Policy routing is a major topic on your BSCI exam, and you’ll find quite a bit of policy routing going on in today’s production networks. But what exactly is policy routing?\nPolicy-based routing, generally referred to as “policy routing”, is the use of route maps to determine the path a packet will take to get to its final destination. As you progress through your CCNP studies and go on to the CCIE (or to a Cisco Quality Of Service certification), you’ll find that traffic can be “marked” by policy routing in order to give different levels of service to various classes of traffic. (This is done by marking the traffic and placing the different classes of traffic in different queues in the router, allowing the administrator to give some traffic higher priority for transmission.)\nThere are some basic policy routing rules you should know:\nPolicy routing doesn’t affect the destination of the packet, but does affect the path that is taken to get there.\nPolicy routing can forward traffic based on the source IP address or the destination IP address (with the use of an extended ACL).\nPolicy routing can be configured at the interface level, or globally.\nApplying policy routing on an interface affects only packets arriving on that interface:\nR2(config)#int s0\nR2(config-if)#ip policy route-map CHANGE_NEXT_HOP\nApplying the policy globally applies the route map to packets generated on the router, not on all packets received on all interfaces.\nWhether you’re running policy routing at the interface level, on packets created locally, or both, always run the command show ip policy to make sure you’ve got the right route maps on the proper interfaces.\nR2#show ip policy\nInterface Route map\nlocal CHANGE_NEXT_HOP\nSerial0 CHANGE_NEXT_HOP\nAnd here’s the big rule to remember….\nIf a packet doesn’t match any of the specific criteria in a route map, or does match a line that has an explicit deny statement, the data is sent to the routing process and will be processed normally. If you don’t want to route packets that do not meet any route map criteria, the set command must be used to send those packets to the null0 interface. This set command should be the final set command in the route map.\nThere are four possibilities for an incoming packet when route maps are in use. The following example illustrates all of them.\nR2(config)#access-list 29 permit host 188.8.131.52\nR2(config)#access-list 30 permit host 184.108.40.206\nR2(config)#access-list 31 permit host 220.127.116.11\nR2(config)#access-list 32 permit host 18.104.22.168\nR2(config)#route-map EXAMPLE permit 10\nR2(config-route-map)#match ip address 29\nR2(config-route-map)#set ip next-hop 22.214.171.124\nR2(config-route-map)#route-map EXAMPLE permit 20\nR2(config-route-map)#match ip address 30\nAssuming the route map has been applied to the router’s ethernet0 interface, a packet sourced from 126.96.36.199 would meet the first line of the route map and have its next-hop IP address set to 188.8.131.52.\nA packet sourced from 184.108.40.206 would match the next permit statement (sequence number 20). Since there is no action listed, this packet would return to the routing engine to undergo the normal routing procedure. All traffic that did not match these two addresses would also be routed normally – there would be no action taken by the route map.\nPerhaps we want to specifically block traffic sourced from 220.127.116.11 or 18.104.22.168. We can use multiple match statements in one single route map, and have packets matching those two addresses sent to the bit bucket – the interface null0.\nR2(config)#route-map EXAMPLE permit 30\nR2(config-route-map)#match ip address 31\nR2(config-route-map)#match ip address 32\nR2(config-route-map)#set ?\nas-path Prepend string for a BGP AS-path attribute\nautomatic-tag Automatically compute TAG value\ncomm-list set BGP community list (for deletion)\ncommunity BGP community attribute\ndampening Set BGP route flap dampening parameters\ndefault Set default information\nextcommunity BGP extended community attribute\ninterface Output interface\nip IP specific information\nlevel Where to import route\nlocal-preference BGP local preference path attribute\nmetric Metric value for destination routing protocol\nmetric-type Type of metric for destination routing protocol\norigin BGP origin code\ntag Tag value for destination routing protocol\nweight BGP weight for routing table\nR2(config-route-map)#set interface null0\nAny traffic matching ACLs 31 or 32 will be sent to null0, resulting in its being discarded by the router. Any traffic that didn’t match any of the route map statements will be returned to the routing engine for normal processing.\nKnowing policy routing and how to apply it are essential skills for passing the BSCI exam, earning your CCNP, and becoming more valuable in today’s job market. Get some hands-on practice in a CCNA \/ CCNP home lab or rack rental to go along with learning the theory, and you’ll be writing and applying policy routing in no time at all.