Policy-based Routing (PBR) is a common networking technique that can be used to redirect certain traffic types to use specific paths by changing the next hop for the matching traffic. PBR overrules the routing table for the specified type of traffic.

Configuration Steps:

Step 1: Configure interfaces and OSPF as the IGP on all the routers. Assign static IPs to PCs.

**************************R3
sys
sysname R3
#
interface Ethernet0/0/0
 ip address 40.40.40.0 255.255.255.254
#
interface Ethernet0/0/1
 ip address 50.50.50.0 255.255.255.254
#
interface Serial0/0/0
 link-protocol ppp
 ip address 30.30.30.0 255.255.255.254
#
interface Serial0/0/1
 link-protocol ppp
 ip address 10.10.10.0 255.255.255.254
#
#
ospf 10 router-id 3.3.3.3
 area 0.0.0.0
  network 40.40.40.0 0.0.0.1
  network 30.30.30.0 0.0.0.1
  network 50.50.50.0 0.0.0.1
  network 10.10.10.0 0.0.0.1
#

**************************R4
sys
sysname R4
#
interface Serial0/0/0
 link-protocol ppp
 ip address 30.30.30.1 255.255.255.254
#
interface GigabitEthernet0/0/1
 ip address 30.30.30.2 255.255.255.254
#
ospf 10 router-id 4.4.4.4
 area 0.0.0.0
  network 30.30.30.0 0.0.0.1
  network 30.30.30.2 0.0.0.1
#

*************************R5
sys
sysname R5
#
interface Serial0/0/0
 link-protocol ppp
 ip address 10.10.10.1 255.255.255.254
#
interface GigabitEthernet0/0/0
 ip address 10.10.10.4 255.255.255.254
#
#
ospf 10 router-id 5.5.5.5
 area 0.0.0.0
  network 10.10.10.0 0.0.0.1
  network 10.10.10.2 0.0.0.1
  network 10.10.10.4 0.0.0.1
#

******************************R6
sys
sysname R6
#
interface Ethernet0/0/0
 ip address 40.40.40.2 255.255.255.254
#
interface Ethernet0/0/1
 ip address 50.50.50.2 255.255.255.254
#
interface GigabitEthernet0/0/0
 ip address 10.10.10.3 255.255.255.254
#
interface GigabitEthernet0/0/1
 ip address 30.30.30.3 255.255.255.254
#
ospf 10 router-id 6.6.6.6
 area 0.0.0.0
  network 30.30.30.2 0.0.0.1
  network 10.10.10.2 0.0.0.1
  network 50.50.50.2 0.0.0.1
  network 40.40.40.2 0.0.0.1
#

***************************R7
sys
syaname R7
#
interface GigabitEthernet0/0/0
 ip address 10.10.10.5 255.255.255.254
#
interface GigabitEthernet0/0/1
 ip address 10.10.10.2 255.255.255.254
#
ospf 10 router-id 7.7.7.7
 area 0.0.0.0
  network 10.10.10.4 0.0.0.1
  network 10.10.10.2 0.0.0.1
#

Step 2: Verify OSPF adjacency status.

Step 3: Verify connectivity between PCs and the path taken by the traffic from PC2 to PC4 and PC3 to PC5.

The objective of this lab is to use Policy based routing to ensure traffic from PC2 to PC4 passes through R4 while traffic from PC3 to PC5 passes through R5.

Step 4: Configure ACLs to match traffic from PC2 and PC3 as follows on R3. We use extended ACLs to be able to match the source IP addresses.

***************************R3
#
acl number 3000
 rule 5 permit ip source 40.40.40.0 0.0.0.1
#
acl number 3002
 rule 5 permit ip source 50.50.50.0 0.0.0.1
#

Step 5: Configure PBR and apply it on the interfaces facing PCs on R3.

**************************R3
#
policy-based-route TEST_PBR permit node 5
 if-match acl 3000
 apply output-interface Serial0/0/0
policy-based-route TEST_PBR permit node 10
 if-match acl 3002
 apply output-interface Serial0/0/1
#
interface Ethernet0/0/0
 ip policy-based-route TEST_PBR
#
interface Ethernet0/0/1
 ip policy-based-route TEST_PBR
#

Step 6: Verify the path taken by traffic from PC2 and PC3.

Note: The PBR configured on R3 doe not affect the path for the return traffic from PC4 and PC5. You must configure same PBR on R6 to be able to control the flow of the return traffic.

This is how you can use PBR to control traffic flow in your network. Thank You for reading and please leave your comments below. Check out other related articles on our page.

Related Posts

• VXLAN (intra-subnet communication) Implementation on Huawei switches.
• Implementing BGP confederation on Huawei routers.
• Implementing GRE over IPsec (ISAKMP mode) on Huawei routers.
• Implementing Internet Protocol Security (IPsec) ISAKMP mode on Huawei routers.
• Implementing Internet Protocol Security (IPsec) manual mode on Huawei routers.