Uncategorized

Policy Based Routing

Policy Based Routing 150 150 tiptechnoloy_0sppo6

Policy based routing

This is more like a filter for networks. It has 3 basic steps

ACL to define interesting traffic
Routemap to refer to the ACL (If/Then statement)
Apply route Map to ingress interface

Normal traffic outward flow
R1 – R3 – R5 – R4 – R7
Return path
R7 – R4 – R5 – R3 – R1

Apply Route-Map on R4 to change the return Path
Return path

R7 – R4 – R3 – R1

R4# show access list

#access-list 100 permit ip host 7.7.7.7 any
#route-map PBR
#match IP address 100 // looking for Access list that matches acl 100. The “Match” is the “IF” portion
#set ip next-hop 10.34.0.3 //The “Set” is the “Then” portion
exit

//Please Note: If you do not specify a match statement, and only specify Set, it will match every other route to the PBR. If we dont set an alternative match statement, it will use the dedault route table.
//to check the route path

R7# traceroute 1.1.1.1
R7# traceroute 1.1.1.1 source 7.7.7.7

//to change the path, go to R4 ingress interface to apply the route map

R4# int se1/1.478
#ip policy route-map PBR

Verify the PBR you just applied

R4# sh ip policy
R4# Debug ip policy

// Lets go to R7
R7# traceroute 1.1.1.1
//Traffic flows normally as it is not coming from 7.7.7.7 but from 10.7.7.7
R7# traceroute 1.1.1.1 source 7.7.7.7
//Now you see the traffic path changes acording to PBR

Reference …From Keith Barker’s CBT.

Blog Post Title

Blog Post Title 150 150 tiptechnoloy_0sppo6

What goes into a blog post? Helpful, industry-specific content that: 1) gives readers a useful takeaway, and 2) shows you’re an industry expert.

Use your company’s blog posts to opine on current industry topics, humanize your company, and show how your products and services can help people.

TOP VULNERABILITY THIS WEEK – 08/02/2019

TOP VULNERABILITY THIS WEEK – 08/02/2019 150 150 tiptechnoloy_0sppo6

08/02/2019

TOP VULNERABILITY THIS WEEK: NetWire variants used in fake business spam campaign