1/19/2018 IPv6 Policy Based Routing (PBR) - Cisco Support Community

Cisco Support English

Cisco Support Community

Register Login

Cisco Support Community /  Network Infrastructure /  Network Infrastructure Documents /  IPv6 Policy Based Routing (PBR)  Options

All community

 Search the Community

IPv6 Policy Based Routing (PBR)

IPv6 Integration and Tran…

09-17-2012 05:52 AM
ashirkar

Introduction
Prerequisite:
Policy Based routing packet forwarding overview
Background:
Topology Diagram:
Veri cation:
Veri cation Command:
Reference:

Introduction
 

Policy Based Routing (PBR) provides a exible means of routing packets by con guring de ned policy for tra c ows.
PBR gives more control over routing, for example in case of high-cost link; you can specify a path for certain tra c as
priority tra c. Normal routing is destination based but PBR gives you exibility in the terms of routing packets by
extending and complementing the existing mechanisms provided by routing protocols.

PBR routing can be based on

1) Source IPv6 address

2) Destination IPv6 address

3) Input interface

4) Protocols types (FTP, TFTP, http...Etc)

5) Port based (source and destination) or can be length of packets.

This document explains with an example how to do IPV6 policy routing to control tra c in internetwork.

Prerequisite:
Understanding of route-map

https://supportforums.cisco.com/t5/network-infrastructure-documents/ipv6-policy-based-routing-pbr/ta-p/3134085 1/8
1/19/2018 IPv6 Policy Based Routing (PBR) - Cisco Support Community

Understanding of IPv6 Addressing

Understanding of IPv6 Unicast Routing

Policy Based routing packet forwarding overview

 

A) Tra c criteria in PBR are de ned by route-map by using "match" statement.

  “route-map” is used to identify interesting tra c passing through or generated by router.

   It is similar like if.....then statement, if certain condition gets true then we does something.

1) Permit means packets are policy route.

2) Deny means packets needs to be normal route.

Example:

Match ipv6 address/prefix-list..           (Matching of IPV6 packet based on access-list or pre x-list)

Match length..                             (We can also match the based on its length in bytes)

B) Action is taken by route-map set statement.

Set ipv6 next-hop ..(global-ipv6 address)

Set interface …….. (Use only when you have point to point interface)

C) Apply this route-map to incoming interface

Ipv6 policy route-map (route-map-name)

D) (Optional) con gure local PBR; Packets generated by router are not policy routed. If you  want to policy route tra c
generated by router, you  must globally use the following command.

Ipv6 local policy route-map

E) CEF PBR for IPV6……No special con guration is required to enable cef PBR for IPv6 it will enable default once we
enable cef and PBR on the router.

Background:
 

In this network setup a policy route is con gured on R1 to control pre xes that exist on SW1 (i.e. vlan2 and vlan3).

https://supportforums.cisco.com/t5/network-infrastructure-documents/ipv6-policy-based-routing-pbr/ta-p/3134085 2/8
1/19/2018 IPv6 Policy Based Routing (PBR) - Cisco Support Community

We have 2 route-map instances.

1) In First instance match the packet from the VLAN2 of SW1 and set the next hop to be R2 global address 2222::2

2) In second instance match the packet from the VLAN3 of SW1 and set the next hop to be R3 global address 2222::3

Note: Rest of the tra c from SW1 will be normal routing

Topology Diagram:

Routing table of R1:

The routing table on R1 shows there are two paths for R1 to reach the pre x present on R4 end (2001::1, 2001::2).

R1#sh ipv6 route

IPv6 Routing Table - 12 entries

Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP

       U - Per-user Static route, M - MIPv6

       I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary

       O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2

       ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2

       D - EIGRP, EX - EIGRP external

O   2001::1/128 [110/74]

     via FE80::2, FastEthernet0/0

     via FE80::3, FastEthernet0/0

O   2001::2/128 [110/74]

     via FE80::2, FastEthernet0/0

     via FE80::3, FastEthernet0/0

O   2001::3/128 [110/74]

     via FE80::2, FastEthernet0/0

     via FE80::3, FastEthernet0/0

O   2012:0:0:1::/64 [110/11]

     via FE80::C204:12FF:FE48:0, FastEthernet0/1

https://supportforums.cisco.com/t5/network-infrastructure-documents/ipv6-policy-based-routing-pbr/ta-p/3134085 3/8
1/19/2018 IPv6 Policy Based Routing (PBR) - Cisco Support Community

O   2012:0:0:2::/64 [110/11]

     via FE80::C204:12FF:FE48:0, FastEthernet0/1

O   2012:0:0:3::/64 [110/11]

     via FE80::C204:12FF:FE48:0, FastEthernet0/1

O   2012:0:0:4::/64 [110/11]

     via FE80::C204:12FF:FE48:0, FastEthernet0/1

Traceroute from R1 (2222::1) to subnets of R4 (2001::1)

R1#traceroute 2001::1

Type escape sequence to abort.

Tracing the route to 2001::1

  1 2222::3 48 msec

    2222::2 36 msec

    2222::3 20 msec

  2 2001::1 48 msec 40 msec 72 msec

Policy based configuration on R1:

First  con gure ipv6 access-list to match ipv6 source subnets i.e vlan 2 and vlan 3, and then con gure route-map with 2
instances, where rst  will match vlan 2 tra c and send it to R2 and second matches vlan 3 tra c send to R3.Once you 
create route-map you  need to apply this to incoming interface, In our case it's  fa0/1.

