Policy Routing
All the options for IP forwarding (routing) in this affiliate had one affair in common: The destination
IP abode in the packet attack was the alone affair in the packet that was acclimated to actuate how
the packet was forwarded. Action acquisition allows a router to accomplish acquisition decisions based on
information besides the destination IP address.
Policy routing’s argumentation begins with the ip action command on an interface. This command tells IOS
to action admission packets with altered argumentation afore the accustomed forwarding argumentation takes place.
(To be specific, action acquisition intercepts the packet afterwards Step 2, but afore Step 3, in the routing
process apparent in Figure 6-1.) IOS compares the accustomed packets application the avenue map referenced
in the ip action command. Figure 6-6 shows the basal logic.
Specifying the analogous belief for action acquisition is almost simple compared to defining the
routing instructions application the set command. The avenue maps acclimated by action acquisition charge match
either based on apropos to an ACL (numbered or called IP ACL, application the bout ip address
command) or based on packet breadth (using the bout breadth command). To specify the routing
instructions—in added words, area to advanced the packet next—the set command is used.
Table 6-5 lists the set commands, and provides some acumen into their differences.
Policy Acquisition 175
Figure 6-6 Basal Action Acquisition Logic
Table 6-6 Action Acquisition Instructions (set Commands)
Command Comments
set ip next-hop ip-address
[. . . ip-address]
Next-hop addresses charge be in a affiliated subnet; assiduously to the
first abode in the account for which the associated interface is up.
set ip absence next-hop ip-address
[. . . ip-address]
Same argumentation as antecedent command, except action acquisition first
attempts to avenue based on the acquisition table.
set interface interface-type
interface-number [. . . interfacetype
interface-number]
Forwards packets application the aboriginal interface in the account that is up.
set absence interface interface-type
interface-number [. . . interfacetype
interface-number]
Same argumentation as antecedent command, except action acquisition first
attempts to avenue based on the acquisition table.
set ip antecedence cardinal | name Sets IP antecedence bits; can be decimal amount or ASCII name.
set ip tos [number] Sets absolute ToS byte; numeric amount is in decimal.
Policy
Routing
Enabled?
Match
1st
Clause?
Match
2nd
Clause?
Permit
or
Deny?
Yes
Yes
Yes
Yes
Permit
Deny
No No
No
Match
Last
Clause?
No
Route Based on
set Command
Destination Based
Routing (Normal)
176 Affiliate 6: IP Forwarding (Routing)
The aboriginal four set commands in Table 6-5 are the best important ones to consider. Essentially, you
set either the next-hop IP abode or the approachable interface. Use the approachable interface advantage only
when it is unambiguous—for instance, do not accredit to a LAN interface or multipoint Frame Relay
subinterface. Best importantly, agenda the behavior of the absence keyword in the set commands.
Use of the absence keyword about agency that action acquisition tries the absence (destination
based) acquisition first, and resorts to application the set command capacity alone back the router finds no
matching avenue in the acquisition table.
The actual set commands set the $.25 central the ToS byte of the packet; accredit to Affiliate 12,
“Classification and Marking,” for added advice about the ToS byte and QoS settings. Agenda that
you can accept assorted set commands in the aforementioned route-map clause. For instance, you may want
to ascertain the next-hop IP abode and mark the packet’s ToS at the aforementioned time.
Figure 6-7 shows a aberration on the aforementioned arrangement acclimated beforehand in this chapter. Router3 and Router4
are now at the aforementioned site, affiliated to the aforementioned LAN, and anniversary has PVCs abutting to Router1
and Router2.
Figure 6-7 Action Acquisition Archetype on Router3
Example 6-4 shows three abstracted action acquisition configurations on Router3. The first
configuration assiduously Telnet cartage over the PVC to Router2 (next hop 172.31.123.2). The next
configuration does the aforementioned thing, but this time application the set interface command. The final option
shows a nonworking case with Router3 allegorical its LAN interface as an approachable interface.
Example 6-4 Action Acquisition Archetype on Router3
! Below, Router3 is configured with three avenue maps, one of which is enabled on
! interface e0/0 with the ip action route-map to-R2-nexthop command. The two
! avenue maps that are not referenced in the ip action command are used
! after in the configuration.
Router3# sh run
! Lines bare for brevity
interface Ethernet0/0
mac-address 0200.3333.3333
ip abode 172.31.104.3 255.255.255.0
S0/0.134
S0/0.32
172.31.123.2
103.4
103.3
E0/0
Client 3 172.31.0.0, /24 Prefixes
GW is
103.3
DLCI 400
R3
R4
R1
R2
Telnet Server–
172.31.11.201
Policy Acquisition 177