Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2256
Views
0
Helpful
4
Replies

Policy routing with GRE tunnel

bclough
Level 1
Level 1

‎10-24-2006 09:43 AM - edited ‎03-05-2019 12:25 PM

I need to be able to implement policy routing on traffic as it exits a GRE tunnel interface. However, policy routing is applied as traffic enters the interface, I need to know when the policy routing is tested and how it is applied.

The possibilities I can imagine are:

1. The policy is applied while the packet is still GRE encapsulated, and the routes are applied based on the GRE addresses, which are stripped off and discarded.

2. The policy is applied while the packet is still GRE encapsulated, and the routes are applied based on the GRE addresses, but the policy gets applied to the internal packet after the GRE header is removed.

3. The GRE header is removed and then the policy is applied.

4. You can't policy route the internal traffic.

Any help would be appreciated.

Labels:
0 Helpful
4 Replies 4

brispin
Level 1
Level 1

‎10-30-2006 07:28 AM

Policy-based routing provides a tool for forwarding and routing data packets based on policies. In effect, it is a way to have the policy override routing protocol decisions. Policy-based routing includes a mechanism for selectively applying policies based on access list, packet size or other criteria. The actions taken can include routing packets on user-defined routes, setting the precedence, type of service bits, etc.

check out the following links for more information :

http://www.cisco.com/en/US/products/ps6599/products_white_paper09186a00800a4409.shtml

http://www.cisco.com/en/US/tech/tk543/tk545/technologies_tech_note09186a008017405e.shtml

0 Helpful

m-haddad
Level 5
Level 5

‎10-30-2006 09:20 AM

Hello,

If you apply the PBR on the incomming interface the traffic will be routed before being sent to the outgoing interface (GRE tunnel in your case).

In order to policy route the router's generated traffic you have to use the command

ip local-policy "policyname"

As for other traffic, try to match traffic using an ACL and then create a route-map for this ACL and policy base the traffic.

Try to police traffic as they arrive to the router i.e on the incomming interface of the router.

Hope my explanation did help,

Please rate if I was helpful,

Regards,

0 Helpful

bclough
Level 1
Level 1
In response to m-haddad

‎11-02-2006 06:54 AM

The problem I have is NOT implementing policy routing on an outgoing GRE tunnel.

Instead, I need to policy route traffic when the incoming interface on the router is the GRE tunnel and the incoming traffic is encapsulated in the GRE header.

I need to make policy decisions based on the original IP header which is hidden by the GRE tunnel.

Any help would be appreciated.

--Bruce

0 Helpful

iores
Level 3
Level 3
In response to bclough

‎07-29-2023 03:25 PM

@bclough Did you find any answers?

0 Helpful
Customers Also Viewed These Support Documents