - Cisco vs. MikrotikRouting Implementation - Cisco vs. Mikrotik
Routing Implementation - Cisco vs. MikrotikKHNOG
 
SIP (Session Initiation Protocol)
SIP (Session Initiation Protocol)SIP (Session Initiation Protocol)
SIP (Session Initiation Protocol)KHNOG
 
Virtual Extensible LAN (VXLAN)
Virtual Extensible LAN (VXLAN)Virtual Extensible LAN (VXLAN)
Virtual Extensible LAN (VXLAN)KHNOG
 
Physically Based Rendering by Gege
Physically Based Rendering by GegePhysically Based Rendering by Gege
Physically Based Rendering by GegeAgate Studio
 
How to Prevent DHCP Spoofing
How to Prevent DHCP SpoofingHow to Prevent DHCP Spoofing
How to Prevent DHCP SpoofingKHNOG
 
Understanding REST APIs in 5 Simple Steps
Understanding REST APIs in 5 Simple StepsUnderstanding REST APIs in 5 Simple Steps
Understanding REST APIs in 5 Simple StepsTessa Mero
 
Introduction to Python
Introduction to PythonIntroduction to Python
Introduction to PythonKHNOG
 
Terminal Access Controller
Terminal Access ControllerTerminal Access Controller
Terminal Access ControllerKHNOG
 
Bandwidth Management on Linux
Bandwidth Management on LinuxBandwidth Management on Linux
Bandwidth Management on LinuxKHNOG
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)KHNOG
 
9th SDN Expert Group Seminar - Session3
9th SDN Expert Group Seminar - Session39th SDN Expert Group Seminar - Session3
9th SDN Expert Group Seminar - Session3NAIM Networks, Inc.
 
IT Service Level Agreement
IT Service Level AgreementIT Service Level Agreement
IT Service Level AgreementKHNOG
 
1st SDN Interest Group Seminar - Session2 (121017)
1st SDN Interest Group Seminar - Session2 (121017)1st SDN Interest Group Seminar - Session2 (121017)
1st SDN Interest Group Seminar - Session2 (121017)NAIM Networks, Inc.
 
Core Concept of TCP/IP
Core Concept of TCP/IPCore Concept of TCP/IP
Core Concept of TCP/IPKHNOG
 
Cambodia International Backbone Network
Cambodia International Backbone NetworkCambodia International Backbone Network
Cambodia International Backbone NetworkKHNOG
 
Mikrotik Hotspot With Queue Tree BW Management
Mikrotik Hotspot With Queue Tree BW ManagementMikrotik Hotspot With Queue Tree BW Management
Mikrotik Hotspot With Queue Tree BW Managementgopartheredbuff
 
Network Security-Honeypot
Network Security-HoneypotNetwork Security-Honeypot
Network Security-HoneypotKHNOG
 

Viewers also liked (20)

Routing Implementation - Cisco vs. Mikrotik
Routing Implementation - Cisco vs. MikrotikRouting Implementation - Cisco vs. Mikrotik
Routing Implementation - Cisco vs. Mikrotik
 
SIP (Session Initiation Protocol)
SIP (Session Initiation Protocol)SIP (Session Initiation Protocol)
SIP (Session Initiation Protocol)
 
Virtual Extensible LAN (VXLAN)
Virtual Extensible LAN (VXLAN)Virtual Extensible LAN (VXLAN)
Virtual Extensible LAN (VXLAN)
 
Physically Based Rendering by Gege
Physically Based Rendering by GegePhysically Based Rendering by Gege
Physically Based Rendering by Gege
 
How to Prevent DHCP Spoofing
How to Prevent DHCP SpoofingHow to Prevent DHCP Spoofing
How to Prevent DHCP Spoofing
 
Understanding REST APIs in 5 Simple Steps
Understanding REST APIs in 5 Simple StepsUnderstanding REST APIs in 5 Simple Steps
Understanding REST APIs in 5 Simple Steps
 
Introduction to Python
Introduction to PythonIntroduction to Python
Introduction to Python
 
Terminal Access Controller
Terminal Access ControllerTerminal Access Controller
Terminal Access Controller
 
