Manipulate Traffic on Cisco Routers with Route-Map Commands

Route-maps allow to you deal with traffic on your router by policy rather than traditional means.

In this example, we will route traffic by source address, or who is sending the traffic, rather than by destination, or where the traffic is going. Typically routers just look at where traffic is headed, compare that destination to their routing table and send the packets on their way. To override basic routing on a Cisco router, a route-map configuration is required.

What are route-maps?
Essentially, Route-maps are like a scripting language for routers. They define traffic and then process it according to a defined list of statements almost like a miniature computer program.

Why would you want to route by source address?
Perhaps you have internet connections from two internet service providers along with IP addresses provided by both and you want to send traffic from the IP address that belongs to each ISP to the correct internet connection. Another application of router-maps would be to migrate traffic from one firewall to another in steps rather than all at once. However traffic can be identified by any attribute likewhere it is going or by the TCP/IP port it uses for other examples.

Understanding the Route-Map structure
Route-maps inherit their structure from if-then statements in programming. First, it creates a step (10 and 20 in this example), matches a criteria in each step and then performs an action.

route-map route-map-name permit 10
match criteria-1
set perform-action-1

route-map route-map-name permit 20
match criteria-2
set perform-action-2

Configuring the Route-Map for routing traffic by source
Step1: Define the traffic with an access-List
RouterA(config)#access-list 25 10.10.25.0 0.0.0.255

Step 2: Create a Route-Map with an action
RouterA(config)# route-map Traffic_to_ISP_A 10

RouterA(config-route-map)#match ip 25

RouterA(config-route-map)#set next hop 10.15.15.1

Step 3: Apply the Route-Map to the router interface that the traffic enters into
RouterA(config)#interface gig0/1
RouterA(config-int)#ip policy Traffic_to_ISP_A

Traffic from the 10.10.25.0 network will be forced to the router at 10.15.15.1 rather than looking at the routing table in the router.

Now that the traffic from that network is routed correctly by policy, perhaps you find one server within the 10.10.25.0 network that needs to be routed normally rather than being forced to a new network by the route-map. To have the server 10.10.25.10 bypass, just create a new route-map step.

Step1: Define the traffic with an access-List
RouterA(config)#access-list 26 10.10.25.10 0.0.0.0

Step 2: Create a preceeding route-map statement
RouterA(config)# route-map Traffic_to_ISP_A 5
RouterA(config-route-map)#match ip 26

The router process route-maps according to the numeric number at the end of the statement. In this case, the router will match the server address of 10.10.25.10 in process 5 and without an action, it will drop it from the route-map before moving to process 10.

With the flexibility of route-maps, traffic on Cisco routers can be manipulated in almost any way. For more information, visit Cisco's technical support page.