SlideShare ist ein Scribd-Unternehmen logo

Policy Based Routing (PBR)

KHNOG
KHNOG

KHNOG Micro-Event March 2016 Mr. Porhai Eung

Technologie
1 von 17
Downloaden Sie, um offline zu lesen
Policy-Based Routing (PBR)
Content - Before We Start - PBR Overview - How PBR Works - Route-Map Operation - PBR Configuration Procedure - PBR Configuration - Lab
Before We Start - Destination Based Routing - Routing from Net A/B to Net C/D via (R1 -> R5 -> R4)
PBR Overview - Say goodbye to Destination Based Routing - Flexible routing packet decision based on traffic flows - Overrides routing protocol next-hob decision
PBR Overview - Routing from Net A to Net C via (R1 -> R5 -> R4) - Routing from Net B to Net D via (R1 -> R2 -> R3 -> R4)
How PBR Works - All packets received on an interface are considered for policy routing - Each packet is passed through a route-map - Each entry in a route-map has “match” and “set” clauses - Match clauses are conditions to be met - Route-map is used for condition work
How PBR Works If match src NetA set next-hob -> R5 If match src NetB set next-hob -> R2
Route-Map Operation route-map DEMO permit 10 match X Y Z match A set B set C route-map DEMO permit 20 match Q set R route-map DEMO permit 30 If {(X OR Y OR Z) AND A match} Then {Set B AND C} (and exit route-map) Else If Q matches Then set R (and exit route-map) Else Set nothing (and exit route-map) OR OR
Route-Map Operation - Match criteria on the same line mean a logical OR condition - Multiple match and set criteria on separate lines indicates an AND condition - A route-map statement without any match statements will be considered matched. - Like an access list, an implicit deny any appears at the end of a route map.
PBR Configuration Procedure - Define and name the route map with the route-map command. - Define the conditions to match (the match statements). - Define access-list for packet identifying - Define the action to be taken when there is a match (the set statements). - Define which interface the route map will be attached to using the ip policy route-map interface configuration command.
PBR Configuration - Lab
PBR Configuration – Lab Configuration on R1 - Create access-list ip access-list extended Net7-Net4 permit ip 7.7.7.0 0.0.0.255 4.4.4.0 0.0.0.255 !
PBR Configuration – Lab Configuration on R1 - Configure route-map route-map DEMO permit 10 match ip address Net7-Net4 set ip next-hop 192.168.12.2 ! route-map DEMO permit 20 !
PBR Configuration – Lab Configuration on R1 - Apply route-map into interface interface FastEthernet6/0 ip policy route-map DEMO !
PBR Configuration – Lab Traceroute output from Network 7.7.7.7 - Before Apply into interface traceroute 4.4.4.4 source 7.7.7.7 Type escape sequence to abort. Tracing the route to 4.4.4.4 1 192.168.16.1 20 msec 12 msec 12 msec (R1) 2 192.168.15.5 12 msec 36 msec 28 msec (R5)
PBR Configuration – Lab Traceroute output from Network 7.7.7.7 - After Apply into interface traceroute 4.4.4.4 source 7.7.7.7 Type escape sequence to abort. Tracing the route to 4.4.4.4 1 192.168.16.1 12 msec 20 msec 20 msec (R1) 2 192.168.12.2 30 msec * 34 msec (R2) 3 192.168.23.3 32 msec * 36 msec (R3) 4 192.168.34.4 68 msec 56 msec 52 msec (R4) 5 192.168.45.5 56 msec 68 msec 60 msec
Thanks

Empfohlen

Policy Based Routing
Policy Based RoutingPolicy Based Routing
Policy Based RoutingNetProtocol Xpert
 
CCNA Lab Guide
CCNA Lab GuideCCNA Lab Guide
CCNA Lab GuideSalachudin Emir
 
Cisco ospf
Cisco ospf Cisco ospf
Cisco ospf sarasanandam
 
Bgp
BgpBgp
BgpFebrian ‎
 
GRE (generic routing encapsulation)
GRE (generic routing encapsulation)GRE (generic routing encapsulation)
GRE (generic routing encapsulation)Netwax Lab
 
