Policy-Based Routing (PBR)

Policy-Based Routing (PBR)

NOTE

  • match はパケット長かACL/Prefix List
R2(config-route-map)#match length ?
  <0-2147483647>  Minimum packet length
R2(config-route-map)#match ip address ?
  <1-199>      IP access-list number
  <1300-2699>  IP access-list number (expanded range)
  WORD         IP access-list name
  prefix-list  Match entries of prefix-lists
  • set は色々
R2(config-route-map)#set ip next-hop ?
  A.B.C.D              IP address of next hop
  dynamic              application dynamically sets next hop
  encapsulate          Encapsulation profile for VPN nexthop
  peer-address         Use peer address (for BGP only)
  recursive            Recursive next-hop
  self                 Use self address (for BGP only)
  verify-availability  Verify if nexthop is reachable
  •  IP SLA を使ったverify-availability
    – IP SLA で10.2.4.4の正常を認識できている時は10.2.4.4に
    – 10.2.4.4がNGの時は10.2.6.6
    – それもダメな時はルーティングテーブルに従う
track 1 ip sla 1 state
!
interface FastEthernet0/0
 ip policy route-map PBR
!
ip sla 1
 icmp-echo 10.2.4.4 source-interface FastEthernet0/2
ip sla schedule 1 life forever start-time now
!
route-map PBR permit 10
 match ip address 1
 set ip next-hop verify-availability 10.2.4.4 1 track 1
 set ip next-hop 10.2.6.6
!
access-list 1 permit 10.1.2.0 0.0.0.255
  • CDP を使ったverify-availability のroute-map部分
route-map PBR permit 10
 match ip address 1
 set ip next-hop 10.2.4.4 10.2.6.6
 set ip next-hop verify-availability
  • 再帰ネクストホップ
    直接接続されていないIPを指定できる(但し、宛先経路は持っていること)
set ip next-hop recursive

 

Local PBR

NOTE

R2(config)#ip local policy route-map ?
  WORD  Route map name

 

コメント