The Journey of a Network Engineer

Oct 1 2010   10:55AM GMT

Policy Based Routing – Part 2

Sulaiman Syed Profile: Sulaiman Syed

In Policy Based Routing – part 1 I have explained why and how we can use PBR in production environment. Today, i shall post how i did, and what i did. with brief explanation. Keep in mind that the image shown with the IP scheme is not real.


ip access-list extended web
permit tcp any eq www
permit tcp any eq 443

First, i have defined the interesting traffic. is the network i would like to redirect to my proxy server. the traffic should be sourced from this network, to any network with port number 80 and 443 (HTTP, HTTPS).

route-map web permit 10
match ip address web
set ip next-hop

here, i created a route map, that matches the Access list i made in first step, and i sat the next hope address as

route-map web permit 20

This command is important, without it. the rest of traffic will be dropped. (just the way how the last command in Access List is deny deny.)

interface Vlan10
ip address
ip policy route-map web

Since, im using a multilayer switch and my interface is defined in a vlan. i have applied the Policy in the vlan interface.

Yes, of course. why not just apply the PBR on the distribution switch. I wonder why i didn’t think of that earlier. I will test my switch by tomorrow. once i get confirmed results. I think It would be best just to apply the configuration into the distribution switch.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: