Hi Balaji,

yes that's correct, PBR in every 9300 Switch. The 9300 will be the core of the network and the intention is to put the traffic TCP to flow in one direction and UDP to flow in another but if one of the links fail the traffic needs to be re routed by OSPF.

What would you please recommend?

Thank you

as per the diagram the switches are daisy chained loop, if the loop breaks there is only one path in the network right ?

Yes that's correct, if it breaks all the traffic will have to flow one way.

Example in the image attached 

Thank you

Hello

what you are asking isn’t optimal- you need to think about traffic originating from each device So even if all those devices are performing routing then it makes no sense for traffic originating from sw/rtr 2 via route sw/rtr  3 -4-5-etc to reach sw/rtr1  also you would incur blacking holing if you using PBR on each device as it would only take one device to fail and the other would have now way of being notified about the failure and continue to policy route the wrong way.

if you are set on doing this path manipulation at L3 then using a routing process would be more  appropriate. 

And if they are not all routing then PBR isn’t even applicable as then you would need to manipulate via L2 spanning-tree 

as mentioned earlier, deploying PBR in each device not a good solution here.. never seen this kind of requirement, we do see traffic engineering in the path.

@simoesmarco8626982 just out of curiosity, do you know why the requirement for UDP and TCP to take different paths?

Reason I ask, I've sometimes seen this requirement to "guarantee" bandwidth for a particular class of traffic (which often fails when one path is broken and all traffic must go across the remaining path).

If such a requirement, if might be better addressed using QoS features to "guarantee" bandwidth (which might be less complex than PBR, and also might do better in a failure of one path situation).

Hi Joseph,

Basically, the traffic in this network will be mainly exclusively UDP video traffic, and the objective would be to send all the video traffic one way while freeing the TCP traffic requests, like file transfers to backup footage, etc to be able to have the full speed of the link without sharing it with the UDP video traffic. This was the reason behind PBR 

I have applied QoS but the consultant was not happy with only that and wanted a system like the above to have always full speed

". . . to be able to have the full speed of the link without sharing it with the UDP video traffic. This was the reason behind PBR"

Well that's certainly true.  However, you still have the competition issue if one path fails and with two paths active, you might have more overall bandwidth available for both traffic types.  Regardless, using QoS to guarantee bandwidth allowance if one path fails, might still be worth considering.

Also, if using both paths, ideally something like Cisco's PfR can dynamically load balance and also take into consideration QoS needs, but your equipment might not support that feature.

I agree with other responses that this requirement results in a sub-optimal implementation. And I hope that the consultant can be convinced that there are better options. But the original question asks a valid question about implementing PBR when there are multiple routers involved. And the answer is that if you are implementing PBR to achieve some result and there are multiple L3 devices along the path then PBR must be implemented on EVERY one of the devices. (and should be implemented not only on the device to device interfaces, but should be implemented on the interfaces where traffic enters the network.)

Hi Richard, he was convinced but he told me he would do labs to try to put this to work somehow, he won't be able to as we know but he needs to reach that conclusion himself. 

I had applied PBR in every single interface and router where traffic was entering and It took me some time to check everything and program everything accordingly. But after programming, I started looking and thinking that this would never work as intended in case a link fails (that's when I asked the question in the forum). In the end all my work and time spent went down the drain but well learned something out of it 

Glad that you can look at this from the perspective that it turned out to be a good learning experience. I believe that frequently I learn more when I work on something that does not work than I do from working on something that does work. So when something does not work it is not necessarily a bad thing.

Thank you Joseph, I'm going to have a look at PfR, not for this implementation since the equipment and licenses don't support it but for some time in the future.