What is policy-based routing?
Policy-based routing (PBR) is a technique that forwards and routes data packets based on policies or filters. Network administrators can selectively apply policies based on specific parameters such as source and destination IP address, source or destination port, traffic type, protocols, access list, packet size, or other criteria and then route the packets on user-defined routes.
The goal of PBR is to make the network as agile as possible. By defining routing behavior based on application attributes, PBR provides flexible, granular traffic-handling capabilities for forwarding packets. In this way, PBR enables network administrators to achieve optimal bandwidth utilization for business-critical applications.
Problems Policy-Based Routing Addresses
Traditional routing systems route traffic based on the destination of the traffic. However, the relentless growth of cloud computing, mobility, and Web-based applications requires that the network know each application traffic type traversing the network. PBR handles each application type separately to effectively prioritize, segregate, and route traffic without compromising performance or availability.
Additionally, the complexity caused by voice, data, video, and applications running on the same network is making networks vulnerable to threats or rendering them unable to respond to threats. Today’s core business applications are heavily targeted by cyber-attackers using multifaceted attacks. PBR enables network administrators to classify the traffic based on applications and mark them for further analysis to provide greater visibility, enforcement, control, and protection to network security.
What Can You Do with Policy-Based Routing?
You can use PBR to:
- Prioritize applications by selecting high-bandwidth, low-latency links for important applications, when more than one link is available. For example, prioritize corporate data over a fast link and Internet browsing traffic over a slow link. (QoS)
- Load share by creating a fallback link for important traffic if the main link carrying the important application traffic suffers an outage.
- Segregate the traffic for deep inspection or analysis. The network administrator classifies application traffic that must go through a deep inspection and audit. Optionally, the network administrator can route this traffic to a different device.
- Control the flow of subscriber traffic in service provider networks through traffic management policies and rules based on subscribers’ profiles. For example, PBR can prioritize and route certain types of application traffic to a specific routing path as per SLA or by placing certain user requests higher than others (for example, gold, silver, bronze).
- Provide a guaranteed service-level agreement (SLA) for the delivery of the certain traffic (such as video traffic) by ensuring that the approved traffic receives the appropriate priority, routing, and bandwidth required to ensure the maximum user quality of experience.
- Send specific applications for WAN optimization. For instance, certain applications are optimized for transfer over WAN links. With PBR, the network administrator can classify the traffic based on applications, and send traffic to the WAN optimizer to speed up access to important applications and data.
Juniper Networks Implementation
Advanced policy-based routing (APBR) also known as application-based routing, a new addition to Juniper Networks suite, provides the ability to forward traffic based on applications. APBR is a type of session-based, application-aware routing which involves classifying a session based on applications and applying the configured rules to reroute the traffic. APBR uses the deep packet inspection (DPI) and pattern-matching capabilities of AppID to identify application traffic or a user session within an application to provide additional security.