Bandwidth Management on Linux
Bandwidth Management on LinuxBandwidth Management on Linux
Bandwidth Management on Linux
 
Python101
Python101Python101
Python101
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)
 
9th SDN Expert Group Seminar - Session3
9th SDN Expert Group Seminar - Session39th SDN Expert Group Seminar - Session3
9th SDN Expert Group Seminar - Session3
 
IT Service Level Agreement
IT Service Level AgreementIT Service Level Agreement
IT Service Level Agreement
 
1st SDN Interest Group Seminar - Session2 (121017)
1st SDN Interest Group Seminar - Session2 (121017)1st SDN Interest Group Seminar - Session2 (121017)
1st SDN Interest Group Seminar - Session2 (121017)
 
Core Concept of TCP/IP
Core Concept of TCP/IPCore Concept of TCP/IP
Core Concept of TCP/IP
 
Cambodia International Backbone Network
Cambodia International Backbone NetworkCambodia International Backbone Network
Cambodia International Backbone Network
 
VPN on Mikrotik
VPN on MikrotikVPN on Mikrotik
VPN on Mikrotik
 
Mikrotik Hotspot With Queue Tree BW Management
Mikrotik Hotspot With Queue Tree BW ManagementMikrotik Hotspot With Queue Tree BW Management
Mikrotik Hotspot With Queue Tree BW Management
 
Network Security-Honeypot
Network Security-HoneypotNetwork Security-Honeypot
Network Security-Honeypot
 
Mikrotik metarouter
Mikrotik metarouterMikrotik metarouter
Mikrotik metarouter
 

Similar to Policy Based Routing (PBR)

How to configure pbr (policy based routing)
How to configure pbr (policy based routing)How to configure pbr (policy based routing)
How to configure pbr (policy based routing)Lirouter Li
 
How to train your L3DSR with PBR - MEMO -
How to train your L3DSR with PBR - MEMO -How to train your L3DSR with PBR - MEMO -
How to train your L3DSR with PBR - MEMO -Naoto MATSUMOTO
 
Router Commands Overview
Router Commands OverviewRouter Commands Overview
Router Commands OverviewMuhammed Niyas
 
Implementing a scalable ospf based solution
Implementing a scalable ospf based solutionImplementing a scalable ospf based solution
Implementing a scalable ospf based solutionArnold Derrick Kinney
 
CCNA R&S-20-Configuring IPv4 Addresses and Routes
CCNA R&S-20-Configuring IPv4 Addresses and RoutesCCNA R&S-20-Configuring IPv4 Addresses and Routes
CCNA R&S-20-Configuring IPv4 Addresses and RoutesAmir Jafari
 
CCNA_RSE_Chp3_Dynamic Routing NETWORKINGFBU.pptx
CCNA_RSE_Chp3_Dynamic Routing NETWORKINGFBU.pptxCCNA_RSE_Chp3_Dynamic Routing NETWORKINGFBU.pptx
CCNA_RSE_Chp3_Dynamic Routing NETWORKINGFBU.pptxManishkumarSharma338257
 
Route static Configuration
Route static ConfigurationRoute static Configuration
Route static ConfigurationGausul Azam
 
3 ip routing vrf lite - v2
3 ip routing vrf lite - v23 ip routing vrf lite - v2
3 ip routing vrf lite - v2SagarR24
 
6.policy based routing
6.policy based routing6.policy based routing
6.policy based routinguniversity fsr
 
SRWE_Module_14.pptx
SRWE_Module_14.pptxSRWE_Module_14.pptx
SRWE_Module_14.pptxRobinRohit2
 
SRWE_Module_14.pptx
SRWE_Module_14.pptxSRWE_Module_14.pptx
SRWE_Module_14.pptxNguyenNM
 
Exploration_Routing_Chapter_1 ppt for learning Networking
Exploration_Routing_Chapter_1 ppt for learning NetworkingExploration_Routing_Chapter_1 ppt for learning Networking
Exploration_Routing_Chapter_1 ppt for learning NetworkingbrainxMagic
 
Cisco router command configuration overview
Cisco router command configuration overviewCisco router command configuration overview
Cisco router command configuration overview3Anetwork com
 

Similar to Policy Based Routing (PBR) (20)