QoS Classification on Cisco IOS Router
QoS Classification on Cisco IOS RouterQoS Classification on Cisco IOS Router
QoS Classification on Cisco IOS RouterNetProtocol Xpert
 
Ospf
Ospf Ospf
OspfDeeN Mohammad
 
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]APNIC
 

Empfohlen

Policy Based Routing
Policy Based RoutingPolicy Based Routing
Policy Based RoutingNetProtocol Xpert
 
CCNA Lab Guide
CCNA Lab GuideCCNA Lab Guide
CCNA Lab GuideSalachudin Emir
 
Cisco ospf
Cisco ospf Cisco ospf
Cisco ospf sarasanandam
 
Bgp
BgpBgp
BgpFebrian ‎
 
GRE (generic routing encapsulation)
GRE (generic routing encapsulation)GRE (generic routing encapsulation)
GRE (generic routing encapsulation)Netwax Lab
 
QoS Classification on Cisco IOS Router
QoS Classification on Cisco IOS RouterQoS Classification on Cisco IOS Router
QoS Classification on Cisco IOS RouterNetProtocol Xpert
 
Ospf
Ospf Ospf
OspfDeeN Mohammad
 
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]APNIC
 
MikroTik Firewall : Securing your Router with Port Knocking
MikroTik Firewall : Securing your Router with Port KnockingMikroTik Firewall : Securing your Router with Port Knocking
MikroTik Firewall : Securing your Router with Port KnockingAkbar Azwir, MM, PMP, PMI-SP, PSM I, CISSP
 
nftables - the evolution of Linux Firewall
nftables - the evolution of Linux Firewallnftables - the evolution of Linux Firewall
nftables - the evolution of Linux FirewallMarian Marinov
 
Ospf area types
Ospf area typesOspf area types
Ospf area typesRoger Perkin
 
Linux Network Stack
Linux Network StackLinux Network Stack
Linux Network StackAdrien Mahieux
 
Hot standby router protocol (hsrp) using
Hot standby router protocol (hsrp) usingHot standby router protocol (hsrp) using
Hot standby router protocol (hsrp) usingShubhiGupta94
 
Multi-Protocol Label Switching
Multi-Protocol Label SwitchingMulti-Protocol Label Switching
Multi-Protocol Label Switchingseanraz
 
Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking ExplainedThomas Graf
 
ospf routing protocol
ospf routing protocolospf routing protocol
ospf routing protocolAmeer Agel
 
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017Bruno Teixeira
 
DMVPN
DMVPNDMVPN
DMVPNNetProtocol Xpert
 
MikroTik Multicast Routing [www.imxpert.co]
MikroTik Multicast Routing [www.imxpert.co]MikroTik Multicast Routing [www.imxpert.co]
MikroTik Multicast Routing [www.imxpert.co]Faisal Reza
 
Open Shortest Path First
Open Shortest Path FirstOpen Shortest Path First
Open Shortest Path FirstKashif Latif
 
Cisco CCNA- NAT Configuration
Cisco CCNA- NAT ConfigurationCisco CCNA- NAT Configuration
Cisco CCNA- NAT ConfigurationHamed Moghaddam
 
ACI MultiPod Config Guide
ACI MultiPod Config GuideACI MultiPod Config Guide
ACI MultiPod Config GuideWoo Hyung Choi
 
acl configuration
acl configurationacl configuration
acl configurationRandyDookheran1
 
Bgp protocol
Bgp protocolBgp protocol
Bgp protocolSmriti Tikoo
 
Arp (address resolution protocol)
Arp (address resolution protocol)Arp (address resolution protocol)
Arp (address resolution protocol)tigerbt
 
CCNA presentation.
CCNA presentation.CCNA presentation.
CCNA presentation.Ajaigururaj R
 
How BGP Works
How BGP WorksHow BGP Works
How BGP WorksThousandEyes
 
VXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksVXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksAPNIC
 
