Using IP Policy Routing
Traditionally, routing is based on the destination address only and the router takes the shortest path to forward a packet. IP Policy Routing (IPPR) provides a mechanism to override the default routing behavior and alter the packet forwarding based on the policy defined by the network administrator. Policy-based routing is applied to incoming packets on a per interface basis, prior to the normal routing. Network administrators can use IPPR to distribute traffic among multiple paths.For example, if a network has both the Internet and remote node connections, we can route the Web packets to the Internet using one policy and route the FTP packets to the remote LAN using another policy. See the figure below.
Use IPPR to distribute traffic among multiple paths
Source-Based Routing - Network administrators can use policy-based routing to direct traffic from different users through different connections.
Quality of Service (QoS)- Organizations can differentiate traffic by setting the precedence or TOS (Type of Service) values in the IP header at the periphery of the network to enable the backbone to prioritize traffic.
Cost Savings- IPPR allows organizations to distribute interactive traffic on high-bandwidth, high-cost path while using low-path for batch traffic.
Load Sharing- Network administrators can use IPPR to distribute traffic among
multiple paths.
A policy defines the matching criteria and the action to take when a packet meets the criteria. The action is taken only when all the criteria are met. The criteria include the source address and port, IP protocol (ICMP, UDP, TCP,etc), destination address and port, TOS and precedence (fields in the IP header) and length. The inclusion of length criterion is to differentiate between interactive and bulk traffic. Interactive applications, e.g., Telnet, tend to have short packets, while bulk traffic, e.g., file transfer, tends to have large packets.
The actions that can be taken include routing the packet to a different gateway (and
hence the outgoing interface) and the TOS and precedence fields in the IP header. IPPR
follows the existing packet filtering facility of ZyNOS in style and in implementation.
The policies are divided into sets, where related policies are grouped together. A use
defines the policies before applying them to an interface or a remote node, in the same
fashion as the filters. There are 12 policy sets with 6 policies in each set.
1. Create a routing policy set in menu 25
Menu 25 - IP Routing Policy Setup
Policy
Policy Enter Policy Set Number to Configure= 1 Edit Name= policy1
Press ENTER to Confirm or ESC to Cancel: |
2. Edit a rule or more for this set in menu 25.1.1. See an example below.
Menu 25.1.1 - IP Routing Policy
Policy Set Name= First
Press ENTER to Confirm or ESC to Cancel |
This policy example forces the Web packets originated from the clients with IP addresses from 192.168.1.2 to 192.168.1.20 be routed to the remote LAN via the gateway 192.168.1.254.
3. A summary for this set is shown in menu 25.1.
Menu 25.1 - IP Routing Policy Setup #
A
Criteria/Action
Enter Policy Rule Number (1-6) to Configure: |
4. There are two interfaces to apply the policy set, they are the LAN interface (menu
3.2) and WAN interface (menu 11.3). It depends where the gateway specified in the policy
rule is located. If the gateway you specified is located on the local LAN you apply the
policy set in menu 3.2 (LAN interface). If the gateway you specified is located on the
remote WAN site you apply the policy set in menu 11.3 (WAN interface).
|
Menu 11.3 - Remote Node Network Layer Options IP
Options:
Bridge Options: Enter here to CONFIRM or ESC to CANCEL: |
All contents copyright © 2004 ZyXEL Communications Corporation.