How to configure pbr (policy based routing)
How to configure pbr (policy based routing)How to configure pbr (policy based routing)
How to configure pbr (policy based routing)
 
Pbroute
PbroutePbroute
Pbroute
 
How to train your L3DSR with PBR - MEMO -
How to train your L3DSR with PBR - MEMO -How to train your L3DSR with PBR - MEMO -
How to train your L3DSR with PBR - MEMO -
 
Router Commands Overview
Router Commands OverviewRouter Commands Overview
Router Commands Overview
 
07.bgp
07.bgp07.bgp
07.bgp
 
Implementing a scalable ospf based solution
Implementing a scalable ospf based solutionImplementing a scalable ospf based solution
Implementing a scalable ospf based solution
 
Ccnacommand 140205001152-phpapp01
Ccnacommand 140205001152-phpapp01Ccnacommand 140205001152-phpapp01
Ccnacommand 140205001152-phpapp01
 
Ospf.ppt
Ospf.pptOspf.ppt
Ospf.ppt
 
CCNA R&S-20-Configuring IPv4 Addresses and Routes
CCNA R&S-20-Configuring IPv4 Addresses and RoutesCCNA R&S-20-Configuring IPv4 Addresses and Routes
CCNA R&S-20-Configuring IPv4 Addresses and Routes
 
CCNA_RSE_Chp3_Dynamic Routing NETWORKINGFBU.pptx
CCNA_RSE_Chp3_Dynamic Routing NETWORKINGFBU.pptxCCNA_RSE_Chp3_Dynamic Routing NETWORKINGFBU.pptx
CCNA_RSE_Chp3_Dynamic Routing NETWORKINGFBU.pptx
 
Ospf hassan jamal.ppt
Ospf hassan jamal.pptOspf hassan jamal.ppt
Ospf hassan jamal.ppt
 
Route static Configuration
Route static ConfigurationRoute static Configuration
Route static Configuration
 
3 ip routing vrf lite - v2
3 ip routing vrf lite - v23 ip routing vrf lite - v2
3 ip routing vrf lite - v2
 
6.policy based routing
6.policy based routing6.policy based routing
6.policy based routing
 
SRWE_Module_14.pptx
SRWE_Module_14.pptxSRWE_Module_14.pptx
SRWE_Module_14.pptx
 
SRWE_Module_14.pptx
SRWE_Module_14.pptxSRWE_Module_14.pptx
SRWE_Module_14.pptx
 
11 bgp-ethernet
11 bgp-ethernet11 bgp-ethernet
11 bgp-ethernet
 
Day 20.i pv6 lab
Day 20.i pv6 labDay 20.i pv6 lab
Day 20.i pv6 lab
 
Exploration_Routing_Chapter_1 ppt for learning Networking
Exploration_Routing_Chapter_1 ppt for learning NetworkingExploration_Routing_Chapter_1 ppt for learning Networking
Exploration_Routing_Chapter_1 ppt for learning Networking
 
Cisco router command configuration overview
Cisco router command configuration overviewCisco router command configuration overview
Cisco router command configuration overview
 

More from KHNOG

Network Attack Counter
Network Attack CounterNetwork Attack Counter
Network Attack CounterKHNOG
 
Wireless Network Pentestration
Wireless Network PentestrationWireless Network Pentestration
Wireless Network PentestrationKHNOG
 
Bonding Interface in MikroTik
Bonding Interface in MikroTikBonding Interface in MikroTik
Bonding Interface in MikroTikKHNOG
 
Network Exploitation
Network ExploitationNetwork Exploitation
Network ExploitationKHNOG
 
Why / How to become the Linux certified
Why / How to become the Linux certifiedWhy / How to become the Linux certified
Why / How to become the Linux certifiedKHNOG
 
Introduction to BRAS
Introduction to BRASIntroduction to BRAS
Introduction to BRASKHNOG
 
ElasticISP
ElasticISPElasticISP
ElasticISPKHNOG
 
Hotspot on Mikrotik Router
Hotspot on Mikrotik RouterHotspot on Mikrotik Router
Hotspot on Mikrotik RouterKHNOG
 