Routing Implementation - Cisco vs. Mikrotik
Routing Implementation - Cisco vs. MikrotikRouting Implementation - Cisco vs. Mikrotik
Routing Implementation - Cisco vs. MikrotikKHNOG
 
SIP (Session Initiation Protocol)
SIP (Session Initiation Protocol)SIP (Session Initiation Protocol)
SIP (Session Initiation Protocol)KHNOG
 

Weitere ähnliche Inhalte

Was ist angesagt?

nftables - the evolution of Linux Firewall
nftables - the evolution of Linux Firewallnftables - the evolution of Linux Firewall
nftables - the evolution of Linux FirewallMarian Marinov
 
Hot standby router protocol (hsrp) using
Hot standby router protocol (hsrp) usingHot standby router protocol (hsrp) using
Hot standby router protocol (hsrp) usingShubhiGupta94
 
Multi-Protocol Label Switching
Multi-Protocol Label SwitchingMulti-Protocol Label Switching
Multi-Protocol Label Switchingseanraz
 
Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking ExplainedThomas Graf
 
ospf routing protocol
ospf routing protocolospf routing protocol
ospf routing protocolAmeer Agel
 
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017Bruno Teixeira
 
MikroTik Multicast Routing [www.imxpert.co]
MikroTik Multicast Routing [www.imxpert.co]MikroTik Multicast Routing [www.imxpert.co]
MikroTik Multicast Routing [www.imxpert.co]Faisal Reza
 
Open Shortest Path First
Open Shortest Path FirstOpen Shortest Path First
Open Shortest Path FirstKashif Latif
 
Cisco CCNA- NAT Configuration
Cisco CCNA- NAT ConfigurationCisco CCNA- NAT Configuration
Cisco CCNA- NAT ConfigurationHamed Moghaddam
 
ACI MultiPod Config Guide
ACI MultiPod Config GuideACI MultiPod Config Guide
ACI MultiPod Config GuideWoo Hyung Choi
 
Arp (address resolution protocol)
Arp (address resolution protocol)Arp (address resolution protocol)
Arp (address resolution protocol)tigerbt
 
VXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksVXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksAPNIC
 

Was ist angesagt? (20)

MikroTik Firewall : Securing your Router with Port Knocking
MikroTik Firewall : Securing your Router with Port KnockingMikroTik Firewall : Securing your Router with Port Knocking
MikroTik Firewall : Securing your Router with Port Knocking
 
nftables - the evolution of Linux Firewall
nftables - the evolution of Linux Firewallnftables - the evolution of Linux Firewall
nftables - the evolution of Linux Firewall
 
Ospf area types
Ospf area typesOspf area types
Ospf area types
 
Linux Network Stack
Linux Network StackLinux Network Stack
Linux Network Stack
 
Hot standby router protocol (hsrp) using
Hot standby router protocol (hsrp) usingHot standby router protocol (hsrp) using
Hot standby router protocol (hsrp) using
 
Multi-Protocol Label Switching
Multi-Protocol Label SwitchingMulti-Protocol Label Switching
Multi-Protocol Label Switching
 
Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking Explained
 
ospf routing protocol
ospf routing protocolospf routing protocol
ospf routing protocol
 
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017
 
DMVPN
DMVPNDMVPN
DMVPN
 
MikroTik Multicast Routing [www.imxpert.co]
MikroTik Multicast Routing [www.imxpert.co]MikroTik Multicast Routing [www.imxpert.co]
MikroTik Multicast Routing [www.imxpert.co]
 
Open Shortest Path First
Open Shortest Path FirstOpen Shortest Path First
Open Shortest Path First
 
Cisco CCNA- NAT Configuration
Cisco CCNA- NAT ConfigurationCisco CCNA- NAT Configuration
Cisco CCNA- NAT Configuration
 
ACI MultiPod Config Guide
ACI MultiPod Config GuideACI MultiPod Config Guide
ACI MultiPod Config Guide
 
acl configuration
acl configurationacl configuration
acl configuration
 
Bgp protocol
Bgp protocolBgp protocol
Bgp protocol
 
Arp (address resolution protocol)
Arp (address resolution protocol)Arp (address resolution protocol)
Arp (address resolution protocol)
 
CCNA presentation.
CCNA presentation.CCNA presentation.
CCNA presentation.
 
How BGP Works
How BGP WorksHow BGP Works
How BGP Works
 
VXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksVXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building Blocks
 

Andere mochten auch

Routing Implementation - Cisco vs. Mikrotik
Routing Implementation - Cisco vs. MikrotikRouting Implementation - Cisco vs. Mikrotik
Routing Implementation - Cisco vs. MikrotikKHNOG
 
SIP (Session Initiation Protocol)
SIP (Session Initiation Protocol)SIP (Session Initiation Protocol)
SIP (Session Initiation Protocol)KHNOG
 
Virtual Extensible LAN (VXLAN)
Virtual Extensible LAN (VXLAN)Virtual Extensible LAN (VXLAN)
Virtual Extensible LAN (VXLAN)KHNOG
 
Physically Based Rendering by Gege
Physically Based Rendering by GegePhysically Based Rendering by Gege
Physically Based Rendering by GegeAgate Studio
 
How to Prevent DHCP Spoofing
How to Prevent DHCP SpoofingHow to Prevent DHCP Spoofing
How to Prevent DHCP SpoofingKHNOG
 
Understanding REST APIs in 5 Simple Steps
Understanding REST APIs in 5 Simple StepsUnderstanding REST APIs in 5 Simple Steps
Understanding REST APIs in 5 Simple StepsTessa Mero
 
Introduction to Python
Introduction to PythonIntroduction to Python
Introduction to PythonKHNOG
 
Terminal Access Controller
Terminal Access ControllerTerminal Access Controller
Terminal Access ControllerKHNOG
 
Bandwidth Management on Linux
Bandwidth Management on LinuxBandwidth Management on Linux
Bandwidth Management on LinuxKHNOG
 
Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) KHNOG
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)KHNOG
 
9th SDN Expert Group Seminar - Session3
9th SDN Expert Group Seminar - Session39th SDN Expert Group Seminar - Session3
9th SDN Expert Group Seminar - Session3NAIM Networks, Inc.
 
IT Service Level Agreement
IT Service Level AgreementIT Service Level Agreement
IT Service Level AgreementKHNOG
 
1st SDN Interest Group Seminar - Session2 (121017)
1st SDN Interest Group Seminar - Session2 (121017)1st SDN Interest Group Seminar - Session2 (121017)
1st SDN Interest Group Seminar - Session2 (121017)NAIM Networks, Inc.
 
Core Concept of TCP/IP
Core Concept of TCP/IPCore Concept of TCP/IP
Core Concept of TCP/IPKHNOG
 
Cambodia International Backbone Network
Cambodia International Backbone NetworkCambodia International Backbone Network
Cambodia International Backbone NetworkKHNOG
 
Mikrotik Hotspot With Queue Tree BW Management
Mikrotik Hotspot With Queue Tree BW ManagementMikrotik Hotspot With Queue Tree BW Management
Mikrotik Hotspot With Queue Tree BW Managementgopartheredbuff
 
Network Security-Honeypot
Network Security-HoneypotNetwork Security-Honeypot
Network Security-HoneypotKHNOG
 

Andere mochten auch (20)

Routing Implementation - Cisco vs. Mikrotik
Routing Implementation - Cisco vs. MikrotikRouting Implementation - Cisco vs. Mikrotik
Routing Implementation - Cisco vs. Mikrotik
 
SIP (Session Initiation Protocol)
SIP (Session Initiation Protocol)SIP (Session Initiation Protocol)
SIP (Session Initiation Protocol)
 
Virtual Extensible LAN (VXLAN)
Virtual Extensible LAN (VXLAN)Virtual Extensible LAN (VXLAN)
Virtual Extensible LAN (VXLAN)
 
Physically Based Rendering by Gege
Physically Based Rendering by GegePhysically Based Rendering by Gege
Physically Based Rendering by Gege
 
How to Prevent DHCP Spoofing
How to Prevent DHCP SpoofingHow to Prevent DHCP Spoofing
How to Prevent DHCP Spoofing
 
Understanding REST APIs in 5 Simple Steps
Understanding REST APIs in 5 Simple StepsUnderstanding REST APIs in 5 Simple Steps
Understanding REST APIs in 5 Simple Steps
 
Introduction to Python
Introduction to PythonIntroduction to Python
Introduction to Python
 
Terminal Access Controller
Terminal Access ControllerTerminal Access Controller
Terminal Access Controller
 
Bandwidth Management on Linux
Bandwidth Management on LinuxBandwidth Management on Linux
Bandwidth Management on Linux
 
Python101
Python101Python101
Python101
 
Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD)
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)
 
9th SDN Expert Group Seminar - Session3
9th SDN Expert Group Seminar - Session39th SDN Expert Group Seminar - Session3
9th SDN Expert Group Seminar - Session3
 
IT Service Level Agreement
IT Service Level AgreementIT Service Level Agreement
IT Service Level Agreement
 
1st SDN Interest Group Seminar - Session2 (121017)
1st SDN Interest Group Seminar - Session2 (121017)1st SDN Interest Group Seminar - Session2 (121017)
1st SDN Interest Group Seminar - Session2 (121017)
 
Core Concept of TCP/IP
Core Concept of TCP/IPCore Concept of TCP/IP
Core Concept of TCP/IP
 
Cambodia International Backbone Network
Cambodia International Backbone NetworkCambodia International Backbone Network
Cambodia International Backbone Network
 
VPN on Mikrotik
VPN on MikrotikVPN on Mikrotik
VPN on Mikrotik
 
Mikrotik Hotspot With Queue Tree BW Management
Mikrotik Hotspot With Queue Tree BW ManagementMikrotik Hotspot With Queue Tree BW Management
Mikrotik Hotspot With Queue Tree BW Management
 
Network Security-Honeypot
Network Security-HoneypotNetwork Security-Honeypot
Network Security-Honeypot
 

Ähnlich wie Policy Based Routing (PBR)

How to configure pbr (policy based routing)
How to configure pbr (policy based routing)How to configure pbr (policy based routing)
How to configure pbr (policy based routing)Lirouter Li
 
How to train your L3DSR with PBR - MEMO -
How to train your L3DSR with PBR - MEMO -How to train your L3DSR with PBR - MEMO -
How to train your L3DSR with PBR - MEMO -Naoto MATSUMOTO
 
Router Commands Overview
Router Commands OverviewRouter Commands Overview
Router Commands OverviewMuhammed Niyas
 
Implementing a scalable ospf based solution
Implementing a scalable ospf based solutionImplementing a scalable ospf based solution
Implementing a scalable ospf based solutionArnold Derrick Kinney
 
CCNA R&S-20-Configuring IPv4 Addresses and Routes
CCNA R&S-20-Configuring IPv4 Addresses and RoutesCCNA R&S-20-Configuring IPv4 Addresses and Routes
CCNA R&S-20-Configuring IPv4 Addresses and RoutesAmir Jafari
 
CCNA_RSE_Chp3_Dynamic Routing NETWORKINGFBU.pptx
CCNA_RSE_Chp3_Dynamic Routing NETWORKINGFBU.pptxCCNA_RSE_Chp3_Dynamic Routing NETWORKINGFBU.pptx
CCNA_RSE_Chp3_Dynamic Routing NETWORKINGFBU.pptxManishkumarSharma338257
 
Route static Configuration
Route static ConfigurationRoute static Configuration
Route static ConfigurationGausul Azam
 
3 ip routing vrf lite - v2
3 ip routing vrf lite - v23 ip routing vrf lite - v2
3 ip routing vrf lite - v2SagarR24
 
6.policy based routing
6.policy based routing6.policy based routing
6.policy based routinguniversity fsr
 
