PBR provides routing based on a policy rather than a destination address or routing protocol.
With PBR, packets matching a condition or policy can be classified by setting the IP Precedence bits.
Classified packets are then routed to the next -hop address or to an interface according to the policy.
Define a route map to classify traffic.
Specify one or more route-map statements:
(global) route-map map-tag [ permit deny ] [ sequence ]
An action statement is added to the route map named map-tag (a text string). The statements are evaluated in sequential order, according to the sequence number. The action taken on the packet can be to permit it (process the packet through the route-map statement and route it according to PBR) or deny it (route normally).
Define one or more conditions to match against (all must be met).
(Optional) Match the Layer 3 packet length:
(route-map) match length min max
If the packet length is between min and max bytes, the condition is met.
(Optional) Match the IP addresses and/or ports:
(route-map) match ip address access-list [ access-list ]
A standard IP access list access-list (named or numbered) can be used to match the source address of packets. An extended IP access list can be used to match source and destination addresses, as well as port numbers .
Define actions to perform on the packet.
(Optional) Set the IP Precedence bits:
(route-map) set ip precedence { number name }
The IP Precedence can be set to a number or name: ( routine ), 1 ( priority ), 2 ( immediate ), 3 ( flash ), 4 ( flash-override ), or 5 ( critical ). Precedence numbers 6 and 7 are reserved for network control information.
(Optional) Set the next-hop address:
(route-map) set ip next-hop ip-address [ ip-address ... ]
Packets will be forwarded to one or more next-hop addresses.
(Optional) Set the output interface:
(route-map) set interface type number
Packets will be forwarded to the output interface type and number.
Enable PBR.
Apply the route map to an inbound interface:
(interface) ip policy route-map map-tag
The route map is applied to the interface where traffic is received. Packets are evaluated and forwarded according to PBR.
(Optional) Enable fast switching for PBR:
(interface) ip route-cache policy
By default, PBR disables fast switching on the interfaces where it is applied. Enabling fast-switched PBR also causes the set ip default next-hop and set default interface commands to be unsupported.
PBR is configured to classify incoming traffic into two classes: IP Precedence flash for all Telnet traffic, and routine for all other traffic. PBR is not configured with explicit next-hop addresses or output interfaces, so the IP Precedence is set, and normal routing occurs.
route-map pbrmap permit 10 match ip address 101 set ip precedence flash route-map pbrmap permit 20 set ip precedence routine access-list 101 permit tcp any any eq telnet interface ethernet 0 ip policy route-map pbrmap ip route-cache policy