Rapid Ring Protection Protocol (RRPP)
Rapid Ring Protection Protocol (RRPP)Rapid Ring Protection Protocol (RRPP)
Rapid Ring Protection Protocol (RRPP)KHNOG
 
Transmission Technologies
Transmission TechnologiesTransmission Technologies
Transmission TechnologiesKHNOG
 
Interior Routing Protocols
Interior Routing ProtocolsInterior Routing Protocols
Interior Routing ProtocolsKHNOG
 
Mikrotik Hotspot User Manager
Mikrotik Hotspot User ManagerMikrotik Hotspot User Manager
Mikrotik Hotspot User ManagerKHNOG
 
Testing Fiber-Optic Systems
Testing Fiber-Optic Systems Testing Fiber-Optic Systems
Testing Fiber-Optic Systems KHNOG
 
RPM Junos-service
RPM Junos-serviceRPM Junos-service
RPM Junos-serviceKHNOG
 
Incoming Outgoing Spam Filter
Incoming Outgoing Spam FilterIncoming Outgoing Spam Filter
Incoming Outgoing Spam FilterKHNOG
 
MPLS
MPLSMPLS
MPLSKHNOG
 
Software Define Network (SDN) and Openflow
Software Define Network (SDN) and OpenflowSoftware Define Network (SDN) and Openflow
Software Define Network (SDN) and OpenflowKHNOG
 

More from KHNOG (17)

Network Attack Counter
Network Attack CounterNetwork Attack Counter
Network Attack Counter
 
Wireless Network Pentestration
Wireless Network PentestrationWireless Network Pentestration
Wireless Network Pentestration
 
Bonding Interface in MikroTik
Bonding Interface in MikroTikBonding Interface in MikroTik
Bonding Interface in MikroTik
 
Network Exploitation
Network ExploitationNetwork Exploitation
Network Exploitation
 
Why / How to become the Linux certified
Why / How to become the Linux certifiedWhy / How to become the Linux certified
Why / How to become the Linux certified
 
Introduction to BRAS
Introduction to BRASIntroduction to BRAS
Introduction to BRAS
 
ElasticISP
ElasticISPElasticISP
ElasticISP
 
Hotspot on Mikrotik Router
Hotspot on Mikrotik RouterHotspot on Mikrotik Router
Hotspot on Mikrotik Router
 
Rapid Ring Protection Protocol (RRPP)
Rapid Ring Protection Protocol (RRPP)Rapid Ring Protection Protocol (RRPP)
Rapid Ring Protection Protocol (RRPP)
 
Transmission Technologies
Transmission TechnologiesTransmission Technologies
Transmission Technologies
 
Interior Routing Protocols
Interior Routing ProtocolsInterior Routing Protocols
Interior Routing Protocols
 
Mikrotik Hotspot User Manager
Mikrotik Hotspot User ManagerMikrotik Hotspot User Manager
Mikrotik Hotspot User Manager
 
Testing Fiber-Optic Systems
Testing Fiber-Optic Systems Testing Fiber-Optic Systems
Testing Fiber-Optic Systems
 
RPM Junos-service
RPM Junos-serviceRPM Junos-service
RPM Junos-service
 
Incoming Outgoing Spam Filter
Incoming Outgoing Spam FilterIncoming Outgoing Spam Filter
Incoming Outgoing Spam Filter
 
MPLS
MPLSMPLS
MPLS
 
Software Define Network (SDN) and Openflow
Software Define Network (SDN) and OpenflowSoftware Define Network (SDN) and Openflow
Software Define Network (SDN) and Openflow
 

Recently uploaded

Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomCzechDreamin
 
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptxWSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptxJennifer Lim
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxAbida Shariff
 
Agentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdfAgentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdfChristopherTHyatt
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
 
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀DianaGray10
 
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya HalderCustom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya HalderCzechDreamin
 
Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationIntroduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationZilliz
 
IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoTAnalytics
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Product School
 
10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka Doktorová10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka DoktorováCzechDreamin
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaCzechDreamin
 
The architecture of Generative AI for enterprises.pdf
The architecture of Generative AI for enterprises.pdfThe architecture of Generative AI for enterprises.pdf
The architecture of Generative AI for enterprises.pdfalexjohnson7307
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...Product School
 
