Classification and Marking Tools 201

based on the contents of packet headers and marks QoS fields based on those classifications. Dial peers provide very different classification options, so fewer direct comparisons can be drawn.

Refer to Table 3-17 for a complete list of classification and marking fields used by CAR.

Policy-Based Routing (PBR)

PBR enables you to route a packet based on other information, in addition to the destination IP address. In most cases, engineers are happy with the choices of routes made by the routing protocol, with routing occurring based on the destination IP address in each packet. For some specialized cases, however, an engineer may want some packets to take a different path. One path through the network may be more secure, for instance, so some packets could be directed through a longer, but more secure, path. Some packets that can tolerate high latency may be routed through a path that uses satellite links, saving bandwidth on the lower-latency terrestrial circuits for delay-sensitive traffic. Regardless of the reasons, PBR can classify packets and choose a different route. Figure 3-17 shows a simple example, where FTP traffic is directed over the longer path in the network.

Figure 3-17 PBR: FTP Traffic Routed over Longer Path

R4 R5 R6

FTP Sent This Way Using PBR

PBR supports packet marking and policy routing. As you learned in previous sections, CAR supports marking because CAR’s main feature, policing, benefits from having the marking feature available as well. Similarly, PBR includes a marking feature, because in some cases, PBR is used to pick a different route for QoS reasons—for instance, to affect the latency of a packet. So, PBR’s core function can benefit from marking a packet, so that the appropriate QoS action can be taken as the packet traverses the network. Just as with CAR, you can use PBR’s marking feature without actually using its core feature. In other words, you can use PBR just

202 Chapter 3: Classification and Marking

for classification and marking, without choosing a different route. The examples in this chapter focus only on PBR as a marking tool.

Unlike CB marking and CAR, PBR only processes packets entering an interface; you cannot enable it for packets exiting an interface. The reason PBR only processes incoming packets relates to its core function: policy routing. PBR needs to process packets before a routing decision has been made. Therefore, PBR processes packets entering an interface, preempting the normal routing logic based on destination IP address.

Finally, one other difference between PBR and the other classification and marking tools covered so far (CB marking and CAR) is that PBR can classify based on routing information, instead of totally relying on information in the frame or packet header. PBR can look up the entry in the routing table that matches a packet’s destination address, for instance, and then classify based on information about that route. For example, the metric associated with that route, the source of the routing information, or the next-hop interface associated with the route can be checked. In most cases, this routing information does not help you with differentiating between different types of traffic. An FTP server, an IP Phone, a video server, and some web servers may all be in the same subnet, for instance, but the routing information about that subnet could not help PBR distinguish between those different types of traffic. Therefore, typically the most useful classification feature of PBR, when used for marking, is just to refer to an IP ACL.

PBR configuration uses yet another totally different set of configuration commands as compared to CB marking and CAR. PBR does separate the classification, marking, and enabling features into different commands. Tables 3-14 and 3-15 list the pertinent PBR configuration and exec commands, respectively. Following the tables, two example PBR configurations are shown. The two examples use the same criteria as the two CAR samples.

Table 3-14 Configuration Command Reference for PBR

206 Chapter 3: Classification and Marking

Example 3-8 PBR Marking Sample 2: VoIP, NetMeeting Audio/Video, HTTP URLs, and Everything Else

ip route-cache policy

!

ip access-list extended VoIP-ACL

permit udp any range 16384 32768 any range 16384 32768

!

ip access-list extended NetMeet-ACL

permit udp host 192.168.1.100 range 16384 32768 192.168.3.0 0.0.0.255 range 16384 32768

!

!

ip access-list extended http-acl permit tcp any eq www any permit tcp any any eq www

!

interface fastethernet 0/0

ip policy route-map voip-routemap

!

route-map voip-routemap permit 10 match ip-address NetMeet-ACL

set ip precedence 4

!

route-map voip-routemap permit 20 match ip-address VoIP-ACL

set ip precedence 5

!

route-map voip-routemap permit 30 match ip-address http-acl

set ip precedence 2

!

route-map voip-routemap permit 40 set ip precedence 0

R3#show route-map

route-map voip-routemap, permit, sequence 10 Match clauses:

ip address (access-lists): NetMeet-ACL Set clauses:

ip precedence flash-override

Policy routing matches: 3 packets, 222 bytes route-map voip-routemap, permit, sequence 20

Match clauses:

ip address (access-lists): VoIP-ACL Set clauses:

ip precedence critical

Policy routing matches: 14501 packets, 1080266 bytes