Home > Policy Based Routing Lab

Policy Based Routing Lab

March 24th, 2014 Go to comments

In this lab we will learn how to use Policy Based Routing to send traffic via the route we want.


IOS used: c3640-jk9s-mz.124-16.bin

+ Enable OSPF on all interfaces of R2, R3, R4, R5 using only one command on each router.
+ Create Policy Based Routing on R2 so that traffic from R1 to the Loopback interface of R5 ( must go through R3 (the less optimal path).

You can download the Initial Config Lab here: http://www.digitaltut.com/download/Policy_Based_Routing_Lab_Initial.zip.

Initial Config

In the initial config we will configure IP addresses on all interfaces and run OSPF on R2, R3, R4, R5. For R1 we only need a default route to R2.

interface FastEthernet0/0
  ip address
  no shut
ip route
interface FastEthernet0/0
  ip address
  no shut
interface FastEthernet1/0
  ip address
  no shut
interface Serial2/0
  ip address
  no shut
router ospf 1
  network area 0
interface Serial0/0
  ip address
  no shut
interface FastEthernet1/0
  ip address
  no shut
router ospf 1
  network area 0
interface FastEthernet0/0
  ip address
  no shut
interface FastEthernet1/0
  ip address
  no shut
router ospf 1
  network area 0
interface Loopback0
  ip address
interface FastEthernet0/0
  ip address
  no shut
interface FastEthernet1/0
  ip address
  no shut
router ospf 1
  network area 0

FastEthernet link has higher bandwidth (lower cost) than Serial link so traffic from R1 to R5 will surely go through R4 to R5:


Now we will create a Policy Based Routing on R2 so that all traffic destined for (R5 Loopback0) goes through R3:

access-list 100 permit ip any host
route-map OUT_R5 permit 10
  match ip address 100
  set ip next-hop
//Apply this route-map to Fa0/0
interface FastEthernet0/0
  ip policy route-map OUT_R5

The traffic now goes through R3:


We can turn on “debug ip policy” on R2 to have a closer look at the policy match. We should also disable CEF routing so that you can see the detailed match (use “no ip cef” command in global config mode)


Verify the traffic has been matched with the access list:

And that is all of Policy Based Routing on this lab. But what will happen to traffic that is not matched with the access-list? Will they be dropped? We will test this by replacing our access-list with an unmatched traffic like TCP.

no access-list 100
access-list 100 permit tcp any host

Notice that traceroute sends UDP traffic so it will not match with the above access-list.


We see the unmatched traffic is not dropped, it is routed through the normal destination-based routing process.

Other notice that I want to say is normal Policy Based Routing is only applied for traffic transiting to it. It cannot match traffic originating from R2 itself. For example traceroute from R2 still goes through R4:


Luckily we can also match traffic originating from R2 with the Local Policy Based Routing by adding this command in global configuration mode (not interface mode):

R2(config)#ip local policy route-map OUT_R5

Now both traffic from R1 and R2 go through R3


You can download the final configuration of this lab here: http://www.digitaltut.com/download/Policy_Based_Routing_Lab_Final.zip.

  1. Rocky
    February 9th, 2017

    Hi, can someone advise how to run these labs under GNS3? Which GNS3 version?

  2. shalev
    May 7th, 2017

    it can’t run in packet tracer? if it can, which version?

  3. IntroVoys
    June 3rd, 2017

    Is this lab is also part of the exam?

  4. K
    July 3rd, 2017
  5. Rizwan
    March 2nd, 2018

    how to open this zip file in gns3?

  6. Jirehnetworker
    March 4th, 2018

    I also have problem with the gns3… any kind people have cisco packet tracer?

  7. Sjaak
    March 23rd, 2018
  8. tkasali
    May 21st, 2018

    Hello to all,
    Can you please send me the latest dumps for ccnp route?

    Email :kasali_temitayo @ yahoo.com

  9. Pass4Sure
    June 6th, 2018

    latest dumps.
    100% Guaranteed VALID passing Material

    CCNA 200-125 LAtest Dumps
    CCNP ROUTE 300-101 Latest Dumps
    CCNP SWITCH 300-115 LAtest Dumps
    CCNP TSHOOT 300-135 LAtest Dumps
    CCIE R&S 400-101 LAtest Dumps


    Call 24/7 for instant help
    001 (347) 696-4896

  10. Anonymous
    July 10th, 2018

    Very nice lab

  11. DA
    December 19th, 2018

    Hi all,

    Can you please send me the lastest dumps for ccnp route? Thanks so much and appreciate
    My email: {email not allowed}

  12. binod
    September 22nd, 2019

    Thank you so much for this very concise explanation, really appreciated your effort.

  1. No trackbacks yet.