Policy routing

Routers generally forward packets to the destination addresses based on the information available in their routing tables. With policy routing, you can make routing decisions based on the policies configured by the administrator.

You can selectively forward the packets based on different criteria such as source network, destination network, services and so on. If the packet matches the criteria defined in the policy routing then the packet will be forwarded to the gateway configured in the policy.

Firewall rule can still override policy route decision, if primary and/or backup gateway is configured.

Benefits of policy routing include:
  • Packets originating from different source networks and having same destination can be routed to different networks.
  • You can distribute traffic requiring high bandwidth to use different internet connection.
  • You can implement policies to achieve failover/failback. For example: If you have two links MPLS and VPN link and if MPLS link fails then you can route your traffic that matches the policy to VPN link. When the MPLS link comes up, then traffic can be failed back to MPLS link.
    Note When device firmware is upgraded to SF-OS v16, source routes will be migrated as policy routes.