Saturday, December 17, 2016

user routing policy, pbr, to redirect traffic to specific next-hop

PBR, policy based routing, is a way that allow us to match against some traffic patten, then have that patten routed to specific ip or updated ip header before routing.

below will be shown about how it pbr change the next hop address.
By default it will forward to ip address 1.1.1.1, but we will manipulate it to send to 192.168.34.2 instead.

1- router medel and version using for this testing
R7# show version
Cisco IOS Software, 7200 Software (C7200-ADVIPSERVICESK9-M), Version 15.2(4)S5, RELEASE SOFTWARE (fc1)


2- router running-configuration
interface FastEthernet0/0
 ip address 192.168.34.4 255.255.255.0
 ip nat outside
 speed auto
 duplex auto
!
interface FastEthernet0/1
 ip address 192.168.33.3 255.255.255.0
 ip nat inside
 ip policy route-map h15
 speed auto
 duplex auto
!
ip nat inside source list 2 interface FastEthernet0/0 overload
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 192.168.34.20
!
access-list 1 permit 192.168.33.15
access-list 2 permit 192.168.33.0 0.0.0.255
!
route-map h15 permit 10
 match ip address 1
 set ip default global next-hop 192.168.34.2




3- result of the testing
- before applying the policy


- after applying the policy. It route to 192.168.34.2 first, before sending to dst

No comments:

Post a Comment