Policy based Routing
PBR (Policy-Based Routing) allows traffic to be assigned to different routing tables. Traffic is often matched using standard 5-tuple matching (source address, destination address, protocol, source port, destination port).
When a router receives a packet it normally decides where to forward it, supported the destination address in the packet, which is then used to look up an entry in a routing table. However, in some cases, there could also be a need to forward the packet based on other criteria. For instance, a network administrator might want to forward a packet on the basis of source address and not the destination address. This allows routing of packets originating from different sources to different networks even when the destinations are the same and can be useful when interconnecting several private networks.
Policy-based routing can also be based on the size of the packet, the protocol of the payload, or other information available in a packet header or payload.
PBR Configuration Example
Note: The I.P addresses configured between the routers are in the format of 192.168.x.x/24 for routers.
In the setup, 3 PCs are connected to the routers. The three routers R1, R2 and R3 have been configured with a dynamic routing protocol OSPF with area 0.
The following setup enables PC1 to communicate with PC2 but at the same time cannot communicate with PC3 due to the configured policies at the interfaces of router R1.
Router R1 has been configured with policy to block the ICMP request for destination 30.30.30.1 so PC1 cannot communicate with PC3. This policy has been applied at Interface eth0 of Router R1.
Multiple services such as SSH, Router access and other services can also be blocked using Policy Based Routing.
The above mentioned features are offered and supported by VCL-MX-50xx family of IP/MPLS Routers.