A friend asked me how to implement Policy-Based Routing (PBR) yesterday, after explaining it to him I thought it’d be nice to write a quick tutorial on here. PBR allows you to change a packet’s path based on different criteria. In this post I will use my friend’s scenario. We have a business with two internet connections, the powers that be have decided to use ISP B for all outbound SMTP traffic. Here’s our topology:

PBR Topology

Let’s go through the config:

R1

hostname R1
!
ip access-list ext MATCH_SMTP
 10 permit tcp 192.168.1.0 0.0.0.255 any eq 25
 20 deny ip any any
!
route-map SMTP_ISPB permit 10
 match ip address MATCH_SMTP
 set ip next-hop 67.92.18.1
!
interface fa0/1
 ip add 192.168.1.1 255.255.255.0
 ip policy route-map SMTP_ISPB

First we create our ACL that matches outgoing SMTP traffic, then we match the ACL in a route-map. After we match the traffic, we enter our action statement, “set ip next hop”. This route-map changes the next hope of all outgoing SMTP traffic. Finally we configure it on the LAN interface.

I have only done the quick and dirty here, in this scenario you would also need some dual NAT and you might do some load balancing. We ended up with a pretty simple configuration that has nearly endless possibilities.

Colby

Colby Glass has been in IT since 2002. He is currently a Systems Engineer (presales) with a Cisco Gold partner and holds the CCNP R/S, CCNP DC, CCDP, CCIP, JNCIA-ER.

More Posts