SRWE_Module_14.pptx
SRWE_Module_14.pptxSRWE_Module_14.pptx
SRWE_Module_14.pptxRobinRohit2
 
SRWE_Module_14.pptx
SRWE_Module_14.pptxSRWE_Module_14.pptx
SRWE_Module_14.pptxNguyenNM
 
Exploration_Routing_Chapter_1 ppt for learning Networking
Exploration_Routing_Chapter_1 ppt for learning NetworkingExploration_Routing_Chapter_1 ppt for learning Networking
Exploration_Routing_Chapter_1 ppt for learning NetworkingbrainxMagic
 
Cisco router command configuration overview
Cisco router command configuration overviewCisco router command configuration overview
Cisco router command configuration overview3Anetwork com
 

Ähnlich wie Policy Based Routing (PBR) (20)

How to configure pbr (policy based routing)
How to configure pbr (policy based routing)How to configure pbr (policy based routing)
How to configure pbr (policy based routing)
 
Pbroute
PbroutePbroute
Pbroute
 
How to train your L3DSR with PBR - MEMO -
How to train your L3DSR with PBR - MEMO -How to train your L3DSR with PBR - MEMO -
How to train your L3DSR with PBR - MEMO -
 
Router Commands Overview
Router Commands OverviewRouter Commands Overview
Router Commands Overview
 
07.bgp
07.bgp07.bgp
07.bgp
 
Implementing a scalable ospf based solution
Implementing a scalable ospf based solutionImplementing a scalable ospf based solution
Implementing a scalable ospf based solution
 
Ccnacommand 140205001152-phpapp01
Ccnacommand 140205001152-phpapp01Ccnacommand 140205001152-phpapp01
Ccnacommand 140205001152-phpapp01
 
Ospf.ppt
Ospf.pptOspf.ppt
Ospf.ppt
 
CCNA R&S-20-Configuring IPv4 Addresses and Routes
CCNA R&S-20-Configuring IPv4 Addresses and RoutesCCNA R&S-20-Configuring IPv4 Addresses and Routes
CCNA R&S-20-Configuring IPv4 Addresses and Routes
 
CCNA_RSE_Chp3_Dynamic Routing NETWORKINGFBU.pptx
CCNA_RSE_Chp3_Dynamic Routing NETWORKINGFBU.pptxCCNA_RSE_Chp3_Dynamic Routing NETWORKINGFBU.pptx
CCNA_RSE_Chp3_Dynamic Routing NETWORKINGFBU.pptx
 
Ospf hassan jamal.ppt
Ospf hassan jamal.pptOspf hassan jamal.ppt
Ospf hassan jamal.ppt
 
Route static Configuration
Route static ConfigurationRoute static Configuration
Route static Configuration
 
3 ip routing vrf lite - v2
3 ip routing vrf lite - v23 ip routing vrf lite - v2
3 ip routing vrf lite - v2
 
6.policy based routing
6.policy based routing6.policy based routing
6.policy based routing
 
SRWE_Module_14.pptx
SRWE_Module_14.pptxSRWE_Module_14.pptx
SRWE_Module_14.pptx
 
SRWE_Module_14.pptx
SRWE_Module_14.pptxSRWE_Module_14.pptx
SRWE_Module_14.pptx
 
11 bgp-ethernet
11 bgp-ethernet11 bgp-ethernet
11 bgp-ethernet
 
Day 20.i pv6 lab
Day 20.i pv6 labDay 20.i pv6 lab
Day 20.i pv6 lab
 
Exploration_Routing_Chapter_1 ppt for learning Networking
Exploration_Routing_Chapter_1 ppt for learning NetworkingExploration_Routing_Chapter_1 ppt for learning Networking
Exploration_Routing_Chapter_1 ppt for learning Networking
 
Cisco router command configuration overview
Cisco router command configuration overviewCisco router command configuration overview
Cisco router command configuration overview
 

Mehr von KHNOG

Network Attack Counter
Network Attack CounterNetwork Attack Counter
Network Attack CounterKHNOG
 
Wireless Network Pentestration
Wireless Network PentestrationWireless Network Pentestration
Wireless Network PentestrationKHNOG
 
Bonding Interface in MikroTik
Bonding Interface in MikroTikBonding Interface in MikroTik
Bonding Interface in MikroTikKHNOG
 
Network Exploitation
Network ExploitationNetwork Exploitation
Network ExploitationKHNOG
 
Why / How to become the Linux certified
Why / How to become the Linux certifiedWhy / How to become the Linux certified
Why / How to become the Linux certifiedKHNOG
 
Introduction to BRAS
Introduction to BRASIntroduction to BRAS
Introduction to BRASKHNOG
 
ElasticISP
ElasticISPElasticISP
ElasticISPKHNOG
 
Hotspot on Mikrotik Router
Hotspot on Mikrotik RouterHotspot on Mikrotik Router
Hotspot on Mikrotik RouterKHNOG
 
Rapid Ring Protection Protocol (RRPP)
Rapid Ring Protection Protocol (RRPP)Rapid Ring Protection Protocol (RRPP)
Rapid Ring Protection Protocol (RRPP)KHNOG
 
Transmission Technologies
Transmission TechnologiesTransmission Technologies
Transmission TechnologiesKHNOG
 
Interior Routing Protocols
Interior Routing ProtocolsInterior Routing Protocols
Interior Routing ProtocolsKHNOG
 
Mikrotik Hotspot User Manager
Mikrotik Hotspot User ManagerMikrotik Hotspot User Manager
Mikrotik Hotspot User ManagerKHNOG
 
Testing Fiber-Optic Systems
Testing Fiber-Optic Systems Testing Fiber-Optic Systems
Testing Fiber-Optic Systems KHNOG
 
RPM Junos-service
RPM Junos-serviceRPM Junos-service
RPM Junos-serviceKHNOG
 
Incoming Outgoing Spam Filter
Incoming Outgoing Spam FilterIncoming Outgoing Spam Filter
Incoming Outgoing Spam FilterKHNOG
 
MPLS
MPLSMPLS
MPLSKHNOG
 
Software Define Network (SDN) and Openflow
Software Define Network (SDN) and OpenflowSoftware Define Network (SDN) and Openflow
Software Define Network (SDN) and OpenflowKHNOG
 

Mehr von KHNOG (17)

Network Attack Counter
Network Attack CounterNetwork Attack Counter
Network Attack Counter
 
Wireless Network Pentestration
Wireless Network PentestrationWireless Network Pentestration
Wireless Network Pentestration
 
Bonding Interface in MikroTik
Bonding Interface in MikroTikBonding Interface in MikroTik
Bonding Interface in MikroTik
 
Network Exploitation
Network ExploitationNetwork Exploitation
Network Exploitation
 
Why / How to become the Linux certified
Why / How to become the Linux certifiedWhy / How to become the Linux certified
Why / How to become the Linux certified
 
Introduction to BRAS
Introduction to BRASIntroduction to BRAS
Introduction to BRAS
 
ElasticISP
ElasticISPElasticISP
ElasticISP
 
Hotspot on Mikrotik Router
Hotspot on Mikrotik RouterHotspot on Mikrotik Router
Hotspot on Mikrotik Router
 
Rapid Ring Protection Protocol (RRPP)
Rapid Ring Protection Protocol (RRPP)Rapid Ring Protection Protocol (RRPP)
Rapid Ring Protection Protocol (RRPP)
 
Transmission Technologies
Transmission TechnologiesTransmission Technologies
Transmission Technologies
 
Interior Routing Protocols
Interior Routing ProtocolsInterior Routing Protocols
Interior Routing Protocols
 
Mikrotik Hotspot User Manager
Mikrotik Hotspot User ManagerMikrotik Hotspot User Manager
Mikrotik Hotspot User Manager
 
Testing Fiber-Optic Systems
Testing Fiber-Optic Systems Testing Fiber-Optic Systems
Testing Fiber-Optic Systems
 
