Policy-Based Routing

Policy-Based Routing (PBR) intercepts a packet after de-encapsulation (data link header and trailer discarded) on the incoming interface, before the router performs the CEF table look up. 

PBR chooses how to forward the packet by using matching logic defined through a route map, which in turns typically refers to an IP ACL.  When matched, the route map also defines the forwarding instructions, which may include the next-hop IP address or outgoing interface. 

To match packets, you have two options:

1. Use your stand match statement, match ip address.  This command can reference standard and extended ACLs.
2. Specify a range of lengths, in bytes, via the match length command.

Once you have matched a packet, you can use the set command to manipulate how to forward the packet.  With the set command, you can do the following:

• Forward to the first address in the list for which the associated interface is up, via the set ip next hop <ip address>
• Forward to the first address in the list for which the associated interface is up, except policy routing first attempts to route based on the routing table, via the set ip default next-hop <ip address>
• Forward packets using the first interface in the list that is up, via the set interface <interface-type interface-number>
• Forward packets using the first interface in the list that is up, except policy routing first attempts to route based on the routing table, via the set default interface <interface-type interface-number>

What the hell does the default do?! 
Well, this parameter tells IOS whether to apply PBR logic BEFORE trying to use normal destination-based routing, or whether to first try to use the normal destination-based routing, relying on PBR's logic only if the destination-based routing logic fails to match a nondefault route. 

For example, without the default parameter if client X is told to use router X as the next-hop, and router X is down, to try and use the normal destination-based IP routing process.  But if the default parameter is enabled, the router will try to route the packet as normal, but if no nondefault route matches the destination, the the router forwards the packet as directed in the set command.

Finally, once a route-map has been configured with all the clauses to match packets, the only remaining step requires the ip policy route-map <route-map name> command to enable PBR for packets entering an interface.

So far, it seems as the easiest way to make this make sense is to work Left->Right.  Imagine the packet entering the interface on which the policy based routing will be configured.  While PBR primarily routes packets recieved on an interface, there are additional PBR functions.

• Applying PBR to locally created packets:  Because you cannot implement the normal configuration, because the packet is not entering the device, you would use the ip local policy route-map <name> global command. 
• Setting IP Precedence: While this particular method of implementing QoS is outdated, you can use PBR to set older QoS marking field -- the IP Precedence (IPP) and the entire ToS byte. 
• PBR with IP SLA: If the IP SLA tool measures the network's current performance, and the performance does not meet the defined threshold, PBR chooses to not use a particular route.

IP Service-Level Agreement (SLA)
This feature measures the ongoing behavior of the network.  IP SLA tools, such as Cisco Works Internetwork Performance Monitor (IPM), can be used to monitor data to determine whether the business SLAs were met based on gathered statistics.  All othe SLA opertions rely on the router sending packets and some device sending packets back.  By configuring a pre-exhisting device as an IP SLA responder, it gives the network engineer a way to monitor network behavior without having to place devices around the network just to test the network.