R1(con g)#ipv6 access-list VLAN2_PBR

R1(con g-ipv6-acl)# permit ipv6 2012:0:0:1::/64 any

R1(con g-ipv6-acl)#ipv6 access-list VLAN3_PBR

R1(con g-ipv6-acl)# permit ipv6 2012:0:0:2::/64 any

R1(con g-ipv6-acl)#exit

R1(con g)#

R1(con g)#

R1(con g)#route-map IPV6_PBR permit 10

R1(con g-route-map)# match ipv6 address VLAN2_PBR

R1(con g-route-map)# set ipv6 next-hop 2222::2

R1(con g-route-map)#route-map IPV6_PBR permit 20

R1(con g-route-map)# match ipv6 address VLAN3_PBR

R1(con g-route-map)# set ipv6 next-hop 2222::3

R1(con g-route-map)#exit

R1(con g)#

R1(con g)#

https://supportforums.cisco.com/t5/network-infrastructure-documents/ipv6-policy-based-routing-pbr/ta-p/3134085 4/8
1/19/2018 IPv6 Policy Based Routing (PBR) - Cisco Support Community

R1(con g)#int fa0/1

R1(con g-if)#ipv6 policy route-map IPV6_PBR

R1(con g-if)#

Veri cation:
 

To test new policy, issue extended traceroute commands on SW1 for VLAN2 having source address 2012:0:0:1::1 and
destination address as 2001::1 (which is the subnet present on R router 4 (). The below output shows tra c passing
through R2 (2222::2)

Similarly, issue extended traceroute commands on SW1 for VLAN3 having source address 2012:0:0:2::1and destination
address as 2001::1 (which is the subnet present  on R router 4. The below output shows tra c passing through R3
(2222::3)

Veri cation Command:

 

R1#sh ipv6 access-list

IPv6 access list VLAN2_PBR

    permit ipv6 host 2012:0:0:1::/64 any (27 matches) sequence 10

IPv6 access list VLAN3_PBR

    permit ipv6 2012:0:0:2::/64 any (9 matches) sequence 10

R1#sh route-map

route-map IPV6_PBR, permit, sequence 10

  Match clauses:

     ipv6 address VLAN2_PBR

  Set clauses:

     ipv6 next-hop 2222::2

  Policy routing matches: 153 packets, 7604 bytes

route-map IPV6_PBR, permit, sequence 20

https://supportforums.cisco.com/t5/network-infrastructure-documents/ipv6-policy-based-routing-pbr/ta-p/3134085 5/8
1/19/2018 IPv6 Policy Based Routing (PBR) - Cisco Support Community

  Match clauses:

     ipv6 address VLAN3_PBR

  Set clauses:

     ipv6 next-hop 2222::3

  Policy routing matches: 72 packets, 3456 bytes

R1#

Reference:
Understanding Policy Routing

Policy-Based Routing through IPv6 Con guration Example

IP Version 6 (IPv6) Support Page

Tags: based ipv6 pbr policy policy_based_routing routing

 15 Helpful

Share

COMMENTS

09-29-2012 02:38 AM
fm network New Member

Good Explanation

10-06-2012 01:56 A
ashirkar Gold

Hello,

Thanks for your feedback

Regards,

Ashish Shirkar

10-14-2012 05:55 AM
akshay_w24 New Member

Excellent............

https://supportforums.cisco.com/t5/network-infrastructure-documents/ipv6-policy-based-routing-pbr/ta-p/3134085 6/8
1/19/2018 IPv6 Policy Based Routing (PBR) - Cisco Support Community

11-04-2012 11:44 PM
SunilKhanna Silver

Nice Document Ashish. An Older version is also available at

Policy-Based Routing through IPv6 Con guration Example

http://www.cisco.com/en/US/tech/tk872/technologies_con guration_example09186a0080b5e90e.shtml

Gold
11-07-2012 05:09 A
ashirkar

Dear Sunil,

Thank you for your positive feedback.

Keep on sharing your views and knowledge on community.

Regards,

Ashish Shirkar

Technical community manager (Network Infrastructure)

Top Tags VIEW ALL

troubleshoot catalyst_6500 con guration error_message catalyst_6000 ios catalyst_4500 faq catalyst_3750 ospf

ip_routing catalyst_4000 vlan cat_os bgp routing ipv6 catos router supervisor catalyst_3550 memory_issues

connectivity_issues design port_issues nat eigrp catalyst_2950 catalyst_3560 upgrade

 3709  15
VIEWS HELPFUL

 5
COMMENTS

Recommended

 IPv6 - Frequently Asked Questions (FAQ)   Sivagami Narayanan

 is using PBR/policy based xthuijs

 Con guration Example : Site-to-Site VP...    ashirkar

 IPv6 - InterVlan Routing   SunilKhanna

https://supportforums.cisco.com/t5/network-infrastructure-documents/ipv6-policy-based-routing-pbr/ta-p/3134085 7/8
1/19/2018 IPv6 Policy Based Routing (PBR) - Cisco Support Community

 IPv6 RA Guard   ashirkar

 Top

     

Facebook
Twitter
+
Google
YouTube
LinkedIn
Instagram
Contacts Privacy Statement
Feedback Cookie Policy 
Site Map Trademarks
Terms & Conditions Help

https://supportforums.cisco.com/t5/network-infrastructure-documents/ipv6-policy-based-routing-pbr/ta-p/3134085 8/8