RPM Junos-service
RPM Junos-serviceRPM Junos-service
RPM Junos-service
 
Incoming Outgoing Spam Filter
Incoming Outgoing Spam FilterIncoming Outgoing Spam Filter
Incoming Outgoing Spam Filter
 
MPLS
MPLSMPLS
MPLS
 
Software Define Network (SDN) and Openflow
Software Define Network (SDN) and OpenflowSoftware Define Network (SDN) and Openflow
Software Define Network (SDN) and Openflow
 

Kürzlich hochgeladen

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 

Kürzlich hochgeladen (20)

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 

Policy Based Routing (PBR)

  • 2. Content - Before We Start - PBR Overview - How PBR Works - Route-Map Operation - PBR Configuration Procedure - PBR Configuration - Lab
  • 3. Before We Start - Destination Based Routing - Routing from Net A/B to Net C/D via (R1 -> R5 -> R4)
  • 4. PBR Overview - Say goodbye to Destination Based Routing - Flexible routing packet decision based on traffic flows - Overrides routing protocol next-hob decision
  • 5. PBR Overview - Routing from Net A to Net C via (R1 -> R5 -> R4) - Routing from Net B to Net D via (R1 -> R2 -> R3 -> R4)
  • 6. How PBR Works - All packets received on an interface are considered for policy routing - Each packet is passed through a route-map - Each entry in a route-map has “match” and “set” clauses - Match clauses are conditions to be met - Route-map is used for condition work
  • 7. How PBR Works If match src NetA set next-hob -> R5 If match src NetB set next-hob -> R2
  • 8. Route-Map Operation route-map DEMO permit 10 match X Y Z match A set B set C route-map DEMO permit 20 match Q set R route-map DEMO permit 30 If {(X OR Y OR Z) AND A match} Then {Set B AND C} (and exit route-map) Else If Q matches Then set R (and exit route-map) Else Set nothing (and exit route-map) OR OR
  • 9. Route-Map Operation - Match criteria on the same line mean a logical OR condition - Multiple match and set criteria on separate lines indicates an AND condition - A route-map statement without any match statements will be considered matched. - Like an access list, an implicit deny any appears at the end of a route map.
  • 10. PBR Configuration Procedure - Define and name the route map with the route-map command. - Define the conditions to match (the match statements). - Define access-list for packet identifying - Define the action to be taken when there is a match (the set statements). - Define which interface the route map will be attached to using the ip policy route-map interface configuration command.
  • 12. PBR Configuration – Lab Configuration on R1 - Create access-list ip access-list extended Net7-Net4 permit ip 7.7.7.0 0.0.0.255 4.4.4.0 0.0.0.255 !
  • 13. PBR Configuration – Lab Configuration on R1 - Configure route-map route-map DEMO permit 10 match ip address Net7-Net4 set ip next-hop 192.168.12.2 ! route-map DEMO permit 20 !
  • 14. PBR Configuration – Lab Configuration on R1 - Apply route-map into interface interface FastEthernet6/0 ip policy route-map DEMO !
  • 15. PBR Configuration – Lab Traceroute output from Network 7.7.7.7 - Before Apply into interface traceroute 4.4.4.4 source 7.7.7.7 Type escape sequence to abort. Tracing the route to 4.4.4.4 1 192.168.16.1 20 msec 12 msec 12 msec (R1) 2 192.168.15.5 12 msec 36 msec 28 msec (R5)
  • 16. PBR Configuration – Lab Traceroute output from Network 7.7.7.7 - After Apply into interface traceroute 4.4.4.4 source 7.7.7.7 Type escape sequence to abort. Tracing the route to 4.4.4.4 1 192.168.16.1 12 msec 20 msec 20 msec (R1) 2 192.168.12.2 30 msec * 34 msec (R2) 3 192.168.23.3 32 msec * 36 msec (R3) 4 192.168.34.4 68 msec 56 msec 52 msec (R4) 5 192.168.45.5 56 msec 68 msec 60 msec