What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024Stephanie Beckett
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Thierry Lestable
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaRTTS
 
UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2DianaGray10
 
AI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří KarpíšekAI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří KarpíšekCzechDreamin
 

Recently uploaded (20)

Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
 
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptxWSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
Agentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdfAgentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdf
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
 
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya HalderCustom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
 
Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationIntroduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG Evaluation
 
IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka Doktorová10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka Doktorová
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara Laskowska
 
The architecture of Generative AI for enterprises.pdf
The architecture of Generative AI for enterprises.pdfThe architecture of Generative AI for enterprises.pdf
The architecture of Generative AI for enterprises.pdf
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2
 
AI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří KarpíšekAI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří Karpíšek
 

Policy Based Routing (PBR)

  • 2. Content - Before We Start - PBR Overview - How PBR Works - Route-Map Operation - PBR Configuration Procedure - PBR Configuration - Lab
  • 3. Before We Start - Destination Based Routing - Routing from Net A/B to Net C/D via (R1 -> R5 -> R4)
  • 4. PBR Overview - Say goodbye to Destination Based Routing - Flexible routing packet decision based on traffic flows - Overrides routing protocol next-hob decision
  • 5. PBR Overview - Routing from Net A to Net C via (R1 -> R5 -> R4) - Routing from Net B to Net D via (R1 -> R2 -> R3 -> R4)
  • 6. How PBR Works - All packets received on an interface are considered for policy routing - Each packet is passed through a route-map - Each entry in a route-map has “match” and “set” clauses - Match clauses are conditions to be met - Route-map is used for condition work
  • 7. How PBR Works If match src NetA set next-hob -> R5 If match src NetB set next-hob -> R2
  • 8. Route-Map Operation route-map DEMO permit 10 match X Y Z match A set B set C route-map DEMO permit 20 match Q set R route-map DEMO permit 30 If {(X OR Y OR Z) AND A match} Then {Set B AND C} (and exit route-map) Else If Q matches Then set R (and exit route-map) Else Set nothing (and exit route-map) OR OR
  • 9. Route-Map Operation - Match criteria on the same line mean a logical OR condition - Multiple match and set criteria on separate lines indicates an AND condition - A route-map statement without any match statements will be considered matched. - Like an access list, an implicit deny any appears at the end of a route map.
  • 10. PBR Configuration Procedure - Define and name the route map with the route-map command. - Define the conditions to match (the match statements). - Define access-list for packet identifying - Define the action to be taken when there is a match (the set statements). - Define which interface the route map will be attached to using the ip policy route-map interface configuration command.
  • 12. PBR Configuration – Lab Configuration on R1 - Create access-list ip access-list extended Net7-Net4 permit ip 7.7.7.0 0.0.0.255 4.4.4.0 0.0.0.255 !
  • 13. PBR Configuration – Lab Configuration on R1 - Configure route-map route-map DEMO permit 10 match ip address Net7-Net4 set ip next-hop 192.168.12.2 ! route-map DEMO permit 20 !
  • 14. PBR Configuration – Lab Configuration on R1 - Apply route-map into interface interface FastEthernet6/0 ip policy route-map DEMO !
  • 15. PBR Configuration – Lab Traceroute output from Network 7.7.7.7 - Before Apply into interface traceroute 4.4.4.4 source 7.7.7.7 Type escape sequence to abort. Tracing the route to 4.4.4.4 1 192.168.16.1 20 msec 12 msec 12 msec (R1) 2 192.168.15.5 12 msec 36 msec 28 msec (R5)
  • 16. PBR Configuration – Lab Traceroute output from Network 7.7.7.7 - After Apply into interface traceroute 4.4.4.4 source 7.7.7.7 Type escape sequence to abort. Tracing the route to 4.4.4.4 1 192.168.16.1 12 msec 20 msec 20 msec (R1) 2 192.168.12.2 30 msec * 34 msec (R2) 3 192.168.23.3 32 msec * 36 msec (R3) 4 192.168.34.4 68 msec 56 msec 52 msec (R4) 5 192.168.45.5 56 msec 68 msec 60 msec