Certifications / Cisco

Networking Basics: How to Configure Policy-Based Routing on Cisco Routers

by Team Nuggets
Networking Basics: How to Configure Policy-Based Routing on Cisco Routers picture: A
Follow us
Published on April 4, 2019

The Quick Definition: Policy-based routing (PBR) is a technique used to make routing decisions based on policies set by network administrators.

What is Policy Routing?

Networks have grown in complexity due to factors such as the cloud, mobility, and web-based applications. Not to mention, there's more video and voice data running on those same networks. As a result, there's an increased need to prioritize and segregate traffic on our networks.

Policy-based routing is a powerful feature that allows for nearly limitless customization in routing patterns. Essentially, the administrator identifies a type of traffic (web, VoIP, FTP, etc.) and then sets the predetermined routing pattern of that traffic.

Customization even extends into times of day, IP subnets, and every other possible variation, all achievable with the simple and easily adaptable process laid out here. Let's take a look at how we can configure policy-based routing on a Cisco router.

How to Route Fast and Slow Connections

For purposes of this example, we're going to establish a set of rules that route the IT department of our hypothetical organization to the fast connection while directing all other traffic to the slow connection.

The fast connection will be represented by serial 0/0, and the slow by serial 0/1. The IT department exists on VLAN 1,, and all other traffic on and all other subnets. The goal is to direct traffic from that first group to serial 0/0, and all others to serial 0/1 using policy-based routing.

How to Create the Access List

The first step in policy-based routing is to create an access list, which helps to filter traffic through your network.  In the router console, bring up the configuration with conf t, which will then prompt for configuration commands.

To create the access list for the example case, enter:

access-list 50 permit

The number, 50, immediately following the 'access-list' command tells us that this is a 'Standard' access list. The string after the permit identifies the source of the traffic. This access list will be the point of reference for the route map in determining the type of traffic set subject to the established routing protocols.

Starting the Route Map

Next, create the route map that will segregate the traffic. Enter the command route-map POLICY. In this case, the POLICY entry is simply naming this route map to reflect its purpose. We are going to call our Route Map "IT-Fast."

A route map is a series of if-then statements that request inputs and feed them to predetermined outputs. In the router console, these if-then commands are represented by match and set.

Configuring the Route Map

The match input is the if statement entry, and the first entry into the route map. Enter match ip address 50. This will set the input to the 10.1 subnets established in access list 50, identifying the IT department. The next command, set, establishes where that subgroup will be routed.

Ideally, the traffic will be routed to the IP address of the service provider's fast connection gateway. In this example we haven't established such a gateway's address, so instead will use the interface configuration.

So, immediately following the match ip address 50 command, which identifies the group to be routed, enter set interface serial 0/0. Now the traffic identified in the access list will be directed to serial 0/0, which was established earlier to represent the fast connection.

Router(config)# route-map IT-Fast Router(config-route-map)# match ip address 50 Router(config-route-map)# set interface serial0/0

Sequencing the Route Map

In the first route map sequence, we didn't establish a number, so it defaulted to 10. So, at the route-map POLICY prompt, enter "route-map IT-Fast 20" to indicate the next step of the route map. If traffic does not fall into the group matched by sequence 10, it will fall into sequence 20 looking for routing directions.

Router(config-route-map)# route-map IT-Fast 20

Directing Remaining Traffic

Because the only group with specialized routing instructions has already been accounted for, there's no need to establish a match statement for sequence 20. In the absence of that match statement, all traffic not routed in line with sequence 10 will be accounted for.

All that's left for this sequence is to enter set interface serial 0/1. Now, all other traffic will be routed to the 0/1 slow connection. If sequence 20 was not created, all other traffic would drop out of the routing policy parameters and return to the normal routing table.

Router(config-route-map)# route-map IT-Fast 20 Router(config-route-map)# set interface serial0/1

To check the route map, enter show route-map, which will bring up the sequences in effect. It should indicate that sequence 10 is matched to access list 50 and set to interface 0/0, and sequence 20 is matched to nothing (meaning it catches everything else) and set to interface 0/1.

Router# sh route-map

route-map IT-Fast, permit, sequence 10

  Match clauses:

ip address (access-lists): 50

 Set clauses:

interface Serial0/0

 Policy routing matches: 0 packets, 0 bytes

route-map it-fast, permit, sequence 20

 Match clauses:

 Set clauses:

interface Serial0/1

How to Apply the Route Map

The final step is to apply the new route map. For the purposes of the example, imagine that the traffic is entering FastEthernet 0/0. Enter the configuration for interface fa0/0. Apply the route-map, followed by ip policy route-map POLICY.

This directs the policy of that entry point to the newly created POLICY map, which is now in effect. Now, all traffic entering Fastethernet 0/0 will run through the sequences and be directed appropriately, and policy-based routing is in full effect.

Router(config)# interface fa0/0 Router(config-if)# ip policy route-map IT-Fast

CBT Nuggets Policy-Based Routing Courses

While we don't have a course that specifically addresses policy-based routing, our entry-level Cisco networking courses discussing the topic.

 CBT Nuggets trainer Jeremy Cioara explains policy-based routing more in-depth right here:


By submitting this form you agree to receive marketing emails from CBT Nuggets and that you have read, understood and are able to consent to our privacy policy.

Don't miss out!Get great content
delivered to your inbox.

By submitting this form you agree to receive marketing emails from CBT Nuggets and that you have read, understood and are able to consent to our privacy policy.

Recommended Articles

Get CBT Nuggets IT training news and resources

I have read and understood the privacy policy and am able to consent to it.

© 2024 CBT Nuggets. All rights reserved.Terms | Privacy Policy | Accessibility | Sitemap | 2850 Crescent Avenue, Eugene, OR 97408 | 541-284-5522