İlke Tabanlı Yönlendirme
Embed This Widget
Add the script tag and a data attribute to embed this widget.
Embed via iframe for maximum compatibility.
<iframe src="https://ipfyi.com/iframe/glossary/policy-routing/" width="420" height="400" frameborder="0" style="border:0;border-radius:10px;max-width:100%" loading="lazy"></iframe>Paste this URL in WordPress, Medium, or any oEmbed-compatible platform.
https://ipfyi.com/glossary/policy-routing/Add a dynamic SVG badge to your README or docs.
[](https://ipfyi.com/glossary/policy-routing/)Use the native HTML custom element.
Tanım
Paketleri hedef adresin ötesindeki ölçütlere (kaynak IP, protokol veya port numarası gibi) göre ileten yönlendirme yöntemi. Trafik mühendisliği, yük paylaşımı ve belirli trafiği VPN tünelleri üzerinden yönlendirmek için kullanılır.
Overriding the Routing Table
Standard IP routing selects paths based purely on destination address and the best routing tableA data structure stored in a router that lists known network destinations and the next hop or interface for reaching each one. Routing tables are populated by static configuration or dynamic routing protocols like BGP and OSPF. entry. Policy-Based Routing (PBR) allows network administrators to override these decisions by matching packets on additional criteria — source address, TCP/UDP port, DSCP marking, packet length, or incoming interface — and forwarding them to a different next-hop than the routing table would normally choose.
Common Use Cases
PBR is heavily used for traffic engineering in multi-homed environments. For example, an organization with two ISP connections might route HTTP traffic through one provider (lower cost) and VoIP traffic through another (lower LatencyThe time delay for a data packet to travel from source to destination, typically measured in milliseconds (ms). Lower latency is critical for real-time applications like video calls, gaming, and financial trading.). Similarly, PBR can forward traffic from high-priority source subnets through premium MPLSMultiprotocol Label Switching. A routing technique that directs data using short path labels rather than long network addresses, enabling fast, predictable traffic engineering across service provider networks. links while routing bulk traffic through cheaper internet circuits. It is also used to redirect traffic to inline security appliances without changing the main routing topology.
Implementation Considerations
On Cisco IOS, PBR is implemented using route maps applied to incoming interfaces. On Linux, PBR uses ip rule and ip route with multiple routing tables (iproute2 framework). PBR adds per-packet decision overhead and can create asymmetric routing situations where forward and return paths differ — which breaks stateful FirewallA network security device or software that monitors and filters incoming and outgoing traffic based on predefined rules. Firewalls can block traffic by IP address, port number, protocol, or application-layer content. and NATNetwork Address Translation. A method of remapping private IP addresses to a single public IP address (and vice versa) at a router, allowing multiple devices to share one public IP. A key technique for mitigating IPv4 address exhaustion. tracking. Engineers must carefully map all traffic flows and consider return-path routing before deploying PBR in production. Open Port Checker