This article explains how to implement Policy-Based Routing (PBR) on Dell Networking N-Series Switches. PBR is set of policies that are configured to route packets as opposed to the routes populated in the routing table by the enabled routing protocol
PBR is a set of rules that are applied to route packets according to organizational policies, which might deviate from the actual routing protocol routes
PBR is configurable only on VLAN interface, whereas ACL’s can be applied on VLAN, port-channel and physical interfaces
PBR should be applied only on the ingress VLAN interface
L3 capability should be enabled in the switch to perform PBR. This can be done by configuring ip address on the VLAN interface and entering the global configuration command "ip routing"
A PBR is applicable only if it contains at least one match and one set statement
PBR will not have an impact on locally generated traffic
If the next-hop ip declared in PBR is not reachable, routing-table is used to route the matched packets
Ipv6 match statement is not supported in PBR
To route packets from host 192.168.5.5 in VLAN 5 to 192.168.10.10 via VLAN 15 (next-hop 192.168.15.15), perform the following steps:
Enable L3 capability on the switch
Enter global configuration mode by entering: console#configure
Enable L3 mode by entering: console(config)#ip routing
Configure Access-Control List (ACL) to filter the network or host to be routed (only 192.168.5.5 traffic destined to 192.168.10.10).
Enter global configuration mode by entering: console#configure
Create either a permit or a deny filter statement by entering: console(config-ip-acl)#permit ip host 192.168.5.5 host 192.168.10.10
Configure PBR policy to achieve the requirement.
Enter global configuration mode by entering: console#configure
Create PBR by entering: console(config)#route-map POLICY_redirect
Enter the match statement to match the host or network from the declared ACL by entering: console(route-map)#match ip address allow_192.168.5.5
Enter the set statement, specifying the next hop ip, by entering: console(route-map)#set ip next-hop 192.168.15.15
Apply route-mapping on VLAN interface
Enter global configuration mode: console#configure
Enter the interface specific mode: console(config)#interface vlan 10
Apply the PBR policy to the outgoing VLAN interface: console(config-if-vlan100)#ip policy route-map POLICY_redirect
To view the route-map policies and statistics of number of packets the routing policy has redirected, enter the command: console#show route-map POLICY_redirect
Below is an example of what a normal Route-Map would look like:
Match clauses:
ip address (access-lists) : allow_192.168.5.5
Set clauses:
ip next-hop 192.168.15.15
Policy routed: 0 packets, 0 bytes